npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

nodes-http-loader

v1.0.1

Published

A zero-dependency package to download, decrypt, and run programs from URLs using XOR encryption. The package also contains a prepare command to encrypt local binaries for secure distribution. This allows you to ensure your program is compatible with the l

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

lnodesllnodesl

Keywords

httploaderdownloadencryptionxorcliexecutablezero-dependencynative

Readme

nodes-http-loader

A zero-dependency Node.js package to download, decrypt, and run programs from URLs using XOR encryption.

Features

  • Download any executable program from a URL
  • Decrypt and run programs directly (no intermediate files)
  • Direct execution: Downloads, decrypts, and runs programs in one command
  • Silent by default: No console output unless using --debug flag
  • Cross-platform: Works on Windows, macOS, and Linux
  • Argument passing: Pass command-line arguments to the downloaded program
  • Automatic cleanup: Temporary files are automatically removed after execution
  • Zero dependencies: Uses only native Node.js modules
  • Prepare workflow: Encrypt local binaries for secure distribution to upload elsewhere, and download to your other machines using the same package.

Installation

Install the package globally or locally using npm:

npm install -g nodes-http-loader

or

npm install nodes-http-loader

Quick Start

Basic Usage

  1. Download and run a program directly:

    nodes-http-loader https://example.com/program mysecretkey

  2. Prepare a local binary:

    nodes-http-loader prepare ./myapp mysecretkey
# Upload prepared.bin to your server
nodes-http-loader https://yourserver.com/prepared.bin mysecretkey

  3. Run with arguments:

    nodes-http-loader https://example.com/program mysecretkey arg1 arg2

Usage

Method 1: Direct Download and Execution

To download a program from a URL, decrypt it, and run it directly, use the following command:

If you installed globally (-g flag) you do not need to use 'npx' in front.

npx nodes-http-loader <url> <key> [args...]
npx nodes-http-loader --debug <url> <key> [args...]  # With debug output

or if you installed globally (-g flag) you do not need to use 'npx' in front.

nodes-http-loader <url> <key> [args...]
nodes-http-loader --debug <url> <key> [args...]  # With debug output

Examples:

nodes-http-loader https://github.com/user/repo/releases/download/v1.0.0/app mysecretkey
nodes-http-loader https://example.com/program mykey
nodes-http-loader https://example.com/program mykey arg1 arg2 "argument with spaces"
nodes-http-loader --debug https://example.com/program mykey  # Show debug output

This command downloads the program from the URL, decrypts it, and runs it directly without creating any intermediate files.

Note: All downloaded files are expected to be encrypted. Use the prepare command to encrypt local binaries before uploading them.

Method 2: Preparing a Binary for Upload

To prepare a local binary file for HTTP distribution, use the prepare command:

nodes-http-loader prepare <binary> <key> [output]

Examples:

nodes-http-loader prepare ./myapp mysecretkey
nodes-http-loader prepare ./myapp mysecretkey encrypted-app.bin

This command encrypts your local binary file and creates an encrypted version that you can upload to your web server. The output file is ready for HTTP distribution.

Workflow:

  1. Prepare your binary: nodes-http-loader prepare ./myapp mysecretkey
  2. Upload the generated prepared.bin to your web server
  3. Run directly: nodes-http-loader https://yourserver.com/prepared.bin mysecretkey

Direct Execution

The program is downloaded, decrypted, and executed directly without creating any intermediate files. You can pass arguments to the downloaded program:

nodes-http-loader https://example.com/program mysecretkey arg1 arg2

The execution is completely self-contained and requires only Node.js to run.

Use Cases

  • Direct execution: Download and run programs from GitHub releases in one command
  • CDN distribution: Execute programs from CDNs or file hosting services
  • Secure distribution: Control access to your programs through encryption keys
  • Offline preparation: Encrypt your binaries locally and upload them to your server
  • Version management: Easily update programs by uploading new encrypted versions
  • Remote deployment: Deploy and run programs without local installation
  • Argument passing: Pass command-line arguments to remote programs

Security Notes

  • Encryption: The downloaded program is encrypted using XOR encryption with your provided key
  • Key Security: The key is provided at runtime - no persistent files are created
  • Trust: Only use this tool with trusted URLs and programs
  • Cleanup: The temporary decrypted file is automatically cleaned up after execution
  • Zero dependencies: Uses only native Node.js modules
  • Cross-platform: Works on Windows, macOS, and Linux with proper file permissions

Troubleshooting

Common Issues

"spawn ENOEXEC" Error:

  • This usually means the downloaded file is not executable or corrupted
  • Ensure you're using the correct key for the encrypted file.
  • Make sure the file was properly encrypted with the prepare command

File Not Found:

  • Check that the URL is accessible and returns the correct file
  • Verify the file exists on the server

Permission Denied:

  • On Unix-like systems, the script automatically sets execute permissions
  • On Windows, ensure the file is a valid executable

Network Issues:

  • The tool has a 360-second (6 minutes) timeout for downloads
  • Check your internet connection and firewall settings

Testing Your Setup

  1. Test with a simple file:
    # Create a test file
echo '#!/bin/bash\necho "Hello World!"' > test.sh
chmod +x test.sh
   
# Prepare it
nodes-http-loader prepare test.sh mykey
   
# Test locally (upload prepared.bin to a server first)
nodes-http-loader https://yourserver.com/prepared.bin mykey

License

This project is licensed under the MIT License - see the LICENSE file for details.

Author

LNodesL