Security News
AI Has Taken Over Open Source
Vibe coding at scale is reshaping how packages are created, contributed, and selected across the software supply chain
By André Staltz - May 22, 2026
Big News: Socket raises $60M Series C at a $1B valuation to secure software supply chains for AI-driven development.Announcement →
@withone/pipesync
Advanced tools
Package was removed
Sorry, it seems this package was removed from the registry
@withone/pipesync
Dynamic data sync engine for Pica-connected platforms. Pull data from any API into any destination.
pipesync
Pull data from any API into any destination. Zero platform-specific code.
pipesync is a dynamic sync engine for Pica-connected platforms. You give it a JSON mapping config, it handles pagination, field mapping, deduplication, and incremental sync. The AI writes the config. The engine does the work.
Install
npm install @withone/pipesync
Quick Start
# Initialize
npx pipesync init --pica-key <your-key>
# Add a sync (AI generates this config via Pica MCP)
npx pipesync add gmail-emails --config '{
"platform": "gmail",
"connectionKey": "live::gmail::default::abc123",
"actionId": "conn_mod_def::xyz::list-messages",
"request": { "method": "GET", "path": "/users/me/messages", "queryParams": { "maxResults": 100 } },
"pagination": { "type": "cursor", "requestParam": "pageToken", "responseField": "nextPageToken", "itemsField": "messages" },
"record": { "type": "email", "mapping": { "subject": "payload.headers.Subject", "from": "payload.headers.From", "snippet": "snippet" }, "tags": ["gmail"] },
"externalRef": { "system": "gmail", "idField": "id" }
}'
# Pull data (NDJSON to stdout by default)
npx pipesync pull gmail-emails
# Or pipe anywhere
npx pipesync pull gmail-emails | jq '.data.subject'
npx pipesync pull gmail-emails > emails.jsonl
# Or store in @withone/mem (optional)
npm install @withone/mem
npx pipesync pull gmail-emails --output mem
How It Works
┌──────────────────────────┐
│ Your AI Tool │
│ (Claude, Cursor, etc.) │
│ │
│ 1. Pica MCP: learn API │
│ 2. Generate JSON config │
│ 3. Run pipesync CLI │
└────────────┬─────────────┘
│
▼
┌──────────────────────────┐
│ pipesync │
│ │
│ Pull → Map → Dedup → │
│ Output (stdout or mem) │
└──────┬───────────┬───────┘
│ │
▼ ▼
┌─────────┐ ┌────────┐
│Pica API │ │ stdout │
│(200+ APIs)│ │ or mem │
└─────────┘ └────────┘
- AI generates a mapping config using Pica MCP to understand the platform's API shape
- pipesync pulls data through Pica's passthrough API, handling pagination automatically
- Field mapping extracts what you need using dot-path notation (
payload.headers.Subject) - Deduplication via keys or external references prevents duplicates on re-sync
- Output goes to stdout (NDJSON) by default, or @withone/mem for searchable storage
No AI runs at sync time. The engine is fully deterministic.
CLI
pipesync init [--pica-key <key>] # Initialize in current directory
pipesync add <name> --config '<json>' # Add a sync mapping
pipesync pull [name] [--output mem] # Pull data
pipesync pull --full # Full resync (ignore incremental)
pipesync status # Show sync status
pipesync list # List all mappings
pipesync show <name> # Show mapping details
pipesync watch [--interval 30m] # Continuous sync
pipesync remove <name> # Remove a mapping
pipesync update <name> --config '<json>' # Update a mapping
Pagination
The AI picks the right strategy based on the platform's API:
| Type | How it works | Examples |
|---|---|---|
cursor | Token-based paging | Gmail, Notion, Slack |
offset | Offset + limit | Attio, HubSpot |
sync-token | Delta sync via token | Google Calendar |
link-header | Parse Link header | GitHub |
page-number | Increment page number | Many REST APIs |
none | Single request | Small endpoints |
Output Adapters
stdout (default) - NDJSON lines, pipe anywhere:
pipesync pull contacts | jq '.data.email'
pipesync pull contacts > contacts.jsonl
pipesync pull contacts | your-custom-script
@withone/mem (optional) - Searchable database with hybrid search:
npm install @withone/mem
pipesync pull contacts --output mem
npx mem search "john" -t contact
AI-Assisted Setup
Works best with an AI coding tool that has Pica MCP connected:
User: "Sync my Gmail emails"
AI:
1. Discovers Gmail actions via Pica MCP
2. Reads API response shape
3. Generates mapping config
4. Runs: pipesync add gmail-emails --config '...'
5. Runs: pipesync pull gmail-emails
6. Done: "Synced 1,247 emails"
Claude Code skills are included for a streamlined experience:
cp -r node_modules/@withone/pipesync/skills/* .claude/skills/
Then use /sync-setup and /sync-pull.
Docs
License
MIT
FAQs
Dynamic data sync engine for Pica-connected platforms. Pull data from any API into any destination.
The npm package @withone/pipesync receives a total of 0 weekly downloads. As such, @withone/pipesync popularity was classified as not popular.
We found that @withone/pipesync demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 26 Feb 2026
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
npm Invalidates Granular Access Tokens as Mini Shai-Hulud Sweeps the Registry
npm invalidated all granular access tokens that bypass 2FA after a fresh Mini Shai-Hulud wave compromised 323 npm packages. Staged publishing also entered public preview.
By Sarah Gooding - May 21, 2026
Research
/Security News
Coruna Respawned: Compromised art-template npm Package Leads to iOS Browser Exploit Kit
Compromised npm package art-template delivered a Coruna-like iOS Safari exploit framework through a watering-hole attack.
By Joseph Edwards - May 20, 2026