npmpackage.info

Gathering detailed insights and metrics for node-config-yaml

Other packages similar to node-config-yaml

node-yaml-config

1.0.0

Write your configuration files for node.js in yaml

@yutengjing/eslint-config-basic

1.7.1

eslint config for ts + react project

@yutengjing/eslint-config-typescript

1.7.1

eslint config for typescript project

node-config-loader

3.1.0

Scan directories and loads json and yaml files

node-config-yaml

Simple Yaml Config for Node.js

0.1.4

MIT

JavaScript

221.50 kB

5,110 1.7

Installations

npm install node-config-yaml

Developer Guide

BETA

Typescript

No

Module System

CommonJS

Node Version

9.10.1

NPM Version

5.6.0 Score

61.8

Supply Chain

93.5

Quality

72.3

Maintenance

Vulnerability

97.6

License

Pull Requests

Open

0

Total

0

Closed

0

Issues

Open

0

Total

0

Closed

0

Releases

Unable to fetch releases

Contributors

Unable to fetch Contributors

View all 1 contributors

Languages

JavaScript

JavaScript (100%)

Love this project? Help keep it running — sponsor us today! 🚀

Developer

Cryden

Download Statistics

Total Downloads

5,110

Last Day

Last Week

Last Month

Last Year

1,253

GitHub Statistics

28 Commits

1 Watching

1 Branches

1 Contributors

Bundle Size

803.35 kB

Minified

221.50 kB

Minified + Gzipped

Bundlephobia

Maintainers

Package Meta Information

Latest Version

0.1.4

Package Id

node-config-yaml@0.1.4

Unpacked Size

28.12 kB

Size

7.68 kB

File Count

NPM Version

5.6.0

Node Version

9.10.1

Total Downloads

Cumulative downloads

Total Downloads

5,110

Last day

Compared to previous day

Last week

-60%

Compared to previous week

Last month

5.4%

Compared to previous month

Last year

97.9%

1,253

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

js-yaml lodash moment path shelljs yargs

Dev Dependencies

coveralls decache mocha nyc should sinon snazzy standard

Versions

node-config-yml

Yaml Config for Node.js

Install

$ yarn add node-config-yaml

$ npm install node-config-yaml

Usage

Use config for yaml config files in Node.js projects. For example you might have a project with the following config.yml file in the project dir.

1
2app:
3    url: http://myapp.com/home
4    cache: redis
5
6db:
7    location: mysql-db-prod
8

This config can be accessed like this.

1
2var config = require('node-config-yaml').load();
3
4console.log(config.app.url);
5console.log(config.app.cache);
6console.log(config.db.location);
7

You can might use:

1
2var config = require('node-config-yaml')
3
4.load() // load config from config.yml in root project directory
5.load('file') // load config from .yml file
6.load('dir') // load all .yml files in directory to config
7.load(['dir', 'file']) // load .yml files from sources to config
8.load(['some_sources'], { root: 'root_file_name' }) // load .yml files from sources to config with root_file_name as root (default: config)
9

Substitution

You can substitute variables in the config.yml like this.

1
2dns: myapp.com
3
4app:
5    url: http://${dns}/home
6    cache: redis
7
8db:
9    location: mysql-db-prod
10

This config would yield the following.

1
2console.log(config.app.url);
3
4// outputs - http://myapp.com/home
5

Config Folder

Instead of having a file named config.yml with all of your environment settings in place, you could have a config folder at the root level of your project. This module will read in every .yml file, and return an object that looks like:

1{
2    [file-name]: [parsed-file-contents],
3    ...,
4}

if you need to do cross-file referencing, you can, via dot-notation:

1# file `a.yml`
2foo: bar

1#file `b.yml`
2baz: ${a.foo}

will get you

1{
2    a: {foo: 'bar'},
3    b: {baz: 'bar'}
4}

with root options:

1# file `a.yml`
2foo: bar

1#file `b.yml`
2baz: ${foo}

will get you

1.load(['a.yml', 'b.yml'], { root: 'a' }
2
3{
4    foo: 'bar',
5    b: {baz: 'bar'}
6}

Environment Specific Settings

Based on an Environment ID, you can designate specific override settings for different types of environments. First you have to specify your Environment ID. You can do so in one of several ways. The first Environment ID that is found in the following order wins.

--env command line argument
--${static-environment} command line argument
ENVIRONMENT_ID process environment setting
git branch name with regex filtering

Static Environments

To understand this better let's first talk about Static Environments. These are environments that have their own environment specific settings or Environment Overrides. Not necessarily all environments have their own environment specific settings, but those that do should be defined as Static Environments in the config.yml as follows:

1
2environments:
3    static:
4        - dev
5        - test
6        - prod
7

Keys as environments

The other approach you can take is to have top level keys that only consist of your environments.

Using a single config.yml file

setup your config.yml as follows:

1dev:
2    # ...
3test:
4    # ...
5prod:
6    # ...

Using a Config folder.

Your filenames determine the keys, so your directory could be set as follows:

config/dev.yml
config/test.yml
config/prod.yml

Environment ID: --env Argument

Set the Environment ID using --env command line argument.

node app.js --env feature-xyz

This is often helpful when running gulp tasks.

gulp deploy --env feature-xyz

Environment ID: --${static-environment} Argument

For Static Environments set the Environment ID using the static environment id as an argument.

gulp deploy --prod

Environment ID: ENVIRONMENT_ID

Set the Environment ID using ENVIRONMENT_ID process environment variable.

export ENVIRONMENT_ID=feature-xyz

Environment ID: git branch

If an Environment ID is not found using one of the other methods, it will use the git branch for the current project folder. This branch can be filtered using regex. Let's say your current branch is Features/ISSUE-123-feature-xyz, and you have the following setting in your config.yml.

1
2branchRegex: Features/ISSUE-\d+-((\w|-)+)
3

The Environment ID will be feature-zyz. If no branchRegex is given the branch name will be taken as is.

Environment ID Substitution

The Environment ID can be substituted into the config.yml. Let's say you have an Environment ID feature-xyz and the following config.yml.

1dns: ${envId}.myapp.com
2
3app:
4    url: http://${dns}/home
5    cache: redis
6
7db:
8    location: MYSQL-DB-${ENVID}

This will yield the following:

1var config = require('node-config-yaml').load();
2
3console.log(config.dns);          // feature-xyz.myapp.com
4console.log(config.app.url);      // http://feature-xyz.myapp.com
5console.log(config.db.location);  // MYSQL-DB-FEATURE-XYZ
6

Environment Overrides

For Static Environments, settings can be overridden for that specific environment. For example, with the following config.yml:

1dns: ${envId}.myapp.com
2
3app:
4    url: http://${dns}/home
5    cache: redis
6
7db:
8    location: MYSQL-DB-${ENVID}
9
10prod:
11    app:
12        url: https://${dns}
13    db:
14        location: DB-${ENVID}
15

and the following app.js file:

1var config = require('node-config-yaml').load();
2
3console.log(config.dns);
4console.log(config.app.url);
5console.log(config.app.cache);
6console.log(config.db.location);
7

the following command:

node app.js --prod

would output the following:

prod.myapp.com
https://prod.myapp.com
redis
MYSQL-DB-PROD

Credits:

config-yml

https://github.com/Nordstrom/config

No vulnerabilities found.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

License

Determines if the project has defined a license.

0

SAST

Determines if the project uses static code analysis.

0

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Maintained

Determines if the project is "actively maintained".

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Security-Policy

Determines if the project has published a security policy.

0

Fuzzing

Determines if the project uses fuzzing.

0

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

63 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-6chw-6frg-f759
Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw
Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
Warn: Project is vulnerable to: GHSA-cwfw-4gq5-mrqx
Warn: Project is vulnerable to: GHSA-g95f-p29q-9xw4
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-9vvw-cc9w-f27h
Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
Warn: Project is vulnerable to: GHSA-h6ch-v84p-w6p9
Warn: Project is vulnerable to: GHSA-4gmj-3p3h-gm8h
Warn: Project is vulnerable to: GHSA-qrmc-fj45-qfc2
Warn: Project is vulnerable to: GHSA-qh2h-chj9-jffq
Warn: Project is vulnerable to: GHSA-q42p-pg8m-cqh6
Warn: Project is vulnerable to: GHSA-w457-6q6x-cgp9
Warn: Project is vulnerable to: GHSA-62gr-4qp9-h98f
Warn: Project is vulnerable to: GHSA-f52g-6jhx-586p
Warn: Project is vulnerable to: GHSA-2cf5-4w76-r9qv
Warn: Project is vulnerable to: GHSA-3cqr-58rm-57f8
Warn: Project is vulnerable to: GHSA-g9r4-xpmj-mj65
Warn: Project is vulnerable to: GHSA-q2c6-c6pm-g3gh
Warn: Project is vulnerable to: GHSA-765h-qjxv-5f44
Warn: Project is vulnerable to: GHSA-f2jv-r9rf-7988
Warn: Project is vulnerable to: GHSA-44pw-h2cw-w3vq
Warn: Project is vulnerable to: GHSA-jp4x-w63m-7wgm
Warn: Project is vulnerable to: GHSA-c429-5p7v-vgjp
Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
Warn: Project is vulnerable to: GHSA-2pr6-76vf-7546
Warn: Project is vulnerable to: GHSA-8j8c-7jfh-h6hx
Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
Warn: Project is vulnerable to: GHSA-282f-qqgm-c34q
Warn: Project is vulnerable to: GHSA-6c8f-qphg-qjgp
Warn: Project is vulnerable to: GHSA-4xc9-xhrj-v574
Warn: Project is vulnerable to: GHSA-x5rq-j2xg-h7qm
Warn: Project is vulnerable to: GHSA-jf85-cpcp-j695
Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-hxm2-r34f-qmc5
Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m
Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
Warn: Project is vulnerable to: GHSA-fhjf-83wg-r2j9
Warn: Project is vulnerable to: GHSA-8hfj-j24r-96c4
Warn: Project is vulnerable to: GHSA-wc69-rhjr-hc9g
Warn: Project is vulnerable to: GHSA-w9mr-4mfr-499f
Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
Warn: Project is vulnerable to: GHSA-6g33-f262-xjp4
Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-4g88-fppr-53pp
Warn: Project is vulnerable to: GHSA-4jqc-8m5r-9rpr
Warn: Project is vulnerable to: GHSA-4rq4-32rv-6wp6
Warn: Project is vulnerable to: GHSA-64g7-mvw6-v9qj
Warn: Project is vulnerable to: GHSA-mf6x-7mm4-x2g7
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-xc7v-wxcw-j472
Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh
Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp

Score

1.7

/10

Last Scanned on 2025-02-03

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More