npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

nullseal

v0.15.1

Published

NullSeal CLI — securely share secrets via encrypted server storage or P2P WebRTC transfer

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

lamtv.vnlamtv.vn

Keywords

secretsharep2pwebrtccliencryption

Readme

NullSeal CLI

Share secrets, passwords, and files securely from your terminal.

Everything is encrypted on your device before it leaves. The server never sees your data — only you and the person you share with can read it.

Install

npm i -g nullseal

Or run without installing:

npx nullseal share "my secret" -p mypassword

Why NullSeal?

  • Zero-knowledge — Your data is encrypted locally before transmission. The server stores only encrypted blobs it cannot read.
  • Password-protected — Every share requires a password. Without it, the content is unreadable — even to us.
  • One-time read — Server shares self-destruct after the first read by default. Use --no-one-time to allow multiple reads.
  • Auto-expiry — Shares expire automatically (default 24 hours, max 7 days). Control with --ttl.
  • P2P mode — Transfer directly between devices using peer-to-peer connections. Data never touches the server.
  • Cross-platform — Works on macOS (Intel & Apple Silicon) and Linux (x64 & arm64). Share between CLI and web seamlessly.

Quick Start

Share a secret

nullseal share "database password: hunter2" -p mypassword

If you omit -p, you'll be prompted to enter the password interactively (hidden from shell history):

nullseal share "database password: hunter2"
# 🔑 Password: ********

You'll get a secure link and a QR code. Send the link to the recipient through any channel — the content is safe even if the link is intercepted, because the password is required to decrypt.

Retrieve a secret

nullseal get https://nullseal.com/s/abc123xyz -p mypassword

Share a file

nullseal share ./credentials.pdf -p mypassword -t file

Peer-to-peer transfer

Send directly to another device — no server storage, no size limit:

# Sender
nullseal share "top secret" -p mypassword -m p2p

# Recipient (use the link from the sender)
nullseal get https://nullseal.com/p2p/abc123xyz -p mypassword

P2P transfers happen over an encrypted WebRTC connection. The server only helps the two devices find each other — it never sees the data.

Local network transfer

Two machines on the same network? Use -n local for a fully local transfer — no server needed:

# Sender
nullseal share "top secret" -m p2p -n local

# Recipient (on same network — auto-discovers sender via mDNS)
nullseal get -n local

# Or connect directly if mDNS doesn't work
nullseal get -n local -a 192.168.1.42:52341

The sender binds a local signaling server and broadcasts its address via mDNS. The transfer uses WebRTC — data never leaves your network.

Usage

nullseal share <content> [options]
nullseal get <url-or-id> [options]

Common options

| Flag | Description | |------|-------------| | -p, --password | Encryption password (prompted interactively if omitted) |

share options

| Flag | Description | Default | |------|-------------|--------| | -m, --mode | Transfer mode: u (server upload) or p2p (peer-to-peer) | u | | -t, --type | Content type: txt, pwd, or file | txt | | -T, --ttl | Expiration: e.g. 1h, 24h, 3d, 7d (max: 7d) | 24h | | -1, --one-time | One-time read (negate with --no-one-time) | on | | -n, --network | Network mode: local = fully local transfer (no server) | off | | -a, --address | Bind address for local transfer (default: auto-detect) | auto |

get options

| Flag | Description | |------|-------------| | -o, --output | Output directory for received files | | -n, --network | Network mode: local = discover sender on LAN | | -a, --address | Direct host:port for local transfer (skip mDNS discovery) |

If -p is omitted, you'll be prompted to enter the password interactively. This is recommended to avoid exposing passwords in shell history.

Security

NullSeal is designed so that no one except the sender and recipient can read the shared content — not even the NullSeal service.

  • Content is encrypted on your device using a password-derived key with 250,000 rounds of key stretching
  • Industry-standard AES-256 encryption with unique random parameters for every share
  • The password never leaves your device — only a one-way proof is sent for P2P verification
  • Server shares are one-time read and auto-expire
  • P2P transfers are end-to-end encrypted — data flows directly between devices
  • The CLI is a compiled binary with no runtime dependencies — no supply chain risk from JavaScript packages

Supported Platforms

| Platform | Architecture | |----------|-------------| | macOS | Apple Silicon (arm64) | | macOS | Intel (x64) | | Linux | x64 | | Linux | arm64 |

Links

License

MIT