clarity
Advanced tools
Readme
Clarity is a small utility library that is used to provide "deobfuscation" support for your secure data. The library has been created to deal with the fact that configuration information is generally stored in plaintext and saved to repositories such as source control, or centralized configuration stores (at least that is the idea behind sharedconfig. When this happens, it's very easy to accidently leak passwords or other information that should remain hidden.
Clarity makes it possible to store generalized information in these centralized stores, while storing more sensitive information in alternative stores and will reconcile the information at runtime when required.
Let's look at a really simple example first. In this example, we have a url to a CouchDB instance stored in our application code:
var targetUrl = 'http://test:test@damonoehlman.iriscouch.com/clarity-tests',
db = require('nano')(targetUrl);
In the case above, both our username and password have been exposed, which is probably less than ideal. Using clarity though, we can obfuscate the connection string in the code and recreate the actual connection string by combining the information with ENVIRONMENT VARIABLES stored on the machine:
var clarity = require('clarity').use(process.env),
targetUrl = http://test:*****@damonoehlman.iriscouch.com/clarity-tests',
db = require('nano')(clarity.decode(targetUrl));
In the case above, clarity will be looking for a key of test_pass within the configured stores.
FAQs
Simple utility to convert obfuscated strings (primary use case is password urls) into the actual equivalent
The npm package clarity receives a total of 5 weekly downloads. As such, clarity popularity was classified as not popular.
We found that clarity demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A hospital in Mobile, Alabama, agreed to a settlement in a landmark ransomware death lawsuit, but is now reportedly reconsidering the agreement and refusing to pay.
Security News
A new report explores how advancements in LLMs are enhancing cyber threats, including polymorphic malware, personalized spearphishing, and the risk of hijacking customer service bots.
Security News
ESLint has approved an RFC that adds support for TypeScript configuration files, which is aimed at improving the developer experience and recognizing changes in the evolving JavaScript ecosystem.