Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
properties-parser
Advanced tools
The properties-parser npm package is a utility for parsing and manipulating .properties files, which are commonly used for configuration in Java applications. It allows you to read, write, and modify properties files in a straightforward manner.
Reading Properties
This feature allows you to read a .properties file and parse its contents into a JavaScript object. The example reads a file named 'config.properties' and logs the parsed properties to the console.
const propertiesParser = require('properties-parser');
const properties = propertiesParser.read('config.properties');
console.log(properties);
Writing Properties
This feature allows you to write a JavaScript object to a .properties file. The example writes an object with two key-value pairs to a file named 'config.properties'.
const propertiesParser = require('properties-parser');
const properties = { key1: 'value1', key2: 'value2' };
propertiesParser.write('config.properties', properties);
Modifying Properties
This feature allows you to modify an existing .properties file by reading it, updating the properties, and writing it back. The example reads 'config.properties', adds a new key-value pair, and writes the updated properties back to the file.
const propertiesParser = require('properties-parser');
let properties = propertiesParser.read('config.properties');
properties.key3 = 'value3';
propertiesParser.write('config.properties', properties);
The dotenv package is used to load environment variables from a .env file into process.env. While it is not specifically for .properties files, it serves a similar purpose in managing configuration settings. Unlike properties-parser, dotenv is more focused on environment variables and is widely used in Node.js applications.
The config package provides a way to manage configuration files in various formats, including JSON, YAML, and .properties. It offers more advanced features like configuration inheritance and environment-specific settings. Compared to properties-parser, it is more versatile and feature-rich, but also more complex.
The nconf package is a hierarchical configuration manager for Node.js, supporting multiple configuration sources such as command-line arguments, environment variables, and files (including .properties files). It offers more flexibility and integration options compared to properties-parser, making it suitable for more complex configuration needs.
A parser for .properties files written in javascript. Properties files store key-value pairs. They are typically used for configuration and internationalization in Java applications as well as in Actionscript projects. Here's an example of the format:
# You are reading the ".properties" entry.
! The exclamation mark can also mark text as comments.
website = http://en.wikipedia.org/
language = English
# The backslash below tells the application to continue reading
# the value onto the next line.
message = Welcome to \
Wikipedia!
# Add spaces to the key
key\ with\ spaces = This is the value that could be looked up with the key "key with spaces".
# Unicode
tab : \u0009
(taken from Wikipedia)
parse(text)
: Parses text
into key-value pairs. Returns an object containing the key-value pairs.read(path[, callback])
: Opens the file specified by path
and calls parse
on its content. If the optional callback
parameter is provided, the result is then passed to it as the second parameter. If an error occurs, the error object is passed to callback
as the first parameter. If callback
is not provided, the file specified by path
is synchronously read and calls parse
on its contents. The resulting object is immediately returned.createEditor([path][, options][, callback]])
: If neither path
or callback
are provided an empty editor object is returned synchronously. If only path
is provided, the file specified by path
is synchronously read and parsed. An editor object with the results in then immediately returned. If both path
and callback
are provided, the file specified by path
is read and parsed asynchronously. An editor object with the results are then passed to callback
as the second parameters. If an error occurs, the error object is passed to callback
as the first parameter. The following options are supported:
options.separator
: The character used to separate key/values. Defaults to "=".options.path
: Treated the same way as the optional path
argument. If both are provided the argument wins.options.callback
: Treated the same way as the optional callback
parameter. If both are provided the argument wins.editorFromString(text[, options])
: creates an Editor
object from the text string passed inEditor
: The editor object is returned by createEditor
. Has the following API:
get(key)
: Returns the value currently associated with key
.set(key, [value[, comment]])
: Associates key
with value
. An optional comment can be provided. If value
is not specified or is null
, then key
is unset.unset(key)
: Unsets the specified key
.save([path][, callback]])
: Writes the current contents of this editor object to a file specified by path
. If path
is not provided, then it'll be defaulted to the path
value passed to createEditor
. The callback
parameter is called when the file has been written to disk.addHeadComment
: Added a comment to the head of the file.toString
: Returns the string representation of this properties editor object. This string will be written to a file if save
is called.The easiest way to get node-properties-parser is with npm:
npm install properties-parser
Alternatively you can clone this git repository:
git://github.com/xavi-/node-properties-parser.git
For type definitions use npm:
npm install --save @types/properties-parser
This project is released under The MIT License.
FAQs
A parser for .properties files written in javascript
The npm package properties-parser receives a total of 99,988 weekly downloads. As such, properties-parser popularity was classified as popular.
We found that properties-parser demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.