npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@todoforai/vault

v0.1.11

Published

Zero-config TODOforAI vault CLI — get/put/patch/list/rm secrets in the user's KV v2 vault. Reuses bridge credentials and derives the vault URL from the backend URL.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

sixzero-tmpsixzero-tmpsixzerosixzero

Keywords

clivaultsecretstodoforai

Readme

@todoforai/vault

Zero-config TODOforAI vault CLI. Installs the tfa-vault command. Speaks vault-manager's KV v2 HTTP API.

npm i -g @todoforai/vault    # installs the `tfa-vault` command

Why

vault (HashiCorp CLI) works against vault-manager, but requires VAULT_ADDR, VAULT_TOKEN, vault login, ~/.vault-token, … — ceremony designed for a HashiCorp Vault server, not ours.

tfa-vault is the native TODOforAI client: reuses the same credentials every other tfa-* tool uses (bridge-injected env vars or ~/.config/todoforai/credentials.json), derives the vault URL from the backend URL, and is zero-config in any shell the bridge spawned.

tfa-vault put openai api_key=sk-xxx
tfa-vault get -f api_key openai
tfa-vault list

No VAULT_ADDR. No VAULT_TOKEN. No vault login. No ~/.vault-token. If todoforai-bridge login worked, this works.

Commands

| Command | Description | |---|---| | tfa-vault put <path> k=v [k=v …] | Write (replaces existing fields at path) | | tfa-vault patch <path> k=v [k=v …] | Merge fields (preserves others) | | tfa-vault get <path> | Print all fields | | tfa-vault get -f <field> <path> | Print one field, raw (for $(…)) | | tfa-vault list [prefix] | List children under prefix | | tfa-vault rm <path> | Delete | | tfa-vault health | Ping vault-manager | | tfa-vault whoami | Show resolved auth context |

-j/--json on any read command for machine-readable output.

Value sources

  • Inline: tfa-vault put openai api_key=sk-xxx
  • From file: tfa-vault put openai api_key=@/path/to/key.txt (path must start with /, ./, ../ or ~/)
  • From stdin: echo -n "sk-xxx" | tfa-vault put openai api_key=-
  • Literal @…: tfa-vault put deps pkg=@todoforai/vault (no leading slash → treated as literal value, no escaping needed)

Auth resolution

First match wins:

  1. --api-key / --api-url / --vault-url flags
  2. TODOFORAI_API_KEY / TODOFORAI_API_URL env vars (bridge-injected into every PTY)
  3. ~/.config/todoforai/credentials.json (written by todoforai-bridge login)

URL derivation

| Backend URL | Vault URL | |---|---| | https://api.todofor.ai | https://vault.todofor.ai | | http://localhost:4000 | http://localhost:8800 |

Override with --vault-url if needed.

Use in scripts

export OPENAI_API_KEY=$(tfa-vault get -f api_key openai)
export DB_PASS=$(tfa-vault get -f pass db/prod/primary)
python my_script.py

tfa-vault get -f <field> writes the value to stdout with no trailing newline — safe for $(…).

Exit codes: 0 on success, 2 for "not found" (so scripts can distinguish missing-secret from network errors), 1 for everything else.