Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@stencila/configa
Advanced tools
Application configuration: DRY, flexible and type-safe. Pick any three.
:warning: Configa is in early development. It's been factored out of Sparkla, another project in early development, for more general usage.
npm install --save @stencila/configa
Configa uses Typescript classes to define configuration options. Create a file config.ts
with a single class defining your application configuration e.g.
import { minimum, maximum } from '@stencila/configa/dist/define'
/**
* myapp ${version}: ${description}
*/
export class Config {
/**
* An option that can be a boolean of a string
*/
optionA: boolean | string = 'default-value'
/**
* An option that is not required but has additional validations
*/
@minimum(1)
@maximum(10)
optionA?: number
}
Generate the JSON Schema that will be used at run time to validate and document your application's options:
configa schema
import { collectConfig, helpUsage } from '@stencila/configa/dist/run'
// App config as Typescript for compile time type-checking
import { Config } from './config'
// App config as JSON Schema for run time type-checking and help generation
import configSchema from './config.schema.json'
// Generate a typed configuration object
const { args = [], config } = collectConfig<Config>('myapp', configSchema)
// Generate help from the JSON Schema
if (args.includes('help')) console.log(helpUsage(configSchema))
In your README.md
add comments to indicate where to insert documentation e.g.
<\!-- CONFIGA-TABLE-BEGIN -->
<\!-- CONFIGA-TABLE-END -->
Then run,
configa readme
All configuration options can be set, in descending order of priority, by:
--<value> <value>
CONFIGA_
e.g. CONFIGA_<option>=<value>
.json
or .ini
configuration file, set using the --config
option, or .configarc
by defaultName | Description | Type | Validators | Default |
---|---|---|---|---|
appName | The name of the application.1 | string | undefined | |
configPath | Path to the configuration file to be parsed.2 | string | undefined | |
jsonSchemaPath | Path to the JSON Schema file to be generated.3 | string | undefined | |
readmePath | Path to the README file to be updated. | string | "README.md" |
undefined
then parse the name from the
package name in ./package.json
.undefined
, then will search for a file
config.ts
in the current directory and its
subdirectories.undefined
, then will be the path of the
config file with extension .json.schema
instead of
.ts
.FAQs
Application configuration: DRY, flexible and type-safe
The npm package @stencila/configa receives a total of 10 weekly downloads. As such, @stencila/configa popularity was classified as not popular.
We found that @stencila/configa demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.