npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@quantiya/codevibe-core

v1.0.2

Published

Core library for CodeVibe plugins - shared keychain, crypto, AppSync, and auth functionality

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

hendryyehhendryyeh

Keywords

codevibequantiyaclaudecodexgeminiaicodingencryption

Readme

@quantiya/codevibe-core

Core library for CodeVibe plugins - shared keychain, crypto, AppSync, and authentication functionality.

Installation

npm install @quantiya/codevibe-core

Features

  • Keychain Management - Secure storage for device keys and OAuth tokens using native keychain (macOS Keychain, Linux libsecret, Windows Credential Manager)
  • Cryptographic Services - E2E encryption using ECDH P-256 and AES-256-GCM
  • AppSync Client - GraphQL API and WebSocket subscriptions for AWS AppSync
  • Authentication CLI - Browser-based OAuth login/logout commands
  • Shared Types - TypeScript interfaces for events, sessions, encryption

CLI Usage

# Sign in via browser (opens Cognito Hosted UI)
codevibe login

# Sign out
codevibe logout

# Check authentication status
codevibe status

# Reset device identity (destructive - old sessions become inaccessible)
codevibe reset-device

# Use specific environment
codevibe --env development login

API Usage

Keychain Manager

import { keychainManager, DeviceIdentity } from '@quantiya/codevibe-core';

// Get or create device identity (stored in native keychain)
const identity = await keychainManager.getOrCreateDeviceIdentity();
console.log(identity.deviceId, identity.publicKey);

// Get OAuth tokens
const tokens = await keychainManager.getTokens('production');
if (tokens) {
  console.log(tokens.email, tokens.userId);
}

Crypto Service

import { cryptoService } from '@quantiya/codevibe-core';

// Generate key pair
const keyPair = cryptoService.generateKeyPair();

// Generate session key
const sessionKey = cryptoService.generateSessionKey();

// Encrypt content
const encrypted = cryptoService.encryptContent('Hello World', sessionKey);

// Decrypt content
const decrypted = cryptoService.decryptContent(encrypted, sessionKey);

AppSync Client

import { AppSyncClient, loadConfig } from '@quantiya/codevibe-core';

// Load environment configuration
loadConfig('production');

// Create client
const client = new AppSyncClient('production');

// Authenticate with stored tokens
const authenticated = await client.authenticateWithStoredTokens();
if (!authenticated) {
  console.log('Run "codevibe login" first');
  process.exit(1);
}

// Create session
const session = await client.createSession({
  userId: client.getCurrentUserId(),
  agentType: 'CLAUDE',
  projectPath: '/path/to/project',
});

// Subscribe to events
const unsubscribe = client.subscribeToEvents(session.sessionId, (event) => {
  console.log('Event received:', event);
});

// Clean up
unsubscribe();

Auth Service

import { authService, loadConfig } from '@quantiya/codevibe-core';

// Set environment
loadConfig('production');
authService.setEnvironment('production');

// Login (opens browser)
const tokens = await authService.login();

// Check status
const status = await authService.getStatus();
console.log(status.authenticated, status.tokens?.email);

// Logout
await authService.logout();

Keychain Storage

All sensitive data is stored in the native system keychain:

  • Service Name: ai.quantiya.app.codevibe
  • Device Identity: Stored as device-identity account
  • Tokens: Stored as tokens-{environment} accounts (e.g., tokens-production)

This ensures:

  • Data persists across terminal sessions
  • Data is encrypted at rest by the OS
  • Data survives plugin reinstalls/updates
  • Device identity is shared across all CodeVibe plugins

Security

  • Device keys are ECDH P-256 key pairs
  • Session keys are 256-bit AES keys
  • Content is encrypted with AES-256-GCM
  • Session keys are encrypted per-device using ECDH
  • OAuth tokens are stored securely in native keychain

Development

# Install dependencies
npm install

# Build
npm run build

# Watch mode
npm run watch

# Local development with plugin
npm link
cd ../codevibe-claude-plugin
npm link @quantiya/codevibe-core

License

MIT