Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Readme
c11n
is a dead simple configuration loader and parser for node deployments.
It outputs an object that encapsulates unified configuration settings from
environment variables, json files and command line arguments.
Let's consider we have an example.json
file with the following content:
{
"redis": {
"host": "redis.my-great-app.com",
"port": 6379
},
"facebook": {
"id": 123456789,
"key": "myfacebookapikey"
}
}
Drop a few lines into index.js
:
const conf = require('c11n')
conf('./example', { prefix: 'my_app' })
.then((config) => console.log(config))
.catch((error) => console.error(error.stack || error))
Finally, expose settings to env
and argv
as well and run our app:
export my_app_domain=my-great-app.com
export my_app_redis_auth=foobar
export my_app_cookie_secret=foobar
export my_app_cookie_maxAge=365
node ./ --cookie_secret=barfoo --http_port=8080
Output:
{
domain: 'my-great-app.com',
redis: {
auth: 'foobar',
host: 'redis.my-great-app.com',
port: 6379
},
cookie: {
secret: 'barfoo',
maxage: 365
},
facebook: {
id: 123456789,
key: 'myfacebookapikey'
},
http: { port: 8080 }
}
var c11n = require('c11n')
options.prefix Include only those env
variables which are starting with this prefix. Defaults to null
.
options.dir Directory path to try to find and include NODE_ENV
.json. Defaults to null
.
options.dirs An array of directory paths. Each of them will be treated like options.dir.
Gather and merge configuration from env
, additional .json
files and argv
in this order.
c11n
supports both error-first callback
and Promise
APIs.
Note If no file extension provided in a filePath
then .json
will be used.
It's the module.exports
of this package, same as the above-mentioned.
options.prefix Include only those env
variables which are starting with this prefix. Defaults to null
.
Parse configuration from process.env
and return result immediately.
Read and parse configuration from the file at given path
.
Please notice that, it's an async function.
Parse configuration from process.argv
and return result immediately.
This function uses minimist internally for pre-parsing.
Parse configuration from any given object
and return result immediately.
Used internally by other methods of this module.
This function iterates over keys of an object and breaks it into sub-objects along the '.'
s and '_'
s as separator characters.
Leading and trailing separators are ignored, repeating separators are reduced to a single '_'
.
Example
const obj = {
'__redis_port': 6379,
'redis__host': 'localhost',
'domain___': 'my-domain.com',
'http.port': 8080,
'_https...port': 8081
}
console.log(c11n.loadFromObject(obj))
Output:
{
redis: {
port: 6379,
host: 'localhost'
},
domain: 'my-domain.com',
http: { port: 8080 },
https: { port: 8081 }
}
If a key has a value but there are nested settings for the same key, then the original value will be accessible under the special key: '_'
.
Example
const obj = {
domain: 'example.com',
cache: true,
cache_ttl: 1209600,
cache_size: '300mb'
}
console.log(c11n.loadFromObject(obj))
Output:
{
domain: 'example.com',
cache: {
_: true,
ttl: 1209600,
size: '300mb'
}
}
If set to false
then resulting object will be mutable. Defaults to true
.
All the above-mentioned methods are accepting this option.
With npm:
npm install --save c11n
With git:
git clone git://github.com/schwarzkopfb/c11n.git
cd c11n
npm test
FAQs
Dead simple configuration loader and parser for node deployments.
The npm package c11n receives a total of 1 weekly downloads. As such, c11n popularity was classified as not popular.
We found that c11n demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.