
Research
/Security News
Critical Vulnerability in NestJS Devtools: Localhost RCE via Sandbox Escape
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
@architect/parser
Advanced tools
Architect Parser accepts plaintext, JSON, or YAML .arc manifests and returns a plain JavaScript Object
@architect/parser
OpenJS Architect is an Infrastructure as Code (IaC) solution. The critical insight of Infastructure as Code is determinism. Infrastructure resources are defined in a declarative manifest file with the code that depends on them. This ensures deployment artifacts alway have the exact runtime resources expected for every version of the code.
Architect looks in the following places for the primary definition/configuration manifest file:
The
.arc
format is unique to Architect with many readability advantages; but is not required
.arc
.arc
is a text format for storing structured configuration data; it is not for serializing or transporting data
The .arc
format:
#
symbols@
(example: @pragma
)string
, number
and boolean
array
, vector
and map
Consider a file some-arc-file.txt
with the following contents:
# this is a comment
@section-one
simple-string-value # String
another-value
4.2 # Number
true # Boolean
@section-of-arrays
vector of values
vector tuple
@vectors-section
named
vector
of
values
@this-section-has-a-map
hello-world
name some-value
Parsing the file with the following code:
#!/usr/bin/env node
const parse = require('@architect/parser')
const fs = require('fs')
const text = fs.readFileSync('./some-arc-file.txt').toString()
const result = parse(text)
console.log(result)
Prints the following plain object to the console:
{
"section-one": [
"simple-string-value",
"another-value",
4.2,
true
],
"section-of-arrays": [
["vector", "of", "values"],
["vector", "tuple"]
],
"vectors-section": [
{named: ["vector", "of", "values"]},
],
"this-section-has-a-map": [{
"hello-world": {
"name": "some-value"
}
}]
}
Things to notice:
array
values are space seperated scalar values on a single linevector
is a named array
with scalar values indented two spaces on newlinesmap
is a named value followed by keys and values indented two spaces[7.0.0 - 7.0.1] 2024-01-08
FAQs
Architect Parser accepts plaintext, JSON, or YAML .arc manifests and returns a plain JavaScript Object
The npm package @architect/parser receives a total of 51,730 weekly downloads. As such, @architect/parser popularity was classified as popular.
We found that @architect/parser demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
Product
Customize license detection with Socket’s new license overlays: gain control, reduce noise, and handle edge cases with precision.
Product
Socket now supports Rust and Cargo, offering package search for all users and experimental SBOM generation for enterprise projects.