npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

exfil-cli

v1.0.0

Published

A professional CLI tool to scan, detect, and export important local-only project files (.env, .pem, keys, certs, configs) for safe migration between environments.

Downloads

110

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

bilyhack12bilyhack12

Keywords

backupextractexfilenvmigrationgitignoresensitive-filesproject-migrationdotenvsecretskeyscertificatescliexfiltrateexport

Readme

🔐 exfil-cli

Scan · Detect · Extract · Export — A professional CLI to find and export important local-only project files for safe migration.

npm version license

Why?

When migrating to a new OS, reformatting, or switching machines, the files that aren't in version control are often the ones you need most:

  • .env, .env.local, .env.production
  • Private keys (.pem, .key, .p12)
  • SSL certificates
  • OAuth tokens and service-account JSONs
  • IDE run-configurations & debug settings
  • Docker overrides (docker-compose.override.yml)
  • Database dumps, local scripts, build caches

exfil-cli recursively scans your project directories, detects 90+ file patterns across 14 categories, respects .gitignore, and copies everything into a neatly organised folder — ready to zip and carry.

Installation

# Global (recommended)
npm install -g exfil-cli

# Or with yarn
yarn global add exfil-cli

# Or run without installing
npx exfil-cli

Quick Start

# Interactive mode (guided wizard)
exfil

# Scan a project and see what's important
exfil scan --dir ~/projects/my-app

# Extract important files into an organised folder
exfil extract --dir ~/projects --output ./backup

# Scan → Extract → Zip in one shot
exfil zip --dir ~/projects --output ./backup.zip

Commands

| Command | Description | |---|---| | exfil | Launch interactive wizard (default) | | exfil scan | Scan directories and report findings | | exfil extract | Copy important files into organised output | | exfil zip | Scan, extract, and create a zip archive | | exfil init | Create a .extractorrc.json config file | | exfil rules list | Show all active rules (built-in + user) | | exfil rules builtin | Show full built-in detection rules table | | exfil rules add | Add a custom include/exclude rule | | exfil rules remove | Remove a user rule by index | | exfil rules reset | Reset config to defaults |

Common Options

-d, --dir <path>       Target directory to scan (default: current dir)
-o, --output <path>    Output directory or zip path
-p, --priority <level> Minimum priority: CRITICAL, HIGH, MEDIUM, LOW
-v, --verbose          Show detailed output during scan

What It Detects

exfil-cli ships with 90+ built-in rules organised into 14 categories:

| # | Category | Examples | |---|---|---| | 1 | 🔑 Environment Variables | .env, .env.local, .env.production | | 2 | 🔐 Crypto & Keys | *.pem, *.key, *.p12, *.jks, *.keystore | | 3 | 📜 Certificates | *.crt, *.cer, *.pfx, ca-certificates/ | | 4 | 🔒 Auth & Tokens | token.json, .netrc, .npmrc with tokens | | 5 | ☁️ Cloud Credentials | AWS credentials, GCP service accounts, Azure config | | 6 | 🗄️ Databases | *.sqlite, *.db, dumps, migration seeds | | 7 | 🐳 Docker Overrides | docker-compose.override.yml, .docker/ | | 8 | ⚙️ IDE & Editor | .vscode/launch.json, .idea/runConfigurations/ | | 9 | 🔧 Local Config | local.settings.json, *.local.js | | 10 | 📦 Build Artefacts | Signing keys, provisioning profiles | | 11 | 🛡️ CI / CD Secrets | .github/secrets, deploy keys | | 12 | 📝 Local Scripts | scripts/, shell scripts not in VCS | | 13 | 🗂️ Data Files | CSVs, JSON fixtures, seed data | | 14 | 📋 Miscellaneous | Licence keys, internal docs, notes |

Priority Levels

| Priority | Meaning | |---|---| | 🔴 CRITICAL | Secrets that would cause a security breach if lost | | 🟠 HIGH | Hard-to-recreate credentials and configs | | 🟡 MEDIUM | Useful local configurations | | 🟢 LOW | Nice-to-have files, notes, scripts |

Run exfil rules builtin to see every rule, or filter by priority:

exfil rules builtin --priority CRITICAL

Configuration

Initialise a config file in your project:

exfil init

This creates .extractorrc.json:

{
  "include": {
    "patterns": [],
    "filenames": [],
    "extensions": []
  },
  "exclude": {
    "patterns": [],
    "paths": [],
    "extensions": []
  },
  "priorityOverrides": {},
  "customRules": [],
  "scan": {
    "maxFileSizeMB": 50,
    "followSymlinks": false,
    "extraScanDirs": []
  },
  "output": {
    "defaultDir": "./extracted-files",
    "includeMetadata": true,
    "generateRestoreScripts": true
  }
}

Adding Rules via CLI

# Include extra patterns
exfil rules add include pattern "**/.secret-*"
exfil rules add include filename "my-custom-config.yml"
exfil rules add include extension ".bak"

# Exclude things you don't need
exfil rules add exclude pattern "**/test-fixtures/**"
exfil rules add exclude path "vendor/"
exfil rules add exclude extension ".log"

# Check what's active
exfil rules list

Output Structure

extracted-files/
├── my-app/
│   ├── CRITICAL/
│   │   ├── env-variables/
│   │   │   └── .env
│   │   └── crypto-keys/
│   │       └── server.key
│   ├── HIGH/
│   │   ├── cloud-credentials/
│   │   │   └── gcp-service-account.json
│   │   └── auth-tokens/
│   │       └── token.json
│   └── MEDIUM/
│       └── ide-editor/
│           └── .vscode/launch.json
├── another-project/
│   └── ...
├── MANIFEST.json          ← Full index of every extracted file
├── SUMMARY.txt            ← Human-readable overview
├── RESTORE.ps1            ← PowerShell script to put files back
└── RESTORE.sh             ← Bash script to put files back

Programmatic API

const { Scanner, Organizer, Zipper, Reporter } = require('exfil-cli');

// Scan
const scanner = new Scanner({ dir: './projects', minPriority: 'HIGH' });
const results = await scanner.scan();
Reporter.printScanReport(results);

// Extract
const organizer = new Organizer(results, { outputDir: './backup' });
const extraction = await organizer.organize();
Reporter.printExtractionReport(extraction);

// Zip
const zipper = new Zipper('./backup', './backup.zip');
const zipInfo = await zipper.zip();
Reporter.printZipReport(zipInfo);

Features

  • 90+ built-in detection rules across 14 categories
  • Priority classification — CRITICAL / HIGH / MEDIUM / LOW
  • .gitignore-aware — focuses on files excluded from version control
  • User-configurable include/exclude rules via .extractorrc.json
  • Interactive wizard for guided extraction
  • Restore scripts generated automatically (PowerShell + Bash)
  • Manifest & summary for every extraction
  • Crypto metadata sidecars for key/cert files
  • Zip export with maximum compression
  • Programmatic API for scripting and CI integration

Requirements

  • Node.js ≥ 14.0.0

License

MIT