npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@workspacejson/codex-mcp

v0.1.4

Published

MCP server that surfaces workspace.json fragility and co-change intelligence to OpenAI Codex before it edits code.

Downloads

680

Readme

See it in 30 seconds

| | | | --- | --- | | Task | Update the checkout route | | Without workspace.json | Codex proposes one file | | With workspace.json | The hook identifies two evidenced partners | | Enforcement | The incomplete patch is denied | | Outcome | Codex revises the changeset before the edit lands |

Installation

npx @workspacejson/codex-mcp install --with-hook

Installs:

  • MCP context
  • deterministic pre-edit hook

Includes:

  • optional, read-only GPT-5.6 API reviewer

Idempotent, scoped to this repo's .codex/ directory, never touches ~/.codex. Restart Codex, then run /mcp to confirm workspacejson is connected. Remove everything it wrote with npx @workspacejson/codex-mcp uninstall.

Wire the MCP server yourself

Add this to .codex/config.toml (project) or ~/.codex/config.toml (global):

[mcp_servers.workspacejson]
command = "npx"
args = ["-y", "@workspacejson/codex-mcp", "server"]
# Optional: point at a specific file or search root.
# env = { WORKSPACE_JSON_PATH = "/abs/path/.agents/workspace.json" }

Without the hook you still get the read tools, but not deterministic enforcement.

CI / repo-native check — no editor required

git diff --name-only | node hooks/pre-edit-check.mjs --paths-stdin

Exit code 2 means a fragile change is missing a co-change partner; the reason prints with its evidence. Drop it into a GitHub Action to gate pull requests the same way the hook gates edits.

Editor decorations — VS Code / Cursor (optional)

Install the packaged extension from the release .vsix:

# VS Code
code --install-extension workspacejson-codex-<version>.vsix

# Cursor
cursor --install-extension workspacejson-codex-<version>.vsix

Fragile files are flagged in the Explorer with their tier and evidence on hover. The extension reads the same local .agents/workspace.json; it makes no network calls.

Verify in two minutes

From a repo that has a committed .agents/workspace.json:

  1. In Codex, ask it to edit a file the workspace flags as fragile.
  2. Watch the hook refuse the patch, citing the recorded evidence and the co-change partner the change left out.
  3. Ask Codex to include the partner and retry — the edit proceeds.

No configuration beyond step 1 above. The example/ fixture in this repo reproduces the exact denial shown in the demo.

How it works

MCP supplies context. A deterministic hook enforces evidenced omissions. An optional, direct read-only GPT-5.6 API review challenges a supplied completed diff and preserves its request/response receipt locally. The reviewer never controls the hook, and a PASS verdict is not a safety certification.

Full derivation rules for evidence tiers (ASSERTED/OBSERVED/VERIFIED), the hook's fail-open behavior, and the GPT-5.6 reviewer's scope live in docs/how-it-works.md.

Operational guarantees

  • Missing evidence never becomes a safety approval.
  • Malformed evidence never crashes the edit loop.
  • Reviewer output never controls deterministic enforcement.
  • Installation never overwrites unmanaged configuration.
  • Uninstall removes only owned artifacts.
  • Every VERIFIED claim maps to a reproducible command.

Each is checkable, not asserted: run npm run verify from a clean clone to reproduce the gate this repository's own CI runs, or read the source citations in docs/operational-guarantees.md. See docs/failure-modes.md for the behavior behind each guarantee under missing, malformed, or unavailable input.

Trust boundary

The MCP and deterministic hook run locally over stdio and do not upload repository contents. Initial package installation may contact npm. The optional review command sends only the diff you explicitly supply to a configured API provider: OpenAI (OPENAI_API_KEY) or OpenRouter (OPENROUTER_API_KEY). When both keys exist, set WORKSPACEJSON_REVIEWER_PROVIDER to openai or openrouter; an explicit WORKSPACEJSON_REVIEWER_BASE_URL also selects OpenRouter. It uses store: false with OpenAI and preserves a local request/response receipt that identifies the provider and model. Do not supply diffs containing secrets.

Current limitations

  • Enforcement currently covers Codex apply_patch.
  • Other edit mechanisms may receive context without deterministic blocking.
  • Missing or malformed workspace.json fails open with an explicit unavailable warning.
  • Stale evidence is not treated as proof of current risk.
  • fragile:false means the file has no recorded fragility, not that it is verified safe.
  • This does not replace tests, review, or repository instructions.

Learn more

License

Apache-2.0