Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
home-config
Advanced tools
This Node.js module provides an easy way to read and write configuration files in a user's home directory, where many Linux applications store configuration files.
To install it: npm install home-config
The home directory is process.env.HOME
, unless you are on Windows, in which
case it is process.env.USERPROFILE
.
Configuration files are stored in ini format as parsed by
isaacs/ini. key = value
lines work, and
[section]
appears as an object with any properties under it as keys.
Basic usage is to require the module and call .load()
with your desired
config filename:
var cfg = require('home-config').load('.myapprc');
// or
var cfg = require('home-config').load('.myapprc', {
optionName : 'defaultValue'
});
You can make changes then save your config file (but any user comments or indentation will be removed):
cfg.section = {
property : 'x'
};
cfg.save();
// or
cfg.save('some-other-filename');
The following top-level config key names are prohibited and will not be saved or loaded:
save
getAll
__filename
Finally, this package is designed to work with config files in the current
user's home directory, but all filenames are passed to
path.resolve
, so
if you pass an absolute path to .load()
or .save()
then it will be used
as-is.
FAQs
Simple library for managing a config file in a user's home dir.
The npm package home-config receives a total of 1,130 weekly downloads. As such, home-config popularity was classified as popular.
We found that home-config demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.