Security News
Introducing the Socket Python SDK
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
@verdaccio/config
Advanced tools
The @verdaccio/config
package provides a powerful configuration builder constructor for programmatically creating configuration objects for Verdaccio, a lightweight private npm proxy registry. With this package, users can easily manage various configuration aspects such as package access, uplinks, security settings, authentication, logging, and storage options.
You can install via npm:
npm install @verdaccio/config
To start using @verdaccio/config
, import the ConfigBuilder
class and begin constructing your configuration object:
ConfigBuilder
constructorThe ConfigBuilder
class is a helper configuration builder constructor used to programmatically create configuration objects for testing or other purposes.
import { ConfigBuilder } from '@verdaccio/config';
// Create a new configuration builder instance
const config = ConfigBuilder.build({ security: { api: { legacy: false } } });
// Add package access configuration
configBuilder.addPackageAccess('@scope/*', { access: 'read', publish: 'write' });
// Add an uplink configuration
configBuilder.addUplink('npmjs', { url: 'https://registry.npmjs.org/' });
// Add security configuration
configBuilder.addSecurity({ allow_offline: true });
// Get the configuration object
const config = configBuilder.getConfig();
// Get the configuration yaml text
const config = configBuilder.getAsYaml();
addPackageAccess(pattern: string, pkgAccess: PackageAccessYaml)
: Adds package access configuration.addUplink(id: string, uplink: UpLinkConf)
: Adds an uplink configuration.addSecurity(security: Partial<Security>)
: Adds security configuration.addAuth(auth: Partial<AuthConf>)
: Adds authentication configuration.addLogger(log: LoggerConfItem)
: Adds logger configuration.addStorage(storage: string | object)
: Adds storage configuration.getConfig(): ConfigYaml
: Retrieves the configuration object.getAsYaml(): string
: Retrieves the configuration object as YAML format.getDefaultConfig
This method is available in the package's index and retrieves the default configuration object.
import { getDefaultConfig } from '@verdaccio/config';
const defaultConfig = getDefaultConfig();
fromJStoYAML(config: ConfigYaml): string
: Converts a JavaScript configuration object to YAML format.parseConfigFile(filePath: string): ConfigYaml
: Parses a configuration file from the specified path and returns the configuration object.Verdaccio is MIT licensed
The Verdaccio documentation and logos (excluding /thanks, e.g., .md, .png, .sketch) files within the /assets folder) is Creative Commons licensed.
FAQs
logger
We found that @verdaccio/config demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
Security News
Floating dependency ranges in npm can introduce instability and security risks into your project by allowing unverified or incompatible versions to be installed automatically, leading to unpredictable behavior and potential conflicts.
Security News
A new Rust RFC proposes "Trusted Publishing" for Crates.io, introducing short-lived access tokens via OIDC to improve security and reduce risks associated with long-lived API tokens.