npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@lockit/server

v0.1.2

Published

Ciphertext-only local relay for lockit end-to-end shares.

Readme

@lockit/server

Ciphertext-only relay for interim end-to-end secret sharing.

This is intentionally small infrastructure. It accepts encrypted share artifacts from lockit share, stores them by recipient identity id, and returns them to lockit receive. It never receives a passphrase, private key, DEK, seed, or plaintext secret value.

It also provides a tiny public username registry:

@username -> recipient identity id + public encryption/signing keys

Usernames are globally unique after lowercase normalization. First claim wins; there is no password login and no account recovery in this interim relay.

Run Locally

pnpm --filter @lockit/server build
pnpm --filter @lockit/server start

By default it listens on 127.0.0.1:8787 and stores messages/usernames in memory.

lockit identity register bob --relay http://127.0.0.1:8787
lockit share openai/dev --to @bob --relay http://127.0.0.1:8787
lockit receive --relay http://127.0.0.1:8787

Public Interim Deployment

For Railway, Fly.io, Render, or any simple Node host:

  • Build: pnpm --filter @lockit/server build
  • Start: pnpm --filter @lockit/server start
  • Runtime env:
    • PORT is honored automatically.
    • HOST defaults to 0.0.0.0 when PORT is set, otherwise 127.0.0.1.
    • DATABASE_URL enables Postgres-backed persistence and username uniqueness.
    • LOCKIT_RELAY_DATA_PATH enables file-backed persistence when Postgres is not used.

Example:

PORT=8787 HOST=0.0.0.0 DATABASE_URL=postgres://... pnpm --filter @lockit/server start

On Railway, attach a Postgres database to the service and Railway will provide DATABASE_URL. The relay creates these tables automatically:

lockit_relay_users
lockit_relay_messages

If neither DATABASE_URL nor LOCKIT_RELAY_DATA_PATH is set, the relay is memory-only and messages/usernames disappear on restart or redeploy. A mounted volume is acceptable for a single-process dev relay, but Postgres is the better public default because the database enforces unique usernames and identity ids.

Honest Limits

The relay cannot decrypt secret values, but it is public metadata infrastructure: it can see usernames, public identity keys, recipient identity ids, message sizes, timestamps, and sender/recipient graph shape. Anyone who can reach a public unauthenticated relay can claim unused usernames and submit ciphertext messages, so this is a temporary convenience relay, not the full team server with auth, Key Transparency, OPAQUE login, quotas, or abuse controls.