npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

sprout-install

v0.3.0

Published

Diagnose and fix local install/config/PATH problems for developer tools. Not a general coding agent.

Readme

🌱 Sprout

CI License: MIT Node Website Discord

Install-fixer CLI for developer tools — macOS, Linux & Windows

Sprout diagnoses and fixes local install/config/PATH problems for developer tools. You tell it what you want installed (or paste a broken install attempt); it detects what this machine actually has, proposes a plain-English plan, runs it step by step with your confirmation, and proves the result with a real verification command — instead of assuming a generic script works everywhere.

It is deliberately not a general coding agent. Its entire world is package managers, PATH, and shell rc files. It won't write your code, review your PRs, or answer unrelated questions — and it orchestrates existing package managers (brew, apt, dnf, winget, choco, scoop, npm, pip, …) rather than reimplementing them.

Platforms: macOS, Linux, and Windows (PowerShell + winget/choco/scoop).


Install

npm install -g sprout-install

Then verify:

sprout --version

If npm registry access is blocked, use the release tarball fallback instead:

npm install -g https://github.com/murderszn/sprout/releases/download/v0.3.0/sprout-install-0.3.0.tgz

Do not install from the GitHub Pages site URL (murderszn.github.io/sprout) — that serves the website, not the npm package.

Other install options:

npm install -g git+https://github.com/murderszn/sprout.git
# Windows local checkout example:
npm install -g C:\path\to\sprout

From a checkout:

npm install && npm run build && npm link

Setup — Pollinations (BYOP or bring your own key)

Inference goes to Pollinations via its OpenAI-compatible API. Sprout never proxies or phones home with your key — it stays in your env or ~/.sprout/config.json (chmod 600).

Recommended: sprout login (Bring Your Own Pollen)

Authorize Sprout to spend your Pollen balance via Pollinations BYOP:

sprout login

Opens enter.pollinations.ai, you approve access in the browser, and Sprout stores a scoped sk_... key locally. On first run of any command, Sprout offers this flow before asking you to paste a key.

Alternative: paste your own sk_... key

  1. Get a secret key at https://enter.pollinations.ai.
  2. Run sprout config --set-key, or export SPROUT_API_KEY.

Key resolution order: SPROUT_API_KEY env var → ~/.sprout/config.jsonsprout login / interactive prompt. Keys are only ever shown masked (sk_a****xyz).

Default model: gpt-5.4-mini (override per-run with --model, or persistently with sprout config --model <id>).

Usage

sprout install gh              # main flow: detect → plan → confirm each step → verify
sprout install claude          # agentic coding CLIs: Claude Code, Codex, Gemini, OpenCode, etc.
sprout install ripgrep
sprout --dry-run install node  # exact command list, zero side effects
sprout --yes install jq        # skip per-step [y/N] prompts (hard guardrails still block)

sprout diagnose < broken.log   # pipe a failed install attempt, get a diagnosis + fix plan
brew install foo 2>&1 | sprout diagnose --tool foo
sprout diagnose                # interactive: paste the log, end with Ctrl-D

sprout login                   # authorize with Pollen (BYOP device flow)
sprout config                  # show masked key + model + config path
sprout config --set-key        # store a pasted sk_ key (input hidden)
sprout config --clear-key
sprout config --model gpt-5.4

sprout status                  # confirm the key works and the model is awake
sprout env                     # print the environment snapshot the agent sees

Seeded knowledge base (curated per-OS install + verify recipes): Claude Code, OpenAI Codex CLI, Google Antigravity CLI, MiMo Code (also catches "Memo Code"), OpenCode, Gemini CLI, Qwen Code, Sourcegraph Amp, git, node (nvm), python (pyenv), docker, GitHub CLI (gh), GitLab CLI (glab), AWS CLI, kubectl, Homebrew, jq, ripgrep, terraform, Supabase CLI, Databricks CLI, Blender, Go, Rust (rustup), FFmpeg, SQLite3, Poetry, Pandoc. Anything else works too — the model reasons it out live and tells you it's doing so rather than pretending it came from the curated data.

How a run works

  1. Detect — OS/version, shell + rc file (PowerShell profile on Windows), architecture, which package managers exist, PATH entries. One typed snapshot; everything downstream uses it.
  2. Plan — the model states a short plain-English plan before any tool call.
  3. Confirm/execute — each step shows the exact command (an argv array, executed with no shell) and the model's reason. Anything touching sudo, a system package manager, or an rc file asks [y/N] — default No. Results feed back to the model so it adapts to reality ("already installed", "permission denied") instead of replaying a script.
  4. Verify — after the plan, Sprout runs the tool's verify command itself and shows the real output. "Done" means the verify passed, not that the model said so.

Safety

  • No curl | bash, ever. Remote scripts are downloaded to a file, shown to you, and only run after you confirm the script itself.
  • Hard-blocked patterns — recursive deletes outside temp space, disk formatting, raw device writes, /etc/passwd-class files, fork bombs, power control — are refused before a confirmation prompt is even shown, and --yes does not override them.
  • sudo is exceptional: only when a step genuinely requires it, with the reason surfaced before the prompt.
  • rc-file edits always show the new content, always confirm (even under --yes), and back up the previous version next to the file.
  • --dry-run produces the exact command list with zero side effects.
  • Commands run as argv arrays via execa — no string interpolation, no shell expansion.

Community

Questions, broken install logs, and knowledge-base ideas belong in Discord (invite link in COMMUNITY.md) or GitHub Issues.

Development

npm run dev -- install jq      # run from source (tsx)
npm test                       # node:test suite (guardrails, knowledge base, agent loop with a scripted fake model)
npm run build

Copy env.example to .env for local development; dotenv picks it up.

To add a tool to the knowledge base, see CONTRIBUTING.md.