Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@amazebot/config
Advanced tools
This utility wraps Yargs and dotenv capabilities with some simple interfaces for easily managing configuration from various sources.
Can load a single configuration, or use the same options for a series of instances, loading from different sources using custom prefixes.
Possible config sources include:
.env
file'config': {}
config.json
fileA note on syntax/format. Options are defined and stored with hyphenated names, that match to their command line argument. However, the corresponding key in JSON would be camelCase and the env variable would be all caps with underscore separators.
Please be aware of the semantics:
new Config(options: IOptions, sourcePrefix?: string)
Config instances accept an initial range of options, which can be extended, for sharing the config between modules that each add their own options. The options argument follows the Yargs syntax.
The optional prefix argument on the constructor is applied to the sources for loading all options.
import { Config } from '@amazebot/config'
const config = new Config({
'amazing-enabled': {
type: 'boolean',
description: 'Makes everything amazing',
default: true
}
}, 'my')
In this example, the prefix 'my' would modify the source for the option as
MY_AMAZING_ENABLED
myConfig
my-config.json
.load(keyPrefix?: string)
Load values for the defined options from all recognised sources:
import { Config } from '@amazebot/config'
const config = new Config({ 'amazing': { type: 'boolean', default: 'true' } })
config.load()
console.log(config.settings.amazing) // --> true
Passing a prefix to the load method modifies the key for all options, allowing
multiple instances to have unique settings, from a common source. e.g. .env
FOO_AMAZING='false'
BAR_AMAZING='true'
import { Config } from '@amazebot/config'
const options = { 'amazing': { type: 'boolean', default: 'true' } }
const foo = new Config(options)
const bar = new Config(options)
foo.load('foo')
foo.load('bar')
console.log(foo.settings.amazing) // --> false
console.log(bar.settings.amazing) // --> true
.extend(options: IOptions)
Add more options, possibly after initial options loaded (requiring load again). Calling load after extend will merge new options with the initial set.
// index.ts
export * from './app.ts'
export * from './module.ts'
// app.ts
import { Config } from '@amazebot/config'
export const app = {
config: new Config({ 'amazing': { type: 'boolean', default: 'true' } }),
start: () => {
config.load()
console.log(config.settings)
}
}
// module.ts
import { app } from '.'
app.config.extend({ 'more-amazing': { type: 'boolean', default: 'false' } })
app.start() // --> { 'amazing': true, 'more-amazing': false }
.get(key: string)
Gets the loaded value from settings.
import { Config } from '@amazebot/config'
const config = new Config({ 'amazing': { type: 'boolean', default: 'true' } })
config.load()
config.get('amazing') // --> true
.set(key: string, value: any)
Set the value. Set values override loaded ones.
AMAZING='true'
import { Config } from '@amazebot/config'
const config = new Config({ 'amazing': { type: 'boolean' } })
config.load()
config.get('amazing') // --> true
config.set('amazing', false)
config.get('amazing') // --> false
import { Config } from '@amazebot/config'
const config = new Config({ 'amazing': { type: 'boolean' } })
config.set('amazing', false)
config.load()
config.get('amazing') // --> false
.reset()
Clear any loaded or set values.
import { Config } from '@amazebot/config'
const config = new Config({ 'amazing': { type: 'boolean', default: 'true' } })
config.load()
config.set('amazing', false)
config.reset()
config.get('amazing') // --> true
Config Maps allow defining a set of config instances with common options and defaults, with different values assigned by loading a unique prefixed source.
new ConfigMap(options: IOptions, sourcePrefix?: string)
The constructor uses the same arguments as normal configs. The map contains a
collection of config instance items
, always with at least one default
item.
import { ConfigMap } from '@amazebot/config'
const map = new ConfigMap({ 'amazing': { type: 'boolean', default: 'true' } })
console.log(map.items.default.settings['amazing'].default) // --> true
.item(key: string)
Get a config item by it's key, creating if it didn't exist.
import { ConfigMap } from '@amazebot/config'
const map = new ConfigMap({ 'amazing': { type: 'boolean', default: 'true' } })
map.item('alt')
console.log(map.items.alt.settings['amazing'].default) // --> true
.load()
Loads every item's config, using it's key as a prefix for value sources.
AMAZING='true'
ALT_AMAZING='false'
import { ConfigMap } from '@amazebot/config'
const map = new ConfigMap({ 'amazing': { type: 'boolean' } })
map.item('alt')
map.load()
map.item('default').get('amazing') // --> true
map.item('alt').get('amazing') // --> false
.extend(options: IOptions)
Extends every config item's options and for any newly created items.
import { ConfigMap } from '@amazebot/config'
const map = new ConfigMap({ 'amazing': { type: 'boolean' } })
map.extend({ 'more-amazing': { type: 'boolean', default: true } })
map.item('alt')
map.load()
map.item('alt').get('more-amazing') // --> true
FAQs
Centralised app configuration loaded from ENV, CLI and/or JSON.
We found that @amazebot/config demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.