Security News
pnpm 10.0.0 Blocks Lifecycle Scripts by Default
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
#rejoice
hapi.js CLI.
Lead Maintainer - Lloyd Benson
Rejoice is a CLI tool for hapi which requires a js/json file with the config. It relies on the composer library called glue (http://github.com/hapijs/glue).
To start it up simply:
rejoice -c app.json
// or using regular JS file
// where app.js must export the config object
rejoice -c app.js
where app.json may look something like:
{
"connections": [
{
"port": 8080,
"routes": {
"timeout": {
"server": 10000
}
},
"load": {
"maxHeapUsedBytes": 1073741824,
"maxRssBytes": 2147483648,
"maxEventLoopDelay": 5000
},
"labels": [
"api",
"http"
]
},
{
"port": 8999,
"labels": [
"admin"
]
}
],
"server": {
"load": {
"sampleInterval": 1000
}
},
"registrations": [
{
"plugin": {
"register": "good",
"options": {
"opsInterval": 5000,
"requestHeaders": true,
"reporters": [{
"reporter": "good-console",
"events": { "response": "*", "ops": "*", "log": "*", "error": "*" }
},
{
"reporter": "good-file",
"events": { "response": "*", "error": "*" },
"config": "/log/response.log"
},
{
"reporter": "good-file",
"events": { "ops": "*" },
"config": "/log/ops.log"
}]
}
}
},
{
"plugin": "lout"
}
]
}
You can specify a specific path to be passed to Glue as the relativeTo
option by using the -p
flag.
rejoice -c app.json -p /full/path/to/project/plugin/dir
This will allow your plugins to use relative paths in the config file. See the example below.
{
"connections": [
{
"port": 8080,
"labels": [
"api",
"http"
]
}
],
"registrations": [
{
"plugin": {
"register": "good",
"options": {
"opsInterval": 5000,
"requestHeaders": true,
"reporters": [{
"reporter": "good-console",
"events": { "response": "*", "ops": "*", "log": "*", "error": "*" }
}]
}
}
},
{
"plugin": "lout"
},
{
"plugin": "./myplugin"
}
]
}
When using regular JS file, you may add preConnections
or preRegister
callbacks. See the example below.
module.exports = {
connections: [ '...' ],
registrations: [ '...' ],
preConnections: function(server, next) {
// your preConnections logic goes here
next();
},
preRegister: function(server, next) {
// your preRegister logic goes here
next();
}
};
For more information about these options, see Glue's API.
If you need a module required before your application is loaded you can use the -r
flag.
rejoice -c app.json -r `module`
Multiple modules can be required by using the -r
flag as many times as needed. This example requires two modules from an implied source of node_modules
.
rejoice -c app.json -r babel/register -r dotenv/config
When using -r
with the -p
flag, the -p
flag takes on an additional meaning. In this case, the -p
specifies the path where the module specified in -r
will be found.
rejoice -c app.json -r `module` -p /base/path/to/required/module
The resulting search path for module
would be /base/path/to/required/module/node_modules
.
To specify both a -p
option to be passed to Glue and specify a path to locate the -r
module use an absolute path for -r
.
rejoice -c app.json -p ./lib -r /absolute/path/to/module
FAQs
hapi.js CLI
The npm package rejoice receives a total of 25 weekly downloads. As such, rejoice popularity was classified as not popular.
We found that rejoice demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.
Research
Security News
Socket researchers have discovered multiple malicious npm packages targeting Solana private keys, abusing Gmail to exfiltrate the data and drain Solana wallets.