envi - npm Package Compare versions
Comparing version 0.0.0 to 0.0.1
| { | ||
| "name": "envi", | ||
| "version": "0.0.0", | ||
| "description": "sets up nconf managed environment data", | ||
| "main": "index.js", | ||
| "scripts": { | ||
| "test": "echo \"Error: no test specified\" && exit 1" | ||
| "version": "0.0.1", | ||
| "description": "an nconf wrapper around conf/env.js & env.json", | ||
| "main": "bin/envi.js", | ||
| "repository": "git@github.com:nicholasf/envi.git", | ||
| "author": "Nicholas Faiz", | ||
| "bin": { | ||
| "envi": "./bin/envi" | ||
| }, | ||
| "repository": "", | ||
| "author": "nicholasf", | ||
| "license": "BSD" | ||
| "license": "BSD", | ||
| "dependencies": { | ||
| "commander": "~1.1.1" | ||
| } | ||
| } |
@@ -1,1 +0,55 @@ | ||
| docs coming | ||
| ## Installation | ||
| ``` | ||
| npm install -g envi | ||
| ``` | ||
| ## Usage | ||
| ``` | ||
| envi | ||
| Done. Now run 'npm install nconf -save' | ||
| ``` | ||
| ## Explanation | ||
| You need configuration vars that are enviromentally specific. You also want them to use nconf goodness (https://github.com/flatiron/nconf). | ||
| Running envi will give you a conf directory that looks like this: | ||
| ``` | ||
| conf/env.js | ||
| conf/env.json | ||
| ``` | ||
| So you can do this in your code: | ||
| ``` | ||
| env = require('./config/env'); | ||
| console.log(env.hello); //outputs I'm dev by default, otherwise reads process.env.NODE_ENV | ||
| ``` | ||
| Where env.json looks like: | ||
| ``` | ||
| { | ||
| "development":{ | ||
| "hello": "I'm dev" | ||
| } | ||
| , "test": { | ||
| "hello": "I'm test" | ||
| } | ||
| , "staging": { | ||
| "hello": "I'm staging" | ||
| } | ||
| , "production": { | ||
| "hello": "I'm production" | ||
| } | ||
| } | ||
| ``` | ||
| Or, leverage nconf coolness: | ||
| ``` | ||
| node myprogram.js --hello "I've been overridden" | ||
| ``` |
New alerts
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
Fixed alerts
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
No tests
QualityPackage does not have any tests. This is a strong signal of a poorly maintained or low quality package.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by179.51%
2619
- Number of low quality alerts
- decreased by-33.33%
2
- Number of lines in readme file
- increased by5400%
55
- Number of low supply chain risk alerts
- decreased by-33.33%
2
Worsened metrics
- Dependency count
- increased byInfinity%
1
- Lines of code
- decreased by-8.33%
22
Dependency changes
+ Addedcommander@~1.1.1
+ Addedcommander@1.1.1(transitive)
+ Addedkeypress@0.1.0(transitive)