npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@vinadesignstore/core-client

v0.2.1

Published

Public SDK for the Vina Design Store auth and shared settings core.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

haiphanworkshaiphanworks

Keywords

authoauthoidcsettingsvndsvinadesignstore

Readme

@vinadesignstore/core-client

Public SDK for the VNDS central auth and shared settings platform.

The package is public so satellite apps can install it easily, but the issued apiKey must stay server-side.

Install

pnpm add @vinadesignstore/core-client

Environment

VNDS_AUTH_BASE_URL=https://auth.vinadesignstore.com
VNDS_CORE_APP_ID=your-app-id
VNDS_CORE_API_KEY=your-app-api-key

Create a client

import { createVndsCoreClient } from "@vinadesignstore/core-client";

export const core = createVndsCoreClient({
  baseUrl: process.env.VNDS_AUTH_BASE_URL!,
  appId: process.env.VNDS_CORE_APP_ID!,
  apiKey: process.env.VNDS_CORE_API_KEY!,
});

OAuth helpers

Typical server-driven login flow:

const pkce = await core.auth.generatePkcePair();

const authorizeUrl = core.auth.buildAuthorizeUrl({
  appId: process.env.VNDS_CORE_APP_ID!,
  redirectUri: "https://store.example.com/auth/callback",
  state: "csrf-token",
  codeChallenge: pkce.codeChallenge,
});

const tokens = await core.auth.exchangeAuthorizationCode({
  code: "callback-code",
  codeVerifier: pkce.codeVerifier,
  redirectUri: "https://store.example.com/auth/callback",
});

const user = await core.auth.fetchUserInfo(tokens.access_token);

Expected OAuth endpoints:

  • /api/auth/oauth2/authorize
  • /api/auth/oauth2/token
  • /api/auth/oauth2/userinfo

Useful claims returned by the central auth server include:

  • onboarding_complete
  • password_set
  • discord_connected
  • discord_member
  • discord_user_id
  • discord_role_ids
  • discord_member_guild_ids
  • discord_guild_memberships
  • app_roles
  • roles_last_synced_at

discord_member means the user is currently a member of at least one configured VNDS Discord server. Use discord_member_guild_ids or discord_guild_memberships when your app needs per-server details.

Shared settings helpers

await core.settings.set("storefront", "branding", {
  logoUrl: "https://cdn.example.com/logo.svg",
  accent: "#7c3aed",
});

const item = await core.settings.get("storefront", "branding");
const list = await core.settings.list("storefront");
await core.settings.delete("storefront", "branding");

Expected config endpoints:

  • /api/configs/[namespace]
  • /api/configs/[namespace]/[key]

Security guidance

  • keep VNDS_CORE_API_KEY on the server only
  • generatePkcePair and buildAuthorizeUrl can be used for browser redirects if needed
  • exchangeAuthorizationCode, getClientCredentialsToken, and all settings helpers should run server-side

Publish

Before the first publish:

pnpm install
pnpm --filter @vinadesignstore/core-client build
pnpm --filter @vinadesignstore/core-client pack:dry-run

Then log in to npm and publish the package publicly:

npm login
pnpm publish:sdk

Notes:

  • the package already sets publishConfig.access=public
  • pnpm publish:sdk uses --no-git-checks, which is handy while you are iterating locally
  • if you want a stricter release process later, switch to tags or Changesets before publishing updates