npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@m1z23r/flags

v1.0.1

Published

CLI tool for flags.dimitrije.dev encrypted environment variable sharing

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

m1z23rm1z23r

Keywords

envenvironmentsecretsencryptionfeature-flagscli

Readme

@m1z23r/flags

CLI tool for flags.dimitrije.dev encrypted environment variable sharing.

Installation

npm install -g @m1z23r/flags

Prerequisites

  1. An account on flags.dimitrije.dev
  2. An SSH key (ed25519 or RSA) for encryption/decryption

Usage

Login

Authenticate with your Flags account:

# Browser-based login (recommended)
flags login

# This will:
# 1. Open your browser to authorize the CLI
# 2. Prompt you to add your SSH public key
# 3. Complete authentication automatically

Options:

  • --ssh - Use SSH key-based authentication (requires pre-registered key)
  • --no-browser - Don't open browser automatically, just show the URL
  • -p, --port <port> - Specify callback server port (default: 9876)
  • -u, --api-url <url> - Custom API URL (default: https://flags.dimitrije.dev)
  • -e, --email <email> - Email address (for SSH auth only)

SSH Keys

Manage your SSH keys:

# List your SSH keys
flags keys list
flags keys ls

# Add a new SSH key
flags keys add                          # Interactive mode
flags keys add ~/.ssh/id_ed25519.pub    # From file

# Remove an SSH key
flags keys remove
flags keys rm

Initialize Project

Set up the project configuration:

flags init

This creates a .flagsrc.json file in your project root.

Push Encrypted Env

Push an encrypted .env file to the server:

# Push with a key name
flags push production .env

# Push a specific file
flags push staging .env.staging

# Force overwrite without confirmation
flags push production -f

Pull Encrypted Env

Pull and decrypt an env file from the server:

# Pull by key name
flags pull production

# Pull a specific version
flags pull production 2

# Pull to a different output path
flags pull production -o .env.local

# Overwrite without prompting
flags pull production -f

List Available Envs

List all encrypted env files for the project:

# List all secrets
flags list
flags ls

# List versions of a specific secret
flags list production --versions
flags ls production -v

Delete a Secret

Delete an encrypted env:

flags delete

Logout

Clear stored credentials:

flags logout

How It Works

  1. Authentication: Browser-based OAuth with your Flags account, or SSH key challenge-response
  2. Encryption: Files are encrypted with AES-256-GCM
  3. Key Wrapping: The symmetric key is encrypted for each team member's SSH public key
  4. Server Storage: The server only stores encrypted data - it never sees the plaintext

Configuration Files

~/.config/flags-cli/credentials.json

Stores your authentication tokens (encrypted).

.flagsrc.json

Project-level configuration:

{
  "teamId": "uuid",
  "appId": "uuid"
}

Security

  • The server never sees your plaintext env files
  • Encryption uses AES-256-GCM with a random 256-bit key
  • Each push generates a new symmetric key
  • The symmetric key is encrypted for each team member's SSH public key
  • Only team members with registered SSH keys can decrypt the files