Security News
Meet Socket at Black Hat Europe and BSides London 2025
Socket is heading to London! Stop by our booth or schedule a meeting to see what we've been working on.
By Anders Søndergaard - Nov 11, 2025
Confi
Confi loads configuration data from yaml, json or from a package.json with support for NODE_ENV overrides.
Installation
npm install confi
or
yarn add confi
Usage
Note: confi() is an async method.
Note: Default configuration directory is ./conf/
Configuration files that start with default are loaded and merged together. This allows you to split up configuration logic into smaller files.
You can create a file that matches NODE_ENV which will apply it's values on top of anything set in default. This allows you to create configuration for production and development environments.
User specific configuration can be created as well by placing config files in a users directory inside of the config directory.
./conf/default.yaml
title: 'Example Site'
site:
name: '{{ title }} - DEV'
updateEvery: '{{ ms("1h") }}
appId: '{{ getEnv("APP_ID", '09830948029384') }}'
shot: false
./conf/users/han.json
{
"shot": true
}
./conf/production.yaml
site:
name: '{{ title }}'
updateEvery: '{{ getEnv("UPDATE_EVERY", ms("1h")) }}'
Basic
const confi = require('confi');
async function startApp() {
const config = await confi();
console.log(config.site.name); // Example Site - DEV
console.log(config.appId); // 09830948029384
console.log(config.updateEvery); // 3600000
console.log(config.shot); // false
}
startApp();
User
const confi = require('confi');
async function startApp() {
const config = await confi({
user: 'han'
});
console.log(config.site.name); // Example Site - DEV
console.log(config.appId); // 09830948029384
console.log(config.updateEvery); // 3600000
console.log(config.shot); // true
}
startApp();
Environment
// imagine process.env.UPDATE_EVERY is 10000
const confi = require('confi');
async function startApp() {
const config = await confi({
env: 'production'
});
console.log(config.site.name); // Example Site
console.log(config.appId); // 09830948029384
console.log(config.updateEvery); // 10000
console.log(config.shot); // true
}
startApp();
For more examples, see the test directory.
Options
confi([options])
path- Supply an alternate path to load config from. Default:process.env.CONFI_PATHor./confenv- Manually set the envitonment. Default:devuserPath- Path for user overrides. Default:./conf/userscontext- Advanced option to pass additional information tovarsonfor parsing configs.helpers- Additional helper methods to expose.user- Which user shall the user config be loaded for.
Helpers
Confi comes with a set of helper methods. You can find documentation for them here.
A First + Third Project
FAQs
a simple configuration library
We found that confi demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Package last updated on 19 Feb 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
OWASP 2025 Top 10 Adds Software Supply Chain Failures, Ranked Top Community Concern
OWASP’s 2025 Top 10 introduces Software Supply Chain Failures as a new category, reflecting rising concern over dependency and build system risks.
By Sarah Gooding - Nov 08, 2025
Research
/Security News
9 Malicious NuGet Packages Deliver Time-Delayed Destructive Payloads
Socket researchers discovered nine malicious NuGet packages that use time-delayed payloads to crash applications and corrupt industrial control systems.
By Kush Pandya - Nov 06, 2025