npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

git-add-safely

v0.3.0

Published

Git add wrapper with secret scanning and AI code review UI

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

zerkazerka

Keywords

Readme

git-add-safely

Git add wrapper with secret scanning and an AI code review UI.

Install

# Run without installing
bunx git-add-safely --watch

# Install globally
bun install -g git-add-safely

Requires Bun — does not run on Node.

Modes

Default — scan and stage (CLI)

git-add-safely .
git-add-safely src/auth.ts

Runs git add, scans staged files for secrets, prompts in terminal if anything is found.

--ui — visual approval in browser

git-add-safely . --ui

Opens a web UI showing the diff. You approve or cancel staging from the browser.

--watch — live review UI

git-add-safely --watch

Long-running server that opens a full UI at https://project.git.studio (or http://127.0.0.1:<port> with --no-domain).

Features:

  • Browse staged and unstaged diffs
  • Stage / unstage files
  • Write inline notes on any diff line — saved to .git-notes/
  • Trigger AI code review per file or across all staged files
  • Notes are automatically included as context in AI reviews
  • Generate commit messages with AI
  • Manage git stashes
  • Interact with GitHub PRs (view, comment, reply)

Options

--force         Skip all security checks
--ui            Open web UI for approval
--watch         Live review UI server
--no-domain     Use http://127.0.0.1:<port> (skip /etc/hosts setup)
--http-only     Use http://project.git.studio (skip HTTPS proxy)
--port <n>      Use specific port (default: random free port)
-v, --version   Show version
-h, --help      Show help

Secret scanning

Scans staged files for:

  • AWS / GCP / Azure credentials
  • Private keys (RSA, DSA, EC)
  • API tokens (GitHub, Slack, Discord, Stripe, SendGrid, etc.)
  • Dangerous filenames (.env, .pem, .key, credentials.json, etc.)

Test files get lighter treatment — only high-confidence patterns trigger.

AI code review

In --watch mode, open any file and click Review with Claude (or Review all) in the toolbar. Requires an AI provider configured in the settings UI (Anthropic, OpenAI, Google, or any OpenAI-compatible endpoint).

API keys are stored in ~/.git-add-safely/settings.json — never in the repo.

Inline review notes

Click any diff line in --watch mode to add a markdown note. Notes are:

  • Saved to .git-notes/ (gitignored automatically)
  • Shown inline in the diff
  • Included as context when you run an AI review

Configuration

Optional .git-safely.json in project root:

{
  "plugins": {
    "web-ui": {
      "enabled": true,
      "config": {
        "autoOpen": true,
        "port": 3450
      }
    }
  }
}

ZSH integration

To intercept git add automatically, add to ~/.zshrc:

git() {
  if [[ $1 == "add" ]]; then
    git-add-safely "${@:2}"
  else
    command git "$@"
  fi
}

See SETUP.md for full shell integration instructions.

Development

bun install
bun run build       # builds UI + CLI → dist/
bun dist/index.js . # test locally