Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Configatron makes configuring your applications and scripts incredibly easy. No longer is a there a need to use constants or global variables. Now you can use a simple and painless system to configure your life. And, because it's all Ruby, you can do any crazy thing you would like to!
One of the more important changes to V3 is that it now resembles more a Hash
style interface. You can use []
, fetch
, each
, etc... Actually the hash notation is a bit more robust since the dot notation won't work for a few property names (a few public methods from Configatron::Store
itself).
Add this line to your application's Gemfile:
gem 'configatron'
And then execute:
$ bundle
Or install it yourself as:
$ gem install configatron --pre
Once installed you just need to require it:
require 'configatron'
configatron.email = 'me@example.com'
configatron.database.url = "postgres://localhost/foo"
Now, anywhere in your code you can do the following:
configatron.email # => "me@example.com"
configatron.database.url # => "postgres://localhost/foo"
Voila! Simple as can be.
Now you're saying, what if I want to have a 'default' set of options, but then override them later, based on other information? Simple again. Let's use our above example. We've configured our database.url
option to be postgres://localhost/foo
. The problem with that is that is our production database url, not our development url. Fair enough, all you have to do is redeclare it:
configatron.database.url = "postgres://localhost/foo_development"
becomes:
configatron.email # => "me@example.com"
configatron.database.url # => "postgres://localhost/foo_development"
Notice how our other configuration parameters haven't changed? Cool, eh?
You can configure Configatron from a hash as well (this is particularly useful if you'd like to have configuration files):
configatron.configure_from_hash(email: {pop: {address: 'pop.example.com', port: 110}}, smtp: {address: 'smtp.example.com'})
configatron.email.pop.address # => 'pop.example.com'
configatron.email.pop.port # => 110
# and so on...
As a note, method (configatron.foo
) access will be shadowed by public methods defined on the configatron object. (The configatron object descends from BasicObject
and adds a few methods to resemble the Hash
API and to play nice with puts
, so it should have a pretty bare set of methods.)
If you need to use keys that are themselves method names, you can just use hash access (configatron['foo']
).
The question that should be on your lips is what I need to have namespaced configuration parameters. It's easy! Configatron allows you to create namespaces.
configatron.website_url = "http://www.example.com"
configatron.email.pop.address = "pop.example.com"
configatron.email.pop.port = 110
configatron.email.smtp.address = "smtp.example.com"
configatron.email.smtp.port = 25
configatron.to_h # => {:website_url=>"http://www.example.com", :email=>{:pop=>{:address=>"pop.example.com", :port=>110}, :smtp=>{:address=>"smtp.example.com", :port=>25}}}
Configatron allows you to nest namespaces to your hearts content! Just keep going, it's that easy.
Of course you can update a single parameter n levels deep as well:
configatron.email.pop.address = "pop2.example.com"
configatron.email.pop.address # => "pop2.example.com"
configatron.email.smtp.address # => "smtp.example.com"
Configatron will also let you use a block to clean up your configuration. For example the following two ways of setting values are equivalent:
configatron.email.pop.address = "pop.example.com"
configatron.email.pop.port = 110
configatron.email.pop do |pop|
pop.address = "pop.example.com"
pop.port = 110
end
Sometimes in testing, or other situations, you want to temporarily change some settings. You can do this with the temp
method (only available on the top-level configatron RootStore
):
configatron.one = 1
configatron.letters.a = 'A'
configatron.letters.b = 'B'
configatron.temp do
configatron.letters.b = 'bb'
configatron.letters.c = 'c'
configatron.one # => 1
configatron.letters.a # => 'A'
configatron.letters.b # => 'bb'
configatron.letters.c # => 'c'
end
configatron.one # => 1
configatron.letters.a # => 'A'
configatron.letters.b # => 'B'
configatron.letters.c # => {}
There are times when you want to refer to one configuration setting in another configuration setting. Let's look at a fairly contrived example:
configatron.memcached.servers = ['127.0.0.1:11211']
configatron.page_caching.servers = configatron.memcached.servers
configatron.object_caching.servers = configatron.memcached.servers
if Rails.env == 'production'
configatron.memcached.servers = ['192.168.0.1:11211']
configatron.page_caching.servers = configatron.memcached.servers
configatron.object_caching.servers = configatron.memcached.servers
elsif Rails.env == 'staging'
configatron.memcached.servers = ['192.168.0.2:11211']
configatron.page_caching.servers = configatron.memcached.servers
configatron.object_caching.servers = configatron.memcached.servers
end
Now, we could've written that slightly differently, but it helps to illustrate the point. With Configatron you can create Delayed
and Dynamic
settings.
With Delayed
settings execution of the setting doesn't happen until the first time it is executed.
configatron.memcached.servers = ['127.0.0.1:11211']
configatron.page_caching.servers = Configatron::Delayed.new {configatron.memcached.servers}
configatron.object_caching.servers = Configatron::Delayed.new {configatron.memcached.servers}
if Rails.env == 'production'
configatron.memcached.servers = ['192.168.0.1:11211']
elsif Rails.env == 'staging'
configatron.memcached.servers = ['192.168.0.2:11211']
end
Execution occurs once and after that the result of that execution is returned. So in our case the first time someone calls the setting configatron.page_caching.servers
it will find the configatron.memcached.servers
setting and return that. After that point if the configatron.memcached.servers
setting is changed, the original settings are returned by configatron.page_caching.servers
.
Dynamic
settings are very similar to Delayed
settings, but with one big difference. Every time you call a Dynamic
setting is executed. Take this example:
configatron.current.time = Configatron::Dynamic.new {Time.now}
Each time you call configatron.current.time
it will return a new value to you. While this seems a bit useless, it is pretty useful if you have ever changing configurations.
In some testing scenarios, it can be helpful to restore Configatron to its default state. This can be done with:
configatron.reset!
Even if parameters haven't been set, you can still call them, but you'll get a Configatron::Store
object back. You can use .has_key?
to determine if a key already exists.
configatron.i.dont.has_key?(:exist) # => false
You can also append a !
to the end of any key. If the key exists it will return it, otherwise it will raise a Configatron::UndefinedKeyError
.
configatron.a.b = 'B'
configatron.a.b # => 'B'
configatron.a.b! # => 'B'
configatron.a.b.c! # => raise Configratron::UndefinedKeyError
The configatron
"helper" method is stored in the Kernel
module. You can opt-out of this global monkey-patching by requiring configatron/core
rather than configatron
. You'll have to set up your own Configatron::RootStore
object.
Example:
require 'configatron/core'
store = Configatron::RootStore.new
store.foo = 'FOO'
store.to_h #= {foo: 'FOO'}
Once you have setup all of your configurations you can call the lock!
method to lock your settings and raise an error should anyone try to change settings or access an unset setting later.
Example:
configatron.foo = 'FOO'
configatron.lock!
configatron.foo # => 'FOO'
configatron.bar # => raises Configatron::UndefinedKeyError
configatron.bar = 'BAR' # => raises Configatron::LockedError
Configatron works great with Rails. Use the built-in generate to generate an initializer file and a series of environment files for you to use to configure your applications.
$ rails generate configatron:install
Configatron will read in the config/configatron/defaults.rb
file first and then the environment specific file, such as config/configatron/development.rb
. Settings in the environment file will merge into and replace the settings in the defaults.rb
file.
# config/configatron/defaults.rb
configatron.letters.a = 'A'
configatron.letters.b = 'B'
# config/configatron/development.rb
configatron.letters.b = 'BB'
configatron.letters.c = 'C'
configatron.to_h # => {:letters=>{:a=>"A", :b=>"BB", :c=>"C"}}
git checkout -b my-new-feature
)git commit -am 'Add some feature'
)git push origin my-new-feature
)FAQs
Unknown package
We found that configatron demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.