package-config - npm Package Compare versions

Comparing version 0.1.0 to 5.0.0

index.js

@@ -1,40 +0,55 @@
-var path = require('path');
-var fs = require('fs');
-var  PackageConfig = {
-  load: function(packageFile) {
-    if (packageFile === undefined) {
-      packageFile = this.getStandardPackageFile();
-    }
-    // sets default NODE_ENV to development if not defined
-    if (process.env.NODE_ENV === undefined) {
-      process.env.NODE_ENV = 'development';
-    }
-    try {
-      var packageContent = fs.readFileSync(packageFile);
-      var parsed = JSON.parse(packageContent);
-      
-      if (typeof parsed.config === "object") {
-        var expectedConfig = parsed.config[process.env.NODE_ENV];
-        if (expectedConfig !== undefined && typeof expectedConfig === "object") {
-          return expectedConfig;
-        } else {
-          throw new Error('package.json does not have config information');
-        }
-      } else {
-        throw new Error('package.json does not have config information');
-      }
-    } catch(err) {
-      throw new Error('Error loading package.json file: ' + err.message);
-    }
-  },
-  /**
-   * Returns the package.json that is in the same dir of the file that required fhis module
-   * @return {String} the expected package.json file location.
-   */
-  getStandardPackageFile: function () {
-    var requester = module.parent.filename;
-    return path.dirname(requester) + "/package.json";
+import path from 'node:path';
+import {findUp, findUpSync} from 'find-up-simple';
+import {loadJsonFile, loadJsonFileSync} from 'load-json-file';
 
-  }
+const filePaths = new WeakMap();
+const findNextCwd = packagePath => path.resolve(path.dirname(packagePath), '..');
+
+const addFilePath = (object, filePath) => {
+	filePaths.set(object, filePath);
+	return object;
 };
-module.exports = PackageConfig;
+
+export async function packageConfig(namespace, options = {}) {
+	if (!namespace) {
+		throw new TypeError('Expected a namespace');
+	}
+
+	const filePath = await findUp('package.json', options.cwd ? {cwd: options.cwd} : {});
+
+	if (!filePath) {
+		return addFilePath({...options.defaults}, filePath);
+	}
+
+	const packageJson = await loadJsonFile(filePath);
+
+	if (options.skipOnFalse && packageJson[namespace] === false) {
+		return packageConfig(namespace, {...options, cwd: findNextCwd(filePath)});
+	}
+
+	return addFilePath({...options.defaults, ...packageJson[namespace]}, filePath);
+}
+
+export function packageConfigSync(namespace, options = {}) {
+	if (!namespace) {
+		throw new TypeError('Expected a namespace');
+	}
+
+	const filePath = findUpSync('package.json', options.cwd ? {cwd: options.cwd} : {});
+
+	if (!filePath) {
+		return addFilePath({...options.defaults}, filePath);
+	}
+
+	const packageJson = loadJsonFileSync(filePath);
+
+	if (options.skipOnFalse && packageJson[namespace] === false) {
+		return packageConfigSync(namespace, {...options, cwd: findNextCwd(filePath)});
+	}
+
+	return addFilePath({...options.defaults, ...packageJson[namespace]}, filePath);
+}
+
+export function packageJsonPath(config) {
+	return filePaths.get(config);
+}

package.json

 {
-  "name": "package-config",
-  "version": "0.1.0",
-  "description": "Node.js config loader based on package.json file.",
-  "main": "index.js",
-  "scripts": {
-    "test": "mocha test -R spec --colors --bail"
-  },
-  "repository": {
-    "type": "git",
-    "url": "https://github.com/leorossi/node-package-config.git"
-  },
-  "keywords": [
-    "package.json",
-    "config",
-    "environments"
-  ],
-  "author": "Leonardo Rossi <leonardo.rossi@gmail.com>",
-  "license": "MIT",
-  "bugs": {
-    "url": "https://github.com/leorossi/node-package-config/issues"
-  },
-  "homepage": "https://github.com/leorossi/node-package-config",
-  "devDependencies": {
-    "should": "^4.4.2"
-  }
+	"name": "package-config",
+	"version": "5.0.0",
+	"description": "Get namespaced config from the closest package.json",
+	"license": "MIT",
+	"repository": "sindresorhus/package-config",
+	"funding": "https://github.com/sponsors/sindresorhus",
+	"author": {
+		"name": "Sindre Sorhus",
+		"email": "sindresorhus@gmail.com",
+		"url": "https://sindresorhus.com"
+	},
+	"type": "module",
+	"exports": {
+		"types": "./index.d.ts",
+		"default": "./index.js"
+	},
+	"sideEffects": false,
+	"engines": {
+		"node": ">=18"
+	},
+	"scripts": {
+		"test": "xo && ava && tsd"
+	},
+	"files": [
+		"index.js",
+		"index.d.ts"
+	],
+	"keywords": [
+		"json",
+		"read",
+		"parse",
+		"file",
+		"fs",
+		"graceful",
+		"load",
+		"package",
+		"config",
+		"configuration",
+		"object",
+		"namespace",
+		"namespaced"
+	],
+	"dependencies": {
+		"find-up-simple": "^1.0.0",
+		"load-json-file": "^7.0.1"
+	},
+	"devDependencies": {
+		"ava": "^5.3.1",
+		"tsd": "^0.29.0",
+		"xo": "^0.56.0"
+	},
+	"fixture": {
+		"foo": true
+	}
 }

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

No bug tracker

Maintenance

Package does not have a linked bug tracker in package.json.

Found 1 instance in 1 package

No repository

Supply chain risk

Package does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.

Found 1 instance in 1 package

No website

Quality

Package does not have a website.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

8922

increased by41.8%

Lines of code

119

increased by30.77%

Number of lines in readme file

99

increased by102.04%

Number of low supply chain risk alerts

1

decreased by-80%

Is type module

Yes

Worsened metrics

Dependency count

2

increased byInfinity%

Dev dependency count

3

increased by200%

Number of package files

5

decreased by-50%

Number of low maintenance alerts

1

increased byInfinity%

Number of medium supply chain risk alerts

2

increased byInfinity%

Dependency changes

• + Addedfind-up-simple@^1.0.0

• + Addedload-json-file@^7.0.1

• + Addedfind-up-simple@1.0.0(transitive)

• + Addedload-json-file@7.0.1(transitive)