Security News
NIST Misses 2024 Deadline to Clear NVD Backlog
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
node-pre-gyp
Advanced tools
The node-pre-gyp package is a tool that allows developers to publish and install Node.js native add-ons from binaries. This eliminates the need for developers to compile their native add-ons from source during installation, simplifying the deployment process and reducing setup time.
Publishing binaries
This command allows developers to publish pre-compiled binary files to a hosting service, making them available for installation. This is useful for distributing Node.js native add-ons without requiring users to compile the code themselves.
node-pre-gyp publish
Installing binaries
This command facilitates the installation of pre-compiled binaries from a remote source. It checks for compatible binaries and downloads them, which speeds up the installation process by avoiding the need for compilation.
node-pre-gyp install
Rebuilding binaries
This command is used to rebuild the native add-on binaries from source. It is useful when pre-compiled binaries are not available or when custom modifications to the binary are needed.
node-pre-gyp rebuild
node-gyp is a cross-platform command-line tool written in Node.js for compiling native addon modules for Node.js. It provides a similar functionality to node-pre-gyp but requires compilation from source, unlike node-pre-gyp which can download pre-compiled binaries.
prebuild is a tool that helps in prebuilding native modules for Node.js. Similar to node-pre-gyp, it supports the installation of pre-compiled binaries. However, prebuild often works in conjunction with prebuild-install and offers a slightly different workflow for managing binary deployments.
prebuildify focuses on creating local prebuilds for native Node.js modules. Unlike node-pre-gyp, which can download binaries from a remote location, prebuildify is designed for bundling the binaries directly with the module, which can be useful for applications that need to work offline or have restricted network access.
The non-configurable configuration loader for lazy people.
The only option is to pass rc the name of your app, and your default configuration.
var conf = require('rc')(appname, {
//defaults go here.
port: 2468,
//defaults which are objects will be merged, not replaced
views: {
engine: 'jade'
}
});
rc
will return your configuration options merged with the defaults you specify.
If you pass in a predefined defaults object, it will be mutated:
var conf = {};
require('rc')(appname, conf);
If rc
finds any config files for your app, the returned config object will have
a configs
array containing their paths:
var appCfg = require('rc')(appname, conf);
appCfg.configs[0] // /etc/appnamerc
appCfg.configs[1] // /home/dominictarr/.config/appname
appCfg.config // same as appCfg.configs[appCfg.configs.length - 1]
Given your application name (appname
), rc will look in all the obvious places for configuration.
${appname}_
appname_foo__bar__baz
=> foo.bar.baz
)--config file
then from that file.${appname}rc
or the first found looking in ./ ../ ../../ ../../../
etc.$HOME/.${appname}rc
$HOME/.${appname}/config
$HOME/.config/${appname}
$HOME/.config/${appname}/config
/etc/${appname}rc
/etc/${appname}/config
All configuration sources that were found will be flattened into one object, so that sources earlier in this list override later ones.
Configuration files (e.g. .appnamerc
) may be in either json or ini format. The example configurations below are equivalent:
ini
; You can include comments in `ini` format if you want.
dependsOn=0.10.0
; `rc` has built-in support for ini sections, see?
[commands]
www = ./commands/www
console = ./commands/repl
; You can even do nested sections
[generators.options]
engine = ejs
[generators.modules]
new = generate-new
engine = generate-backend
json
{
// You can even comment your JSON, if you want
"dependsOn": "0.10.0",
"commands": {
"www": "./commands/www",
"console": "./commands/repl"
},
"generators": {
"options": {
"engine": "ejs"
},
"modules": {
"new": "generate-new",
"backend": "generate-backend"
}
}
}
Comments are stripped from JSON config via strip-json-comments.
Since ini, and env variables do not have a standard for types, your application needs be prepared for strings.
argv
You may pass in your own argv
as the third argument to rc
. This is in case you want to use your own command-line opts parser.
require('rc')(appname, defaults, customArgvParser);
If you have a special need to use a non-standard parser, you can do so by passing in the parser as the 4th argument. (leave the 3rd as null to get the default args parser)
require('rc')(appname, defaults, null, parser);
This may also be used to force a more strict format, such as strict, valid JSON only.
rc
is running fs.statSync
-- so make sure you don't use it in a hot code path (e.g. a request handler)
Multi-licensed under the two-clause BSD License, MIT License, or Apache License, version 2.0
0.6.15
FAQs
Node.js native addon binary install tool
The npm package node-pre-gyp receives a total of 659,011 weekly downloads. As such, node-pre-gyp popularity was classified as popular.
We found that node-pre-gyp demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 8 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.