
Research
/Security News
DuckDB npm Account Compromised in Continuing Supply Chain Attack
Ongoing npm supply chain attack spreads to DuckDB: multiple packages compromised with the same wallet-drainer malware.
fastify-config-loader
Advanced tools
$ npm install fastify-config-loader --save
const fastify = require('fastify')()
const configs = require('fastify-config-loader')
fastify.register(configs, { path: '[CONFIGS_DIRECTORY_PATH]' })
fastify.get('/', async (request, reply) => {
console.log('Configs:', fastify.Configs) // => returns configs object
return { hello: 'world' }
})
You have to put config files into CONFIGS_DIRECTORY_PATH
which will pass as a path
option into the plugin options. The directory includes json files which seperated with a dot for different environments.
- configs direcroy:
|_ configs.json
|_ configs.staging.json
|_ configs.production.json
The main config file is configs.json
and base on different environments other files will be marge into it.
for example if I set NODE_ENV=production
the production config file will be concat to main configs file and returns as an object into my application.
You can also add a configs.js
file to the configs directory. which will help to modify configs from json files with same keys. for example:
configs.json
{
"cors_whitelist": [
"localhost:3000",
"localhost:5000"
]
}
configs.js
module.exports = {
cors_whitelist: (data) => {
// data will return localhost:3000 and localhost:5000 in an array
return data
}
}
FAQs
Fastify Config Loader
The npm package fastify-config-loader receives a total of 4 weekly downloads. As such, fastify-config-loader popularity was classified as not popular.
We found that fastify-config-loader demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Ongoing npm supply chain attack spreads to DuckDB: multiple packages compromised with the same wallet-drainer malware.
Security News
The MCP Steering Committee has launched the official MCP Registry in preview, a central hub for discovering and publishing MCP servers.
Product
Socket’s new Pull Request Stories give security teams clear visibility into dependency risks and outcomes across scanned pull requests.