Security News
How Threat Actors are Abusing GitHub’s File Upload Feature to Host Malware
GitHub is susceptible to a CDN flaw that allows attackers to host malware on any public repository.
Package description
The ini npm package is used for parsing .ini files and converting objects to .ini format. It provides a simple interface for working with INI configuration files, which are often used for storing settings in a structured yet readable format. This package allows for easy reading, writing, and manipulation of INI files.
Parse INI string
This feature allows you to parse a string in INI format and convert it into a JavaScript object. The example demonstrates parsing a simple INI formatted string.
"const ini = require('ini');\nconst config = ini.parse('[section]\na=1\nb=2');\nconsole.log(config); // { section: { a: '1', b: '2' } }"
Stringify an object to INI format
This feature converts a JavaScript object into a string in INI format. The example shows how to convert an object with nested properties into an INI formatted string.
"const ini = require('ini');\nconst obj = { section: { a: '1', b: '2' } };\nconst str = ini.stringify(obj);\nconsole.log(str); // '[section]\na=1\nb=2'"
dotenv is a package that loads environment variables from a .env file into process.env. While it serves a different purpose by focusing on environment variables, it shares the concept of managing configuration through a file. Unlike ini, dotenv does not support sections or nested properties.
rc is a configuration package that reads properties from multiple sources, including INI files, environment variables, and command-line arguments. It offers more flexibility in configuration management compared to ini by aggregating settings from various sources, but it might be more complex to use for simple INI file parsing and writing.
config is a more comprehensive configuration management solution that supports multiple file formats, including JSON, YAML, and JavaScript. It is designed for organizing hierarchical configurations for app deployments. While it provides more features and supports more formats than ini, it might be overkill for simple INI file tasks.
Readme
An INI format parser & serializer.
Sections are treated as nested objects.
Section-less items are treated as globals.
Consider an INI file such as the following:
; This comment is being ignored
scope = global
[database]
user = dbuser
password = dbpassword
database = use_this_database
[paths.default]
datadir = /var/lib/data
array[] = first value
array[] = second value
array[] = third value
You can read, modify and write it like so:
import { writeFile , readFile } from 'node:fs/promises'
import { stringify , parse } from 'ini'
// Read INI file as text
let text = await readFile(`./Original.ini`,{
encoding : 'utf-8'
})
// Parse text data to object
const config = parse(text)
// Modify data object
config.scope = 'local'
config.database.database = 'use_another_database'
config.paths.default.tmpdir = '/tmp'
delete config.paths.default.datadir
config.paths.default.array.push('fourth value')
// Stringify data object
text = stringify(config,{
section : 'section'
})
// Write INI file as text
await writeFile(`./Modified.ini`,text)
The written file will contain the following:
[section]
scope=local
[section.database]
user=dbuser
password=dbpassword
database=use_another_database
[section.paths.default]
tmpdir=/tmp
array[]=first value
array[]=second value
array[]=third value
array[]=fourth value
Attempts to turn the given INI string into a nested data object.
// You can also use `decode`
const object = parse(`<INI Text>`)
Encodes the given data object as an INI formatted string.
// You can also use `encode`
stringify(object,{
/**
* Whether to insert spaces before & after `=`
*
* Disabled by default to have better
* compatibility with old picky parsers.
*/
whitespace : false ,
/**
* Whether to align the `=` character for each section.
* -> Also enables the `whitespace` option
*/
align : false ,
/**
* Identifier to use for global items
* and to prepend to all other sections.
*/
section ,
/**
* Whether to sort all sections & their keys alphabetically.
*/
sort : false ,
/**
* Whether to insert a newline after each section header.
*
* The TOSHIBA & FlashAir parser require this format.
*/
newline : false ,
/**
* Which platforms line-endings should be used.
*
* win32 -> CR+LF
* other -> LF
*
* Default is the current platform
*/
platform ,
/**
* Whether to append `[]` to array keys.
*
* Some parsers treat duplicate names by themselves as arrays
*/
bracketedArray : true
})
For backwards compatibility any string passed as the
options parameter is treated as the section
option.
stringify(object,'section')
Turn the given string into a safe to
use key or value in your INI file.
safe(`"unsafe string"`) // -> \"unsafe string\"
Or reverse the process with:
unsafe(`\\"safe string\\"`) // -> "safe string"
FAQs
An ini encoder/decoder for node
The npm package ini receives a total of 36,033,463 weekly downloads. As such, ini popularity was classified as popular.
We found that ini demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub is susceptible to a CDN flaw that allows attackers to host malware on any public repository.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.