Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
ih-config
Advanced tools
Readme
A common configuration module to abstract precedence of config options.
ih-config is a lightweight wrapper on top of the https://github.com/flatiron/nconf module, which abstracts access to various configuration stores. Configuration data may come from files, machine environment variables, or the node command line.
var config = require('ih-config');
var foo = config.get('foo');
// nested property access
var bar = config.get('foo:bar');
ih-config supports 3 types of configuration storage, and 4 levels of precedence (listed from highest to lowest precedence):
config
*.config.local.js
takes precedence over*.config.js
Config files must be placed in the root config directory. Files should match for format *.config.js
in order to be included. Additionally, files matching *.config.local.js
are also parsed. Local files take precedence over non-local files. Normally a repo should ignore config/*.local.*
, allowing developers to override properties as needed, without committing those changes to the repository.
Machine environment variables are included in the available configuration data. This is the same set of data normally provided by node under process.env.
Config data may also be set directly from the command line, when starting node. To set a parameter value, prefix it with two dashes, and place an equals sign between the value. For example: --value='hello world' Note that command line parameters take the highest priority.
FAQs
Influence Health common config module
The npm package ih-config receives a total of 1 weekly downloads. As such, ih-config popularity was classified as not popular.
We found that ih-config demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.