npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

moxyloco

v0.7.2

Published

A simple proxy service for Mux, TicketSource, Vimeo, Acast, and Cloudflare R2 APIs that securely stores credentials and forwards API requests. Also provides TypeScript types for TicketSource events and a **fully generated, type-safe R2 API client**.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

darbymanningdarbymanning

Keywords

Readme

Moxyloco - API Proxy Service

A simple proxy service for Mux, TicketSource, Vimeo, Acast, and Cloudflare R2 APIs that securely stores credentials and forwards API requests. Also provides TypeScript types for TicketSource events and a fully generated, type-safe R2 API client.

🚀 OpenAPI-Driven Development Workflow

This project uses OpenAPI as the single source of truth for the R2 API. Everything is generated from static/r2_openapi.yaml:

  • TypeScript types - Auto-generated from OpenAPI spec
  • API client - Fully typed client for other teams to use
  • Postman collection - Auto-generated for testing
  • API documentation - Interactive docs with Scalar
  • Tests - Validate API matches spec exactly

📚 API Documentation

Interactive API documentation is available at:

  • Local: http://localhost:5173/api/docs
  • Production: https://moxy.uilo.co/api/docs

The documentation is automatically generated from the OpenAPI spec and includes interactive endpoint testing, request/response examples, and authentication setup.

Quick Start

# 1. Edit the OpenAPI spec
vim static/r2_openapi.yaml

# 2. Validate and generate everything
bun run ci:validate

# 3. Commit (pre-commit hooks run automatically)
git commit -m "Add new endpoint"

Available Commands

# Validate OpenAPI spec
bun run validate:openapi

# Generate everything from spec
bun run generate:all

# Run full CI validation locally
bun run ci:validate

# Run tests
bun run test:run

# Run client tests
bun run test:client

# Generate individual components
bun run generate:types      # TypeScript types
bun run generate:client     # API client
bun run generate:postman    # Postman collection

Using the Generated R2 API Client

The generated client is available as an npm package:

import { R2 } from 'moxyloco/r2'

const client = new R2({
	token: 'your-token',
})

// List assets in a bucket (fully type-safe, no need to type the response)
const assets = await client.get_bucket('my-bucket')
console.log('Assets:', assets.data)
console.log('Folders:', assets.included)

// Upload an asset
const file = new File(['test content'], 'test.txt', { type: 'text/plain' })
const upload_result = await client.upload_asset('my-bucket', file)
console.log('Uploaded:', upload_result.data)

Package Exports

  • moxyloco/r2 - Full client with methods and types

The Smart Workflow

  1. 🎯 Design First - Edit static/r2_openapi.yaml
  2. 🔄 Generate Everything - Run bun run ci:validate
  3. 🧪 Test - Pre-commit hooks validate everything
  4. 🚀 Deploy - CI/CD ensures spec stays in sync

Benefits:

  • 🛡️ Bulletproof - CI/CD prevents broken code
  • 🔄 Auto-sync - Everything stays in sync automatically
  • Fast feedback - Fail fast on any issues
  • 📚 Auto-docs - Documentation always up-to-date
  • 🧪 Test-driven - Tests validate against spec
  • 👥 Team-friendly - Clear PR feedback and validation
  • 📦 Client-ready - Generated TypeScript client for other teams

Overview

This service acts as a proxy for Mux, TicketSource, Vimeo, Acast, and Cloudflare R2 APIs, storing your credentials securely and allowing you to make API calls without exposing your tokens directly.

Security

Domain Restrictions

API access is restricted to the following domains only:

  • storyblok.com
  • *.storyblok.com (all subdomains)
  • localhost (for development)

The service checks the Origin and Referer headers to validate domain access. Server-to-server calls (without these headers) are allowed by default.

Usage

Setting up credentials

  1. Navigate to the main page and choose which service you want to add credentials for
  2. For Mux: Go to /mux and enter your MUX_TOKEN_ID and MUX_TOKEN_SECRET
  3. For TicketSource: Go to /ticketsource and enter your TICKETSOURCE_TOKEN
  4. For Vimeo: Go to /vimeo and enter your VIMEO_ACCESS_TOKEN
  5. For R2: Go to /r2 and enter your R2_ACCOUNT_ID, R2_ACCESS_KEY_ID, and R2_SECRET_ACCESS_KEY
  6. For Acast: No credentials needed - uses public RSS feeds
  7. Submit the form and you'll receive a secret ID

Making API calls

Mux API

GET /api/mux/your/mux/endpoint
Authorization: Bearer YOUR_SECRET_ID

TicketSource API

GET /api/ticketsource/your/ticketsource/endpoint
Authorization: Bearer YOUR_SECRET_ID

Vimeo API

GET /api/vimeo/your/vimeo/endpoint
Authorization: Bearer YOUR_SECRET_ID

R2 API

The R2 API provides a database-backed folder structure for Cloudflare R2 storage. See the API Documentation for complete endpoint details and examples.

Key Features:

  • Database-backed folder organization
  • Flat R2 keys with logical folder structure
  • JSON:API format responses
  • Full CRUD operations for assets and folders

Acast API

GET /api/acastaway/{show_id}?page=1&limit=10

Note: Acast endpoints don't require authentication - they use public RSS feeds with smart caching and pagination.

📦 TypeScript Types

This package exports TypeScript types for multiple services:

R2 API Types & Client

import { R2 } from 'moxyloco/r2'

// Use the generated client
const client = new R2({ token: 'your-token' })
const assets = await client.get_bucket('my-bucket')

Other Service Types

import type { TicketsauceEvent } from 'moxyloco/ticketsauce-types'
import type { AcastawayShow } from 'moxyloco/acastaway-types'

Note: This package requires storyloco as a peer dependency for the underlying types. Make sure you have it installed:

npm install storyloco

API Endpoints

  • GET /api/mux/* - Proxy to Mux API

  • POST /api/mux/* - Proxy to Mux API

  • PUT /api/mux/* - Proxy to Mux API

  • DELETE /api/mux/* - Proxy to Mux API

  • PATCH /api/mux/* - Proxy to Mux API

  • GET /api/ticketsource/* - Proxy to TicketSource API

  • POST /api/ticketsource/* - Proxy to TicketSource API

  • PUT /api/ticketsource/* - Proxy to TicketSource API

  • DELETE /api/ticketsource/* - Proxy to TicketSource API

  • PATCH /api/ticketsource/* - Proxy to TicketSource API

  • GET /api/vimeo/* - Proxy to Vimeo API

  • POST /api/vimeo/* - Proxy to Vimeo API

  • PUT /api/vimeo/* - Proxy to Vimeo API

  • DELETE /api/vimeo/* - Proxy to Vimeo API

  • PATCH /api/vimeo/* - Proxy to Vimeo API

  • GET /api/r2/* - R2 Asset Management API (see API Documentation)

  • GET /api/acastaway/{show_id} - Fetch Acast podcast show data with pagination

  • POST /api/acastaway/{show_id} - Invalidate cache for specific show

  • POST /api/acastaway - Webhook endpoint for cache invalidation

🛠️ Development

# Start development server
bun dev

# Run full validation (recommended before committing)
bun run ci:validate

# View API documentation
open http://localhost:5173/api/docs

🚀 Deployment

This is a Cloudflare Worker. Deploy to your Cloudflare account:

bun run deploy