Security News
The Risks of Misguided Research in Supply Chain Security
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.
leajs-server
Advanced tools
extendable, configuration based http server.
npm install --save leajs-server
# cli
usage: leajs <options> (config file)
options:
-w, --watch restart server on changes in config
-p, --prod sets NODE_ENV to "production"
--port [port] opens server on [port]
config file is optional and defaults to "leajs.config.[js|json|coffee|ts]"
in "server/" and "/"
// in node
Leajs = require("leajs-server")
// available options
// name (String) Default:"leajs.config" Name of the configuration file
// watch (Boolean) Starts the server in watch mode
// config (Object) Overwrites configuration file
Leajs(options)
.then((leajs) => {
// finished
leajs.close() // returns promise
})
.catch((e) => {
// got some error
})
Read by read-conf, from ./
or ./server/
by default.
module.exports = {
// namespace for the server e.g. /leajs
base: "", // String
// Disable some of the default plugins
// $item (String) Package name or filepath (absolute or relative to cwd) of plugin
disablePlugins: null, // Array
// Default file to serve when in folder
index: "index.html", // String
// Listen object for httpServer
// type: Object
listen: {
// Hostname for listening
// Default: if inProduction then "localhost" else null
host: null, // String
// Port or socket to listen to
// Default: if process.env.LISTEN_FDS then {fd: 3} else 8080
port: null, // [Object, Number]
},
// Leajs plugins to load
// type: Array
// $item (String) Package name or filepath (absolute or relative to cwd) of plugin
plugins: ["leajs-files","leajs-folders","leajs-encoding","leajs-cache","leajs-locale","leajs-eventsource","leajs-redirect"],
// Custom respond function for quick debugging or testing
respond: null, // [Function, Array]
// Level of logging
verbose: 1, // Number
// …
}
module.exports = {
respond: (req) => {
// req.request raw request object
if (req.url == "/hello"){
req.body = "hello world!"
}
}
}
You should read the (short) docs of the bold ones.
Activated by default:
Installed and activated manually
Copyright (c) 2018 Paul Pflugradt Licensed under the MIT license.
FAQs
extendable, configuration based http server
The npm package leajs-server receives a total of 3 weekly downloads. As such, leajs-server popularity was classified as not popular.
We found that leajs-server demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.