hexpass 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/LICENSE +21 -0
  2. package/README.md +66 -0
  3. package/index.js +201 -0
  4. package/package.json +32 -0
package/LICENSE ADDED
@@ -0,0 +1,21 @@
1
+ MIT License
2
+
3
+ Copyright (c) 2026
4
+
5
+ Permission is hereby granted, free of charge, to any person obtaining a copy
6
+ of this software and associated documentation files (the "Software"), to deal
7
+ in the Software without restriction, including without limitation the rights
8
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9
+ copies of the Software, and to permit persons to whom the Software is
10
+ furnished to do so, subject to the following conditions:
11
+
12
+ The above copyright notice and this permission notice shall be included in all
13
+ copies or substantial portions of the Software.
14
+
15
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21
+ SOFTWARE.
package/README.md ADDED
@@ -0,0 +1,66 @@
1
+ # hexpass
2
+
3
+ Generate cryptographically secure hexadecimal passwords and secrets.
4
+
5
+ ## Install
6
+
7
+ Using npm:
8
+
9
+ ```
10
+ npm install -g hexpass
11
+ ```
12
+
13
+ Or run directly with npx:
14
+
15
+ ```
16
+ npx hexpass
17
+ ```
18
+
19
+ ## Usage
20
+
21
+ ```
22
+ hexpass [length]
23
+ hexpass --bytes <n>
24
+ hexpass --help
25
+ hexpass --version
26
+ hexpass --copy
27
+ ```
28
+
29
+ - Default: `hexpass` outputs a 32-character hex string.
30
+ - `hexpass 64` outputs a 64-character string.
31
+ - `hexpass 33` supports odd lengths (generates extra byte and truncates).
32
+ - `hexpass --bytes 16` uses 16 random bytes (32 characters of hex).
33
+
34
+ ## Options
35
+
36
+ | Option | Description |
37
+ | --- | --- |
38
+ | `length` | Desired hex string length (default 32, max 1024) |
39
+ | `--bytes <n>` | Generate from n bytes (output has n×2 characters) |
40
+ | `--copy`, `-c` | Copy the generated hex string to the clipboard |
41
+ | `--help`, `-h` | Show usage information |
42
+ | `--version`, `-v` | Show version number |
43
+
44
+ ## Examples
45
+
46
+ ```
47
+ # Quickly generate a secret
48
+ hexpass 64
49
+
50
+ # Populate .env
51
+ JWT_SECRET=$(hexpass 48)
52
+
53
+ # Create API key
54
+ hexpass --bytes 32 > api-key.txt
55
+
56
+ # Generate and copy instantly
57
+ hexpass 48 --copy
58
+ ```
59
+
60
+ ## Security
61
+
62
+ `hexpass` always uses `crypto.randomBytes()` from Node.js for cryptographically strong randomness. No weak sources like `Math.random()` are used.
63
+
64
+ ## License
65
+
66
+ MIT
package/index.js ADDED
@@ -0,0 +1,201 @@
1
+ #!/usr/bin/env node
2
+
3
+ const crypto = require("crypto");
4
+ const { spawnSync } = require("child_process");
5
+ const { version } = require("./package.json");
6
+
7
+ const DEFAULT_LENGTH = 32;
8
+ const MAX_LENGTH = 1024;
9
+ const MAX_BYTES = MAX_LENGTH / 2;
10
+
11
+ const args = process.argv.slice(2);
12
+
13
+ const parsed = parseArgs(args);
14
+
15
+ if (parsed.action === "help") {
16
+ printHelp();
17
+ process.exit(0);
18
+ }
19
+
20
+ if (parsed.action === "version") {
21
+ console.log(version);
22
+ process.exit(0);
23
+ }
24
+
25
+ if (parsed.bytes != null && parsed.lengthValue != null) {
26
+ exitWithError("Provide either a length or --bytes, not both.");
27
+ }
28
+
29
+ let charLength;
30
+
31
+ if (parsed.bytes != null) {
32
+ const byteLength = parseByteLength(parsed.bytes);
33
+ if (byteLength * 2 > MAX_LENGTH) {
34
+ exitWithError(
35
+ `Byte length exceeds maximum of ${MAX_BYTES} bytes (${MAX_LENGTH} characters).`
36
+ );
37
+ }
38
+ charLength = byteLength * 2;
39
+ } else if (parsed.lengthValue != null) {
40
+ const length = parseCharacterLength(parsed.lengthValue);
41
+ if (length > MAX_LENGTH) {
42
+ exitWithError(`Length exceeds maximum of ${MAX_LENGTH} characters.`);
43
+ }
44
+ charLength = length;
45
+ } else {
46
+ charLength = DEFAULT_LENGTH;
47
+ }
48
+
49
+ const password = generateHex(charLength);
50
+ process.stdout.write(`${password}\n`);
51
+
52
+ if (parsed.copy) {
53
+ try {
54
+ copyToClipboard(password);
55
+ } catch (error) {
56
+ exitWithError(error.message || "Failed to copy to clipboard.");
57
+ }
58
+ }
59
+
60
+ function parseArgs(argv) {
61
+ let lengthValue = null;
62
+ let bytes = null;
63
+ let copy = false;
64
+
65
+ for (let i = 0; i < argv.length; i += 1) {
66
+ const arg = argv[i];
67
+
68
+ if (arg === "--help" || arg === "-h") {
69
+ return { action: "help" };
70
+ }
71
+
72
+ if (arg === "--version" || arg === "-v") {
73
+ return { action: "version" };
74
+ }
75
+
76
+ if (arg === "--bytes") {
77
+ if (bytes != null) {
78
+ exitWithError("The --bytes option can only be specified once.");
79
+ }
80
+ const next = argv[i + 1];
81
+ if (!next) {
82
+ exitWithError("Missing value for --bytes.");
83
+ }
84
+ bytes = next;
85
+ i += 1;
86
+ continue;
87
+ }
88
+
89
+ if (arg === "--copy" || arg === "-c") {
90
+ copy = true;
91
+ continue;
92
+ }
93
+
94
+ if (arg.startsWith("--")) {
95
+ exitWithError(`Unknown option: ${arg}`);
96
+ }
97
+
98
+ if (lengthValue != null) {
99
+ exitWithError("Multiple length values provided.");
100
+ }
101
+
102
+ lengthValue = arg;
103
+ }
104
+
105
+ return { action: "generate", lengthValue, bytes, copy };
106
+ }
107
+
108
+ function parseCharacterLength(value) {
109
+ const num = Number(value);
110
+ if (!Number.isFinite(num) || !Number.isInteger(num)) {
111
+ exitWithError(`Invalid length: '${value}'. Must be a positive integer.`);
112
+ }
113
+ if (num <= 0) {
114
+ exitWithError("Length must be a positive integer.");
115
+ }
116
+ return num;
117
+ }
118
+
119
+ function parseByteLength(value) {
120
+ const num = Number(value);
121
+ if (!Number.isFinite(num) || !Number.isInteger(num)) {
122
+ exitWithError(
123
+ `Invalid byte length: '${value}'. Must be a positive integer.`
124
+ );
125
+ }
126
+ if (num <= 0) {
127
+ exitWithError("Byte length must be a positive integer.");
128
+ }
129
+ return num;
130
+ }
131
+
132
+ function generateHex(charLength) {
133
+ const bytesNeeded = Math.ceil(charLength / 2);
134
+ const hex = crypto.randomBytes(bytesNeeded).toString("hex");
135
+ return hex.slice(0, charLength);
136
+ }
137
+
138
+ function printHelp() {
139
+ console.log(
140
+ `hexpass - Generate cryptographically secure hex passwords\n\n` +
141
+ `Usage:\n` +
142
+ ` hexpass [length] Generate hex string with specified length (default: ${DEFAULT_LENGTH})\n` +
143
+ ` hexpass --bytes <n> Generate from n random bytes (output has n*2 characters)\n\n` +
144
+ `Options:\n` +
145
+ ` -h, --help Show this help message\n` +
146
+ ` -v, --version Show version number\n` +
147
+ ` -c, --copy Copy the generated hex string to clipboard\n` +
148
+ ` --bytes <n> Specify length in bytes instead of characters\n\n` +
149
+ `Examples:\n` +
150
+ ` hexpass # 32-character hex string\n` +
151
+ ` hexpass 64 # 64-character hex string\n` +
152
+ ` hexpass --bytes 32 # 64-character hex string (32 bytes)\n` +
153
+ ` hexpass 48 --copy # Generate 48 chars and copy to clipboard\n\n` +
154
+ `Limits:\n` +
155
+ ` Maximum output length is ${MAX_LENGTH} characters (${MAX_BYTES} bytes).\n\n` +
156
+ `Security:\n` +
157
+ ` All passwords are generated using Node.js crypto.randomBytes()`
158
+ );
159
+ }
160
+
161
+ function exitWithError(message) {
162
+ console.error(`Error: ${message}`);
163
+ process.exit(1);
164
+ }
165
+
166
+ function copyToClipboard(text) {
167
+ const platform = process.platform;
168
+
169
+ if (platform === "darwin") {
170
+ runClipboardCommand("pbcopy", text);
171
+ return;
172
+ }
173
+
174
+ if (platform === "win32") {
175
+ runClipboardCommand("clip", text);
176
+ return;
177
+ }
178
+
179
+ const linuxCommands = [
180
+ ["xclip", ["-selection", "clipboard"]],
181
+ ["xsel", ["--clipboard", "--input"]],
182
+ ];
183
+
184
+ for (const [cmd, args] of linuxCommands) {
185
+ const result = spawnSync(cmd, args, { input: text, encoding: "utf8" });
186
+ if (!result.error && result.status === 0) {
187
+ return;
188
+ }
189
+ }
190
+
191
+ throw new Error(
192
+ "Clipboard copy not supported on this system. Install xclip or xsel."
193
+ );
194
+ }
195
+
196
+ function runClipboardCommand(command, input) {
197
+ const result = spawnSync(command, [], { input, encoding: "utf8" });
198
+ if (result.error || result.status !== 0) {
199
+ throw new Error(`Failed to copy to clipboard using ${command}.`);
200
+ }
201
+ }
package/package.json ADDED
@@ -0,0 +1,32 @@
1
+ {
2
+ "name": "hexpass",
3
+ "version": "1.0.0",
4
+ "description": "Generate cryptographically secure hexadecimal passwords and secrets",
5
+ "main": "index.js",
6
+ "bin": {
7
+ "hexpass": "./index.js"
8
+ },
9
+ "scripts": {
10
+ "test": "node index.js && node index.js 64 && node index.js --bytes 16"
11
+ },
12
+ "keywords": [
13
+ "password",
14
+ "hex",
15
+ "secret",
16
+ "crypto",
17
+ "generator",
18
+ "cli",
19
+ "jwt",
20
+ "api-key"
21
+ ],
22
+ "author": "",
23
+ "license": "MIT",
24
+ "engines": {
25
+ "node": ">=14.0.0"
26
+ },
27
+ "files": [
28
+ "index.js",
29
+ "LICENSE",
30
+ "README.md"
31
+ ]
32
+ }