Security News
The Unpaid Backbone of Open Source: Solo Maintainers Face Increasing Security Demands
Solo open source maintainers face burnout and security challenges, with 60% unpaid and 60% considering quitting.
The 'conf' npm package is a simple yet powerful configuration management tool for Node.js applications. It allows you to easily store and retrieve configuration data, manage defaults, and handle schema validation. The data is stored in a JSON file, making it easy to read and modify.
Store and Retrieve Configuration Data
This feature allows you to store and retrieve configuration data easily. The data is stored in a JSON file, and you can set and get values using simple methods.
const Conf = require('conf');
const config = new Conf();
// Set a value
config.set('unicorn', '🦄');
// Get a value
console.log(config.get('unicorn'));
//=> '🦄'
Manage Default Values
You can define default values for your configuration settings. If a key is not set, the default value will be returned.
const Conf = require('conf');
const config = new Conf({
defaults: {
foo: 'bar'
}
});
console.log(config.get('foo'));
//=> 'bar'
Schema Validation
You can define a schema for your configuration to ensure that the data meets certain criteria. This helps in maintaining data integrity and consistency.
const Conf = require('conf');
const schema = {
type: 'object',
properties: {
foo: {
type: 'string'
},
bar: {
type: 'number',
minimum: 0
}
}
};
const config = new Conf({ schema });
config.set('foo', 'baz');
config.set('bar', 42);
console.log(config.get('foo'));
//=> 'baz'
console.log(config.get('bar'));
//=> 42
Configstore is another package for managing configuration data in Node.js applications. It provides similar functionality to 'conf', such as storing and retrieving data, managing defaults, and handling schema validation. However, 'conf' offers a more modern API and better TypeScript support.
Node-persist is a simple, zero-dependency, key-value storage library for Node.js. It provides persistent storage for configuration data, similar to 'conf'. However, 'conf' offers more advanced features like schema validation and default values management.
Nconf is a hierarchical configuration manager for Node.js. It supports multiple configuration sources such as command-line arguments, environment variables, and JSON files. While 'nconf' is more flexible in terms of configuration sources, 'conf' is simpler and easier to use for most use cases.
Simple config handling for your app or module
All you have to care about is what to persist. This module will handle all the dull details like where and how.
If you need this for Electron, check out electron-store
instead.
$ npm install conf
const Conf = require('conf');
const config = new Conf();
config.set('unicorn', '🦄');
console.log(config.get('unicorn'));
//=> '🦄'
// Use dot-notation to access nested properties
config.set('foo.bar', true);
console.log(config.get('foo'));
//=> {bar: true}
config.delete('unicorn');
console.log(config.get('unicorn'));
//=> undefined
Changes are written to disk atomically, so if the process crashes during a write, it will not corrupt the existing config.
Returns a new instance.
Type: Object
Type: Object
Default values for the config items.
Note: The values in defaults
will overwrite the default
key in the schema
option.
Type: Object
JSON Schema to validate your config data.
Under the hood, the JSON Schema validator ajv is used to validate your config. We use JSON Schema draft-07 and support all validation keywords and formats.
You should define your schema as an object where each key is the name of your data's property and each value is a JSON schema used to validate that property. See more here.
Example:
const Conf = require('conf');
const schema = {
foo: {
type: 'number',
maximum: 100,
minimum: 1,
default: 50
},
bar: {
type: 'string',
format: 'url'
}
};
const config = new Conf({schema});
console.log(config.get('foo'));
//=> 50
config.set('foo', '1');
// [Error: Config schema violation: `foo` should be number]
Note: The default
value will be overwritten by the defaults
option if set.
Type: string
Default: config
Name of the config file (without extension).
Useful if you need multiple config files for your app or module. For example, different config files between two major versions.
Type: string
Default: The name
field in the package.json closest to where conf
is imported.
You only need to specify this if you don't have a package.json file in your project.
Type: string
Default: System default user config directory
You most likely don't need this. Please don't use it unless you really have to.
Overrides projectName
.
The only use-case I can think of is having the config located in the app directory or on some external storage.
Type: string
Buffer
TypedArray
DataView
Default: undefined
This can be used to secure sensitive data if the encryption key is stored in a secure manner (not plain-text) in the Node.js app. For example, by using node-keytar
to store the encryption key securely, or asking the encryption key from the user (a password) and then storing it in a variable.
In addition to security, this could be used for obscurity. If a user looks through the config directory and finds the config file, since it's just a JSON file, they may be tempted to modify it. By providing an encryption key, the file will be obfuscated, which should hopefully deter any users from doing so.
It also has the added bonus of ensuring the config file's integrity. If the file is changed in any way, the decryption will not work, in which case the store will just reset back to its default state.
When specified, the store will be encrypted using the aes-256-cbc
encryption algorithm.
Type: string
Default: json
Extension of the config file.
You would usually not need this, but could be useful if you want to interact with a file with a custom file extension that can be associated with your app. These might be simple save/export/preference files that are intended to be shareable or saved outside of the app.
Type: boolean
Default: true
The config is cleared if reading the config file causes a SyntaxError
. This is a good default, as the config file is not intended to be hand-edited, so it usually means the config is corrupt and there's nothing the user can do about it anyway. However, if you let the user edit the config file directly, mistakes might happen and it could be more useful to throw an error when the config is invalid instead of clearing. Disabling this option will make it throw a SyntaxError
on invalid config instead of clearing.
Type: Function
Default: value => JSON.stringify(value, null, '\t')
Function to serialize the config object to a UTF-8 string when writing the config file.
You would usually not need this, but it could be useful if you want to use a format other than JSON.
Type: Function
Default: JSON.parse
Function to deserialize the config object from a UTF-8 string when reading the config file.
You would usually not need this, but it could be useful if you want to use a format other than JSON.
Type: string
Default: nodejs
You most likely don't need this. Please don't use it unless you really have to.
Suffix appended to projectName
during config file creation to avoid name conflicts with native apps.
You can pass an empty string to remove the suffix.
For example, on macOS, the config file will be stored in the ~/Library/Preferences/foo-nodejs
directory, where foo
is the projectName
.
Type: boolean
Default: true
Accessing nested properties by dot notation. For example:
const config = new Conf();
config.set({
foo: {
bar: {
foobar: '🦄'
}
}
});
console.log(config.get('foo.bar.foobar'));
//=> '🦄'
Alternatively, you can set this option to false
so the whole string would be treated as one key.
const config = new Conf({accessPropertiesByDotNotation: false});
config.set({
`foo.bar.foobar`: '🦄'
});
console.log(config.get('foo.bar.foobar'));
//=> '🦄'
You can use dot-notation in a key
to access nested properties.
The instance is iterable
so you can use it directly in a for…of
loop.
Set an item.
The value
must be JSON serializable. Trying to set the type undefined
, function
, or symbol
will result in a TypeError.
Set multiple items at once.
Get an item or defaultValue
if the item does not exist.
Check if an item exists.
Delete an item.
Delete all items.
callback
: (newValue, oldValue) => {}
Watches the given key
, calling callback
on any changes. When a key is first set oldValue
will be undefined
, and when a key is deleted newValue
will be undefined
.
callback
: (newValue, oldValue) => {}
Watches the whole config object, calling callback
on any changes. oldValue
and newValue
will be the config object before and after the change, respectively. You must compare oldValue
to newValue
to find out what changed.
Get the item count.
Get all the config as an object or replace the current config with an object:
conf.store = {
hello: 'world'
};
Get the path to the config file.
configstore
?I'm also the author of configstore
. While it's pretty good, I did make some mistakes early on that are hard to change at this point. This module is the result of everything I learned from making configstore
. Mainly where the config is stored. In configstore
, the config is stored in ~/.config
(which is mainly a Linux convention) on all systems, while conf
stores config in the system default user config directory. The ~/.config
directory, it turns out, often have an incorrect permission on macOS and Windows, which has caused a lot of grief for users.
The serialize
and deserialize
options can be used to customize the format of the config file, as long as the representation is compatible with utf8
encoding.
Example using YAML:
const Conf = require('conf');
const yaml = require('js-yaml');
const config = new Conf({
fileExtension: 'yaml',
serialize: yaml.safeDump,
deserialize: yaml.safeLoad
});
MIT © Sindre Sorhus
FAQs
Simple config handling for your app or module
We found that conf demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Solo open source maintainers face burnout and security challenges, with 60% unpaid and 60% considering quitting.
Security News
License exceptions modify the terms of open source licenses, impacting how software can be used, modified, and distributed. Developers should be aware of the legal implications of these exceptions.
Security News
A developer is accusing Tencent of violating the GPL by modifying a Python utility and changing its license to BSD, highlighting the importance of copyleft compliance.