Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
github.com/gerbenjacobs/properties
properties is a Go library for reading and writing properties files.
It supports reading from multiple files and Spring style recursive property
expansion of expressions like ${key}
to their corresponding value.
Value expressions can refer to other keys like in ${key}
or to
environment variables like in ${USER}
.
Filenames can also contain environment variables like in
/home/${USER}/myapp.properties
.
Comments and the order of keys are preserved. Comments can be modified and can be written to the output.
The properties library supports both ISO-8859-1 and UTF-8 encoded data.
Starting from version 1.3.0 the behavior of the MustXXX() functions is
configurable by providing a custom ErrorHandler
function. The default has
changed from panic
to log.Fatal
but this is configurable and custom
error handling functions can be provided. See the package documentation for
details.
import "github.com/magiconair/properties"
func main() {
p := properties.MustLoadFile("${HOME}/config.properties", properties.UTF8)
host := p.MustGetString("host")
port := p.GetInt("port", 8080)
}
Read the full documentation on GoDoc
$ go get -u github.com/magiconair/properties
For testing and debugging you need the go-check library
$ go get -u gopkg.in/check.v1
2 clause BSD license. See LICENSE file for details.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.