npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

codex-github-harness

v0.2.0

Published

An opinionated workflow harness that makes Codex behave like a disciplined GitHub coding agent.

Readme

Codex GitHub Harness

An opinionated open-source workflow harness that makes Codex behave like a disciplined GitHub coding agent.

Quick Start

npx codex-github-harness init

Or install globally:

npm install -g codex-github-harness
codex-github-harness init

The installer walks you through four questions and sets up everything:

1. Workflow Mode

  • Full autonomous -- Codex creates branches, uses worktrees, runs verification, self-reviews the diff, pushes, and opens PRs. The complete disciplined-engineer workflow.
  • Minimal -- Codex inspects the repo, makes targeted edits, runs checks, and reviews the diff, but stays local. No branches, no worktrees, no PRs. Commits only when you explicitly ask.

2. Skill Scope

  • Global (~/.codex/skills/) -- Skills are available in every Codex session on this machine, regardless of which repo you are in.
  • Local (./skills/) -- Skills are installed into the current repo and version-controlled with the project. Best for team setups.

3. Branch Prefix

  • codex/ (default) -- Press Enter to accept. Codex creates branches like codex/fix-auth-bug.
  • Custom -- Enter a prefix without trailing slash (e.g. ai, bot, your team name). The / is added automatically.

4. Worktree Directory

  • ./worktrees/<task> (default, inside repo) -- Worktrees live inside the repo directory, easy to find and clean up.
  • ../worktrees/<task> (outside repo) -- Worktrees live outside the repo, keeping your main checkout clean.
  • Custom -- Enter any path relative to the repo root.

Dry Run

npx codex-github-harness init --dry-run

Target a Specific Repo

npx codex-github-harness init /path/to/your/repo

What This Is

Codex is most useful when the operating rules are explicit. This harness gives Codex a consistent workflow for repository work:

  • Use clean task branches and git worktrees.
  • Keep unrelated dirty work out of feature changes.
  • Verify changes before reporting done.
  • Run a post-implementation self-review loop.
  • Commit, push, and open a pull request when the task is intended for GitHub.
  • Report the final branch, worktree, commit, and PR state clearly.

The goal is not to make Codex "magical." The goal is to make its behavior predictable, reviewable, and close to how a careful human engineer would work.

Included Skills

The installer copies two reusable Codex skills:

  • pr-merge-cleanup -- Branch, worktree, commit, push, and PR flow for GitHub tasks. Keeps repo work isolated, reviewable, and easy to merge.
  • post-implementation-review -- Self-review loop: diff check, cleanup, re-verify before reporting done. Catches bugs, dead code, and style drift.

Included Files

  • AGENTS.md -- the full autonomous workflow instruction set.
  • templates/ -- all files the installer copies into your repo.
  • skills/pr-merge-cleanup/SKILL.md -- reusable PR merge, branch deletion, commit, push, and PR workflow.
  • skills/post-implementation-review/SKILL.md -- reusable post-change review and cleanup loop.
  • examples/AGENTS.minimal.md -- smaller version for teams that want fewer rules.
  • examples/AGENTS.full.md -- full version with skill references and stricter reporting.
  • docs/workflow.md -- how the workflow runs from task intake to PR.
  • docs/customization.md -- what to change before using this in your own environment.
  • docs/faq.md -- common questions and tradeoffs.
  • CONTRIBUTING.md -- contribution guidelines for improving the setup.

Recommended Setup

Use the full AGENTS.md when:

  • Codex is allowed to create branches and PRs.
  • Your repo has meaningful tests, linting, or type checks.
  • You want Codex to keep working through verification failures.
  • You want a consistent completion report after changes.

Use the minimal example when:

  • You mainly want local edits.
  • You do not want Codex opening PRs automatically.
  • You are still evaluating how much autonomy to allow.

Requirements

  • Node.js 18 or higher
  • Git
  • GitHub CLI (gh) for PR creation
  • A GitHub account authenticated through gh auth login
  • A repository with clear test, lint, and type-check commands

Codex can still use the workflow without GitHub CLI, but it should report that PR creation could not run.

Safety Model

This setup intentionally asks Codex to be autonomous, but not careless:

  • It uses worktrees to isolate changes.
  • It avoids mixing unrelated dirty files into commits.
  • It requires diff review before completion.
  • It requires verification before reporting done.
  • It reports exact git state at the end of code-changing turns.

You should still review every pull request before merging it.

License

MIT. See LICENSE.