Product
Introducing GitHub Actions Scanning Support
Detect malware, unsafe data flows, and license issues in GitHub Actions with Socket’s new workflow scanning support.
By Rakesh Chatrath, Greg Tystahl -  Oct 23, 2025
🚀 DAY 4 OF LAUNCH WEEK: Introducing GitHub Actions Scanning Support.Learn more →
@config-dug/plugin-config-cat
Advanced tools
ConfigCat Plugin
A ConfigCat plugin for Config Dug This plugin is used to support loading configuration values via the ConfigCat API: https://api.configcat.com/docs/
Usage
The ConfigCat SDK key
[!IMPORTANT] The ConfigCat SDK key name will be specified within the plugin parameters. This sdk key value will need to be loaded from the environment variables in order to be used in this plugin.
Defining the ConfigCat plugin
const configCatPlugin = new ConfigCatPlugin({
sdkKeyName: 'CONFIG_CAT_SDK_KEY',
sourceKeyStyle: 'SCREAMING_SNAKE_CASE',
targetedFlags: [
{
key: 'value1',
defaultValue: false,
},
{
key: 'value2',
defaultValue: 'test default',
},
],
});
Parameter Reference
| Parameter | Type | Description |
|---|---|---|
sdkKeyName | string | The name of the sdk key parameter to be loaded from environment variables. |
sourceKeyStyle | number | The naming convention used by the plugin source. ex. SCREAMING_SNAKE_CASE |
targetedFlags | array | The definition of all targeted flags to be loaded by the plugin. |
Adding targeted flags to the Config Dug schema
[!IMPORTANT] The ConfigCat plugin exports a custom type
targetedConfigCatFlagSchemaThat can be used to define targeted flags within the schema. This is a custom zod definition that matches function definition returned by this plugin and should be used for all targeted flags.
const schema = {
CONFIG_CAT_SDK_KEY: z.string(),
value1: {
schema: targetedConfigCatFlagSchema,
description: 'Targeted ConfigCat config boolean',
sensitive: false,
},
};
Adding the plugin to Config Dug
The ConfigCat plugin can be added to the plugins array in config dug constructor. Keep in mind the plugin load order dictates which values will be used.
const configDug = new ConfigDug(schema, {
plugins: [configCatPlugin],
printConfig: true,
});
Complete example
const schema = {
CONFIG_CAT_SDK_KEY: z.string(),
value1: {
schema: z.string(),
description: 'Non-targeted ConfigCat string',
sensitive: false,
},
value2: {
schema: targetedConfigCatFlagSchema,
description: 'Targeted ConfigCat value',
sensitive: true,
},
};
const configCatPlugin = new ConfigCatPlugin({
sdkKeyName: 'CONFIG_CAT_SDK_KEY',
sourceKeyStyle: 'SCREAMING_SNAKE_CASE',
targetedFlags: [
{
key: 'value1',
defaultValue: false,
},
{
key: 'value2',
defaultValue: 'test default',
},
],
});
const configDug = new ConfigDug(schema, {
plugins: [configCatPlugin],
printConfig: true,
});
await configDug.load();
const config = configDug.getConfig();
console.log(config.value1); // returns a string value from ConfigCat
console.log(await config.value2({ identifier: 'Some Id Value' })); // returns the targeted flag response
FAQs
A ConfigCat plugin for Config Dug
We found that @config-dug/plugin-config-cat demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Package last updated on 07 Mar 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Introducing Webhook Events for Pull Request Scans
Add real-time Socket webhook events to your workflows to automatically receive pull request scan results and security alerts in real time.
By Jeppe Hasseriis -  Oct 22, 2025
Research
Malicious NuGet Packages Typosquat Nethereum to Exfiltrate Wallet Keys
The Socket Threat Research Team uncovered malicious NuGet packages typosquatting the popular Nethereum project to steal wallet keys.
By Kirill Boychenko -  Oct 22, 2025