Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@tinkoff/env-validators
Advanced tools
Tiny library with validators for env variables
npm i --save @tinkoff/env-validators
or
yarn add @tinkoff/env-validators
(value: string) => boolean | string;
Returns any boolean (true or false) if value is valid, string with error otherwise
import { isUrl } from '@tinkoff/env-validators';
isUrl('https://google.com'); // false
isUrl('Not valid url'); // 'URL is not valid'
import { isNumber } from '@tinkoff/env-validators';
isNumber('https://google.com'); // value is not a number
isNumber('5'); // true
import { isTrue } from '@tinkoff/env-validators';
isTrue('something'); // value is not a true
isTrue('true'); // true
import { isFalse } from '@tinkoff/env-validators';
isFalse('true'); // value is not a false
isFalse('false'); // true
import { isOneOf } from '@tinkoff/env-validators';
isOneOf(['1', '2', '3'])('isOneOf'); // value is not in list
isOneOf(['1', '2'])('1'); // true
isOneOf(['true', 'false'])('true'); // true
import { startsWith } from '@tinkoff/env-validators';
startsWith('https')('http://google.com'); // value should starts with https
startsWith('http')('http://yandex.ru'); // true
import { endsWith } from '@tinkoff/env-validators';
endsWith('/')('https://google.com'); // value should ends with /
endsWith('/')('http://yandex.ru/'); // true
or to validate ENV variable in @tramvai
import { provide } from '@tramvai/core';
import { isUrl } from '@tinkoff/env-validators';
import { ENV_USED_TOKEN } from '@tramvai/module-common';
providers: [
provide({
provide: ENV_USED_TOKEN,
multi: true,
useValue: [
{ key: 'TINKOFF_API', validator: isUrl },
],
}),
]
To combine two or more validators call combineValidators
method like this:
import { endsWith, isUrl, combineValidators } from '@tinkoff/env-validators';
combineValidators([isUrl, endsWith('/')])('https://google.com'); // 'value should ends with /'
combineValidators([isUrl, endsWith('/')])('not url but with backslash/'); // 'URL is not valid'
combineValidators([isUrl, endsWith('/')])('not url at all'); // 'URL is not valid; value should ends with /'
combineValidators([isUrl, endsWith('/')])('https://google.com/'); // false
or to validate ENV variable in @tramvai
import { provide } from '@tramvai/core';
import { endsWith, isUrl, combineValidators } from '@tinkoff/env-validators';
import { ENV_USED_TOKEN } from '@tramvai/module-common';
providers: [
provide({
provide: ENV_USED_TOKEN,
multi: true,
useValue: [
{ key: 'TINKOFF_API', validator: combineValidators([isUrl, endsWith('/')]) },
],
}),
]
FAQs
Lightweighted validators library
The npm package @tinkoff/env-validators receives a total of 1,035 weekly downloads. As such, @tinkoff/env-validators popularity was classified as popular.
We found that @tinkoff/env-validators demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.