Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
wild-config
Advanced tools
Opinionated configuration management module for Node.js daemon applications.
--config=/etc/app.toml
wild-config tries to load configuration in the following order (missing files are skipped, except the one provided by --config
argument). Values are merged.
NODE_CONFIG_PATH
environment value or --config
argument valueAPPCONF_*
prefixed environment variablesIf you want to use a different configuration directory than './config' for default configuration files, then set it with the
NODE_CONFIG_DIR
environment variable
When using environment variables to provide config values, only such keys are merged that already exist in the configuration object, so you have to define a default value in the config file. Use underscores instead of dots for subkeys. Note that all underscores are interpreted as dots when parsing, which means keys with underscores can't be overriden with environment variables.
Example config/default.toml:
[server]
apiPort=3000
Override server.apiPort
value with the following environment variable:
APPCONF_server_apiPort=80
This resolves into the following config structure:
{
server: {
apiPort: 80
}
}
Like with the environment variables, when using command-line arguments to provide config values, only such keys are merged that already exist in the configuration object. For subkeys, use dot notation. Value type (numbers, booleans, and strings are supported) is defined by existing value.
Example config/default.toml:
[server]
enabled=false
Override server.enabled
value with the following command-line argument:
node app.js --server.enabled=true
server.enabled
is defined as a boolean in the config file, so the overridden value is also going to be true
as a boolean and not "true"
as a string.
wild-config toml includes additional options when working with toml
Use the following syntax to include an additional config file in the place of the directive.
# @include "/path/to/sub/config.toml"
This directive also works in a nested object.
[nested]
# @include "/path/to/sub/config.toml"
You can also use wildcards to load data from multiple files.
# @include "/path/to/sub/*.toml"
# @include "/path/to/sub/**/*.toml"
Notes
@include
is placed before or after the declaration{ENV}
is replaced in all file paths by the NODE_ENV valueIf you are running your app as a service daemon, you can load configuration from a config file using the --config
argument. These values are loaded and merged with the default values.
[Service]
WorkingDirectory=/opt/app
ExecStart=/usr/bin/node index.js --config=/etc/app.toml
const config = require('wild-config');
console.log(config.server.enabled);
--config
does not override root.config
value (if it even exists). This argument is used only for defining the configuration file path.MIT
FAQs
Configuration management module
The npm package wild-config receives a total of 271 weekly downloads. As such, wild-config popularity was classified as not popular.
We found that wild-config demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.