Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
guard-env
Advanced tools
Changelog
0.0.2
guardEnv
incorrectly assigned types for environment variables based on the first object in the setConfig
parameter.Readme
Guard-env is a Node.js module for type-checking and guarding environment variables based on specified configurations.
You can install guard-env via npm:
npm install guard-env
import { guardEnv } from 'guard-env';
import 'dotenv/config'; // Don't forget to load environment variables
// Example configuration
const config = {
PORT: Number,
ENABLED: Boolean,
API_KEY: String
};
// Guarding environment variables
const env = guardEnv(process.env, config);
// Accessing type-checked environment variables
console.log(env.PORT); // 3000
console.log(env.ENABLED); // true
console.log(env.API_KEY); // 'secret
// Accessing non-existent variable will throw an error
console.log(env.NON_EXISTENT); // Error: 'NON_EXISTENT' is not defined in 'guard-env' config
Guards the environment variables based on the provided configuration and returns a proxy object with type-checked values.
env
: The Node.js process environment variables.setConfig
: The configuration object specifying the expected types for each environment variable.Returns a proxy object with type-checked values.
Throws an Error if:
Configuration is empty.
const env = guardEnv(process.env, {});
console.log(env);
// Error: Configuration is empty
A variable is not defined in the environment.
PORT=3000
const config = {
PORT: Number,
ENABLED: Boolean
};
const env = guardEnv(process.env, config);
console.log(env.ENABLED);
// Error: 'ENABLED' is not defined in 'guard-env' config
An unsupported type is specified in the configuration. Throws a TypeError if a variable is not of the expected type (number, boolean, or string).
PORT=THREE_THOUSAND
ENABLED=ON
const config = {
PORT: Number,
ENABLED: Boolean
};
const env = guardEnv(process.env, config);
console.log(env.PORT);
// TypeError: 'PORT' is not of type number
console.log(env.ENABLED);
// TypeError: 'ENABLED' is not of type boolean
An unsupported type is specified in the configuration.
const config = {
DATE: Date
};
const env = guardEnv(process.env, config);
console.log(env.DATE);
// Error: 'Date' type is not supported
Check out the examples directory for more usage examples.
This project is licensed under the MIT License - see the LICENSE file for details.
FAQs
Guard-env is a Node.js module for type-checking and guarding environment variables based on specified configurations.
The npm package guard-env receives a total of 4 weekly downloads. As such, guard-env popularity was classified as not popular.
We found that guard-env demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.