npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

arbella

v0.2.0

Published

Set up your AI coding tools once, then rebuild that setup on any machine. Claude Code, Codex, Cursor, opencode, GitHub Copilot CLI, Kilo Code & Antigravity — Linux, macOS, Windows.

Downloads

288

Readme

⛵ Arbella

Set up your AI coding tools once. Rebuild that setup on any machine.

Backup and migration for your Claude Code, Codex, Cursor, opencode, Copilot CLI, Kilo Code, and Antigravity setup — skills, subagents, plugins, hooks, settings, memories — into a private Git repo you own.

License  Node  Platforms  Status

Quick start · Commands · How sign-in works · Secrets


The problem

You've spent months tuning Claude Code or Codex — custom skills, a stack of subagents, plugins, hooks, your CLAUDE.md. Then you get a new laptop and do it all again from scratch.

Arbella saves that whole setup into a private Git repo and puts it back on another machine with one command. Linux, macOS, Windows.

Quick start

arbella setup       # install what arbella leans on (git, gh, the tool CLIs)
arbella init        # point it at a private repo, pick your options
arbella push        # snapshot your setup and push it

# later, on another machine:
arbella pull https://github.com/you/your-setup

Install

Needs Node 18+.

npm install -g arbella
arbella --help
arbella update   # later: update arbella itself

What it does

  push   ~/.claude · ~/.codex · Cursor   ──▶   strip · template   ──▶   private repo
  pull   private repo                  ──▶   install · place    ──▶   tools + Cursor User data

push reads the parts of your setup that matter, strips anything secret, swaps machine-specific paths for placeholders, and pushes the result to your repo. pull does the reverse: installs the CLIs you don't have, drops files back with this machine's paths, reinstalls plugins and skills, and wires shared Claude/Codex instructions back into CLAUDE.md and AGENTS.md.

Two things it deliberately won't do:

  • Never commits secrets. API keys, OAuth tokens, auth.json, .credentials.json — all excluded, no exceptions. You sign back in after a pull, or carry them yourself with arbella secrets.
  • Doesn't copy what it can reinstall. Plugins and registry skills are saved as a list and pulled fresh, so the repo stays small and never goes stale.

Supported today: Claude Code, Codex, Cursor (IDE + the cursor-agent CLI), opencode, GitHub Copilot CLI, Kilo Code, and Google Antigravity. Cursor support covers global MCP config, user settings, keybindings, snippets, local skills, skills.sh symlinks, the cursor-agent CLI config + global commands, and extension IDs; runtime state and credentials stay out. opencode, Copilot CLI, and Kilo are config-dir CLIs — Arbella captures each one's config dir (the JSON/JSONC config, custom agents/commands, MCP config), strips token-shaped values, and skips machine-local state, plugin install artifacts, and reinstallable skills (regenerated from the config on first run). Antigravity spans three roots — its VS Code-style User settings, the ~/.antigravity extension list, and the shared ~/.gemini agent config (global rules, MCP servers, skills) — while its Google OAuth tokens never leave your machine.

Commands

| Command | What it does | | --- | --- | | arbella setup | Install git, the provider CLIs, and the AI tool CLIs | | arbella init | One-time wiring: pick a repo and your options | | arbella push | Snapshot your setup and push it — the everyday one | | arbella pull <url> | Rebuild your setup on a fresh machine | | arbella status | Show what a push would change — read-only | | arbella update | Update arbella itself through npm | | arbella auth | Sign in to your repo host | | arbella secrets | Move credentials between machines, off Git |

Every prompt has a flag, so anything interactive can be scripted. --dry-run works wherever it makes sense.

arbella setup

Checks what's installed and offers to fill the gaps — a checklist, so you tick what you actually use.

arbella setup                   # interactive checklist
arbella setup --all             # everything, no prompts
arbella setup --deps git,gh -y  # just these
  • Covers git (required), gh / glab (handle sign-in for you), and the AI CLIs (claude, codex, cursor, opencode, copilot, kilo).
  • Installs through your system's package manager: apt, dnf, or pacman on Linux, Homebrew on macOS, winget on Windows.
  • init and pull also install on demand — if something's missing when you run them, Arbella stops and asks first.

arbella init

The one-time wiring. Pick a host (GitHub, GitLab, or a plain Git URL); if the repo doesn't exist yet, Arbella creates it private for you.

arbella init
arbella init --provider github --repo you/your-setup --auto-push daily -y

Saves your preferences:

  • which tools Arbella should manage
  • who wins a conflict — your machine or the repo
  • auto-push cadence — off, once per session, or daily
  • whether secrets are allowed into the repo (off by default), and whether to include memories (also off)

arbella push

The one you'll run most. Captures your current setup, sanitizes it, commits, and pushes. Run it whenever you've changed something worth keeping, or let the auto-push hook do it in the background.

arbella push
arbella push --dry-run   # show exactly what goes in (and what's skipped), write nothing

Worth a --dry-run before your first real push, so there are no surprises.

arbella pull

The reason the whole thing exists.

arbella pull https://github.com/you/your-setup
arbella pull <url> --dry-run
  • First copies your current ~/.claude and ~/.codex to a timestamped safety folder, so a pull can't quietly wreck what's already there.
  • Installs any missing CLIs — reaching for sudo only when the global npm folder actually needs root.
  • Writes files with this machine's paths, then reinstalls your plugins and skills from the manifest.
  • Deploys your shared instructions to CLAUDE.md and AGENTS.md.
  • Reminds you to sign back in at the end, since no credentials came along for the ride.

arbella status

Read-only. It answers one question: if you ran push right now, what would change?

arbella status
arbella status --json   # pipe it somewhere

New and modified files, plugin drift, the secrets it would skip. Writes nothing, installs nothing.

arbella update

Updates the Arbella CLI package itself. It does not touch your backed-up Claude, Codex, or Cursor setup.

arbella update                  # npm install -g arbella@latest
arbella update --version 0.1.2  # pin a specific release
arbella update --dry-run        # show the npm command only

arbella auth

Handles sign-in to your repo host. You rarely call it yourself — push and pull sign in on their own when they hit a private repo. It's here for when you'd rather log in ahead of time, or check where you stand.

arbella auth login
arbella auth status
arbella auth login --provider gitlab
arbella auth login --device-flow   # skip gh/glab, use Arbella's own flow

arbella secrets

For the credentials that never belong in the repo. Git is never involved — you carry the blob between your own machines yourself.

arbella secrets export   # encrypted, passphrase-protected blob (AES-256-GCM)
arbella secrets import   # unpack it on the other machine

How sign-in works

Short version: gh and glab are preferred, not required. They're the smoothest route, and the one I'd point you to — but Arbella works without them.

| Situation | What Arbella does | | --- | --- | | CLI installed and signed in | Uses it directly. gh/glab already do OAuth properly and configure Git's credentials, so nothing sensitive passes through Arbella. | | CLI installed, signed out | Runs its auth login for you — prints a URL and a code you type into your browser. | | CLI missing | Offers to install it, or falls back to its own path: an OAuth device flow, or a pasted token kept in a local 0600 file. |

For the device flow, point Arbella at your own registered OAuth app with ARBELLA_GITHUB_CLIENT_ID (or ARBELLA_GITLAB_CLIENT_ID). There's no sensible default to ship — the client ID is public but tied to your account — so with none set, Arbella skips the device flow and asks for a token instead. SSH and file:// remotes are left alone, so those keep working however your Git already has them.

Secrets

This is the part I most wanted to get right.

  • Whole credential files (auth.json, .credentials.json, and the like) sit on a hard denylist and are never read into the repo.
  • Everything that does get committed runs through a sanitizer that redacts token-shaped values.
  • Any token Arbella holds for itself lives in one local file with 0600 permissions — not in the repo, not in a logged command, not baked into a Git remote.
  • A test fails the build if a credential can reach the repo. This isn't on the honor system.

Putting secrets in the repo is opt-in, and the default is off. It's your private repo and your call — but I'd leave it there.

Cross-platform notes

Paths get templated, so a setup captured on a Mac under /Users/you restores correctly on Linux under /home/you, or on Windows. The one place the machine matters is global npm installs: on a system Node the folder is root-owned, so Arbella elevates with sudo and tells you it's doing so; on nvm, Homebrew, or Windows it's already yours, so it skips sudo. It checks first instead of guessing.

Why "Arbella"

The Arbella was the flagship of the 1630 Winthrop Fleet — a few hundred settlers, their livestock, and the colony's founding charter, carried across the Atlantic to start over somewhere new. That's the idea here: pack up the things that make your environment yours, carry them across, and unpack on the other side.

Status

v0.1 — early, but it builds clean, the full test suite passes, and I use it daily. Issues and pull requests welcome.

License

Copyright (c) 2026 Fafoooo.

Arbella is licensed under the GNU Affero General Public License v3.0 only (AGPL-3.0-only). See LICENSE.