npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

onbox

v0.1.2

Published

Local sandboxes and MicroVM's. Same DX as @vercel/sandbox, runs on your machine.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

hugorodrigueshugorodrigues

Keywords

sandboxmicrovmlocalvmdockercode-executionisolationlima

Readme

onbox - Local sandboxes and microVMs for macOS and Linux.

Run untrusted code, AI agent output, or dev environments in isolated containers on your own machine.

Install

# CLI
npm install -g onbox

# SDK
npm install onbox

CLI

# Create a sandbox and open a shell
onbox create --image node:22 --connect

# One-shot: run a command and clean up
onbox run --image python:3 -- python -c "print('hello')"

# Mount a host directory into the sandbox
onbox create --image node:22 --mount ~/dev/project:/workspace --connect

# Execute commands in a running sandbox
onbox exec sbx_abc123 npm test
onbox exec -w /workspace -e CI=true sbx_abc123 npm run build

# Copy files between host and sandbox
onbox copy ./local-file.txt sbx_abc123:/app/file.txt
onbox copy sbx_abc123:/app/dist/ ./output/

# Pause, resume, stop
onbox pause sbx_abc123
onbox resume sbx_abc123
onbox stop sbx_abc123

# Snapshots: save state and restore later
onbox snapshot sbx_abc123
onbox create --snapshot snap_abc123

# List and manage
onbox list
onbox snapshots list
onbox host status

Full CLI reference: docs/cli.md

SDK

import Onbox from "onbox"

const onbox = await Onbox()

const sandbox = await onbox.create({
	image: "node:22",
	mounts: [{ src: "~/dev/project", dst: "/workspace" }],
	env: { NODE_ENV: "production" },
})

const result = await sandbox.runCommand("npm", ["test"], { cwd: "/workspace" })
console.log(result.exitCode) // 0
console.log(await result.stdout()) // "Tests passed..."

await sandbox.stop()

Full SDK reference: docs/sdk.md

Features

Any Docker image. Use node:22, python:3, ubuntu:24.04, or anything from Docker Hub.

Host mounts. Mount directories from your machine into the sandbox with near-native speed via virtiofs.

Resource limits. Set CPU and memory limits per sandbox.

Snapshots. Capture the full sandbox state (filesystem, installed packages) and restore it later. Skip setup steps by snapshotting after npm install and creating fresh sandboxes from the snapshot.

Pause and resume. Freeze a sandbox and all its processes. Resume later exactly where you left off.

Background processes. Spawn long-running processes (dev servers, watchers) and monitor them. Stream stdout/stderr, wait for completion, or kill them.

Filesystem operations. Read, write, and download files programmatically.

Environment variables. Set env vars at sandbox creation and override them per command. Sandbox-level vars are passed to every command automatically.

Timeouts. Auto-stop sandboxes after a duration. Extend the timeout at runtime if you need more time.

Offline. Everything runs locally. No internet connection required after initial image pull.

Uses Apple's Virtualization framework (vz) on macOS for near-native performance. On Linux, it uses QEMU.

License

MIT