Security News
How Threat Actors are Abusing GitHub’s File Upload Feature to Host Malware
GitHub is susceptible to a CDN flaw that allows attackers to host malware on any public repository.
varstream
Advanced tools
Readme
VarStream is a data storage and exchange format.
VarStream :
VarStream allows you to configure your projects in a clear and readable way. Since VarStream is merge friendly, it is particularly usefull for loading multilevel configuration files without erasing previously set contents.
Imagine this sample configuration file:
# Server
server.domain=example.com
server.protocols.+=http
server.protocols.+=https
server.databases.+.host=db1.example.com
server.databases.*.username=db1
server.databases.+.host=db2.example.com
server.databases.*.username=db2
server.cache.size=2048
# HTML document
document.scripts.+.uri=//ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
document.scripts.+.uri=//ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js
You could easily override some of its contents by loading this specific configuration file next to him:
# Append my custom dev TLD
server.domain+=.local
# Support 1 more protocol
server.protocols.+=ws
# Reset DB and set my local one
server.databases.!.host=localhost
server.databases.*.username=db1
# Increase cache size (8 times)
server.cache.size*=8
# Use local scripts
document.scripts.0.uri=javascript/jquery.js
document.scripts.1.uri=javascript/jquery-ui.js
The same goes for internationalization files. You could load a language file and augment it with a locale file.
VarStreams particularly suits with the JavaScript messaging systems. Communicate through different JavaScript threads (or over the Network) has never been so simple.
This is particularly usefull for data driven applications.
Compared to JSON, VarStreams brings nice formatting with often less weight.
## How to use With NodeJs :
// Synchronous API
var cnt = fs.ReadFileSync('test2.dat', {encoding: 'utf-8'});
// Parse VarStream content
var obj = VarStream.parse(cnt);
// Get an Object content as a VarStream
cnt = VarStream.stringify(obj);
// Streaming
var VarStream = require('varstream');
var fs = require('fs');
var scope = {}; // The root scope
var myVarStream=new VarStream(scope, 'prop');
// Reading var stream from a file
fs.createReadStream('test.dat').pipe(myVarStream)
.on('end', function () {
// Piping VarStream to a file
myVarStream.pipe(fs.createWriteStream('test2.dat'));
});
In the browser, you can use browserify or directly VarStreamReader and VarStreamWriter constructors.
## CLI Usage VarStream comes with two CLI utilities, to use them, install VarStream globally:
npm install -g varstream
# Convert JSON datas to VarStream
json2varstream path/to/input.json > path/to/ouput.dat
# Convert VarStreams datas to JSON
varstream2json path/to/input.dat > path/to/ouput.json
## Contributing/Testing The VarStream JavaScript library is fully tested. If you want to contribute, test your code before submitting, just run the following command with NodeJS dependencies installed :
npm test
## Contributors
## License This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/
FAQs
Stream variables beetween 2 JavaScript threads (client/server, ipc, worker/main thread).
The npm package varstream receives a total of 116,532 weekly downloads. As such, varstream popularity was classified as popular.
We found that varstream demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub is susceptible to a CDN flaw that allows attackers to host malware on any public repository.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.