CodeCourier
Secure file sharing inside VS Code.
Encrypt locally, verify the sender, preview safely, and apply only when you choose.
.codecourier packages • Local keys • Signed shares • Approve-before-write
What It Is
CodeCourier is a VS Code extension for sending a file from one developer workspace to another without relying on plaintext transport or blind writes.
It is built for a narrow workflow:
- generate a local identity
- trust teammates by importing their public identity
- share the current file as an encrypted
.codecourier package
- preview incoming content before writing anything
Extension Experience
| Extension Area |
CodeCourier |
| Views |
Overview • Recipients • Recent Activity |
| Primary Action |
Secure Share Current File |
Key Commands
| Command |
What it does |
CodeCourier: Open Dashboard |
Opens the CodeCourier extension view |
CodeCourier: Generate Identity |
Creates your local sharing identity |
CodeCourier: Export Public Identity |
Exports the safe-to-share identity file |
CodeCourier: Import Recipient Identity |
Adds a trusted teammate |
CodeCourier: Secure Share Current File |
Encrypts and packages the current file |
CodeCourier: Import Secure Share |
Verifies, previews, and imports a package |
CodeCourier: Set Slack Bot Token |
Enables Slack DM delivery |
CodeCourier: Set Slack Workspace URL |
Connects the Slack workspace |
Quick Start
- Install CodeCourier in VS Code.
- Run
CodeCourier: Generate Identity.
- Run
CodeCourier: Export Public Identity and exchange that JSON with your teammate.
- Run
CodeCourier: Import Recipient Identity.
- Use
CodeCourier: Secure Share Current File to send a file.
- Use
CodeCourier: Import Secure Share to verify and apply an incoming package.
What Is Public vs Private
Important: CodeCourier does not expose everything. It separates public identity from private secrets.
Safe to share
- display name
- Slack member ID
- encryption public key
- signing public key
- fingerprint
Kept local
- encryption private key
- signing private key
- Slack bot token
- plaintext file contents before sharing
Private keys and the Slack token are stored with VS Code secret storage. Incoming files are written only after explicit approval.
Slack Support
Slack is optional and used only as a delivery path for the encrypted package.
If you want direct Slack delivery from the extension:
- Create a Slack app with
conversations:write and files:write.
- Run
CodeCourier: Set Slack Bot Token.
- Run
CodeCourier: Set Slack Workspace URL.
Transport != trust. Slack carries ciphertext. Trust still comes from local keys and signature checks.
Why This README Is Short
The README is intentionally focused on the extension experience, not the internal code structure.
If you want deeper project docs, use:
ARCHITECTURE.mdMVP.mdBACKEND_SCHEMA.md
License
MIT
