{"id":30270884,"url":"https://github.com/cryden/node-config-yaml","last_synced_at":"2026-04-14T00:02:25.214Z","repository":{"id":102585220,"uuid":"126450253","full_name":"Cryden/node-config-yaml","owner":"Cryden","description":"Simple Yaml Config for Node.js","archived":false,"fork":false,"pushed_at":"2018-04-06T19:25:22.000Z","size":189,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"master","last_synced_at":"2025-08-14T19:56:27.990Z","etag":null,"topics":["nodejs","yaml"],"latest_commit_sha":null,"homepage":"https://www.npmjs.com/package/node-config-yaml","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Cryden.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2018-03-23T07:43:16.000Z","updated_at":"2018-04-06T19:25:24.000Z","dependencies_parsed_at":"2023-05-22T19:00:08.883Z","dependency_job_id":null,"html_url":"https://github.com/Cryden/node-config-yaml","commit_stats":null,"previous_names":["cryden/node-config-yml"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/Cryden/node-config-yaml","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Cryden%2Fnode-config-yaml","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Cryden%2Fnode-config-yaml/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Cryden%2Fnode-config-yaml/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Cryden%2Fnode-config-yaml/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Cryden","download_url":"https://codeload.github.com/Cryden/node-config-yaml/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Cryden%2Fnode-config-yaml/sbom","scorecard":{"id":34192,"data":{"date":"2025-08-11","repo":{"name":"github.com/Cryden/node-config-yaml","commit":"212cecc15d17c274f4636ce9c0c02e4fcacf8308"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":1.7,"checks":[{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Code-Review","score":0,"reason":"Found 0/28 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":0,"reason":"65 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-6chw-6frg-f759","Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw","Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw","Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-cwfw-4gq5-mrqx","Warn: Project is vulnerable to: GHSA-g95f-p29q-9xw4","Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-9vvw-cc9w-f27h","Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c","Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq","Warn: Project is vulnerable to: GHSA-h6ch-v84p-w6p9","Warn: Project is vulnerable to: GHSA-4gmj-3p3h-gm8h","Warn: Project is vulnerable to: GHSA-qrmc-fj45-qfc2","Warn: Project is vulnerable to: GHSA-fjxv-7rqg-78g4","Warn: Project is vulnerable to: GHSA-qh2h-chj9-jffq","Warn: Project is vulnerable to: GHSA-q42p-pg8m-cqh6","Warn: Project is vulnerable to: GHSA-w457-6q6x-cgp9","Warn: Project is vulnerable to: GHSA-62gr-4qp9-h98f","Warn: Project is vulnerable to: GHSA-f52g-6jhx-586p","Warn: Project is vulnerable to: GHSA-2cf5-4w76-r9qv","Warn: Project is vulnerable to: GHSA-3cqr-58rm-57f8","Warn: Project is vulnerable to: GHSA-g9r4-xpmj-mj65","Warn: Project is vulnerable to: GHSA-q2c6-c6pm-g3gh","Warn: Project is vulnerable to: GHSA-765h-qjxv-5f44","Warn: Project is vulnerable to: GHSA-f2jv-r9rf-7988","Warn: Project is vulnerable to: GHSA-44pw-h2cw-w3vq","Warn: Project is vulnerable to: GHSA-jp4x-w63m-7wgm","Warn: Project is vulnerable to: GHSA-c429-5p7v-vgjp","Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj","Warn: Project is vulnerable to: GHSA-2pr6-76vf-7546","Warn: Project is vulnerable to: GHSA-8j8c-7jfh-h6hx","Warn: Project is vulnerable to: GHSA-896r-f27r-55mw","Warn: Project is vulnerable to: GHSA-282f-qqgm-c34q","Warn: Project is vulnerable to: GHSA-6c8f-qphg-qjgp","Warn: Project is vulnerable to: GHSA-4xc9-xhrj-v574","Warn: Project is vulnerable to: GHSA-x5rq-j2xg-h7qm","Warn: Project is vulnerable to: GHSA-jf85-cpcp-j695","Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw","Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9","Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm","Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv","Warn: Project is vulnerable to: GHSA-hxm2-r34f-qmc5","Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3","Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m","Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h","Warn: Project is vulnerable to: GHSA-fhjf-83wg-r2j9","Warn: Project is vulnerable to: GHSA-8hfj-j24r-96c4","Warn: Project is vulnerable to: GHSA-wc69-rhjr-hc9g","Warn: Project is vulnerable to: GHSA-w9mr-4mfr-499f","Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9","Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp","Warn: Project is vulnerable to: GHSA-6g33-f262-xjp4","Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6","Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw","Warn: Project is vulnerable to: GHSA-4g88-fppr-53pp","Warn: Project is vulnerable to: GHSA-4jqc-8m5r-9rpr","Warn: Project is vulnerable to: GHSA-4rq4-32rv-6wp6","Warn: Project is vulnerable to: GHSA-64g7-mvw6-v9qj","Warn: Project is vulnerable to: GHSA-mf6x-7mm4-x2g7","Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3","Warn: Project is vulnerable to: GHSA-xc7v-wxcw-j472","Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh","Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-14T19:55:40.005Z","repository_id":102585220,"created_at":"2025-08-14T19:55:40.005Z","updated_at":"2025-08-14T19:55:40.005Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":270661479,"owners_count":24624108,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-16T02:00:11.002Z","response_time":91,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["nodejs","yaml"],"created_at":"2025-08-16T03:06:46.104Z","updated_at":"2026-04-14T00:02:25.164Z","avatar_url":"https://github.com/Cryden.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# node-config-yml\n#### Yaml Config for Node.js\n\n[![Coverage Status](https://coveralls.io/repos/github/Cryden/node-config-yaml/badge.svg?branch=master)](https://coveralls.io/github/Cryden/node-config-yaml?branch=master)\n[![Build Status](https://travis-ci.org/Cryden/node-config-yaml.svg?branch=master)](https://travis-ci.org/Cryden/node-config-yaml)\n\n## Install\n```\n$ yarn add node-config-yaml\n```\nor\n```\n$ npm install node-config-yaml\n```\n\n## Usage\nUse config for yaml config files in Node.js projects.  For example you might have a project with the following\n**config.yml** file in the project dir.\n\n```yaml\n\napp:\n    url: http://myapp.com/home\n    cache: redis\n\ndb:\n    location: mysql-db-prod\n\n```\n\nThis config can be accessed like this.\n\n```javascript\n\nvar config = require('node-config-yaml').load();\n\nconsole.log(config.app.url);\nconsole.log(config.app.cache);\nconsole.log(config.db.location);\n\n```    \nYou can might use:\n\n```javascript\n\nvar config = require('node-config-yaml')\n\n.load() // load config from config.yml in root project directory\n.load('file') // load config from .yml file\n.load('dir') // load all .yml files in directory to config\n.load(['dir', 'file']) // load .yml files from sources to config\n.load(['some_sources'], { root: 'root_file_name' }) // load .yml files from sources to config with root_file_name as root (default: config)\n\n```\n\n## Substitution\nYou can substitute variables in the config.yml like this.\n\n```yaml\n\ndns: myapp.com\n\napp:\n    url: http://${dns}/home\n    cache: redis\n\ndb:\n    location: mysql-db-prod\n\n```\n\nThis config would yield the following.\n\n```javascript\n\nconsole.log(config.app.url);\n\n// outputs - http://myapp.com/home\n\n```\n\n## Config Folder\nInstead of having a file named `config.yml` with all of your environment settings in place, you could have a `config` folder \nat the root level of your project. This module will read in every `.yml` file, and return an object that looks like:\n```javascript\n{\n    [file-name]: [parsed-file-contents],\n    ...,\n} \n```\n\nif you need to do cross-file referencing, you can, via dot-notation:\n```yaml\n# file `a.yml`\nfoo: bar\n```\n```yaml\n#file `b.yml`\nbaz: ${a.foo}\n```\nwill get you\n```javascript\n{\n    a: {foo: 'bar'},\n    b: {baz: 'bar'}\n}\n```\nwith root options:\n\n```yaml\n# file `a.yml`\nfoo: bar\n```\n```yaml\n#file `b.yml`\nbaz: ${foo}\n```\nwill get you\n```javascript\n.load(['a.yml', 'b.yml'], { root: 'a' }\n\n{\n    foo: 'bar',\n    b: {baz: 'bar'}\n}\n```\n\n## Environment Specific Settings\nBased on an Environment ID, you can designate specific override settings for different types of environments.  First\nyou have to specify your Environment ID.  You can do so in one of several ways.  The first Environment ID that is\nfound in the following order wins.\n\n1. [--env command line argument](#Environment-ID:---env-Argument)\n2. [--${static-environment} command line argument](#Environment-ID:---${static-environment}-Argument)\n3. [ENVIRONMENT_ID process environment setting](#Environment-ID:-ENVIRONMENT_ID)\n4. [git branch name with regex filtering](#Environment-ID:-git-branch)\n\n### Static Environments\nTo understand this better let's first talk about Static Environments.  These are environments that have their own\nenvironment specific settings or [Environment Overrides](#Environment-Overrides).  Not necessarily all environments\nhave their own environment specific settings, but those that do should be defined as Static Environments in\nthe config.yml as follows:\n\n```yaml\n\nenvironments:\n    static:\n        - dev\n        - test\n        - prod\n\n```\n\n### Keys as environments\nThe other approach you can take is to have top level keys that only consist of your environments. \n\n#### Using a single config.yml file\nsetup your config.yml as follows:\n```yaml\ndev:\n    # ...\ntest:\n    # ...\nprod:\n    # ...\n```\n\n#### Using a Config folder.\nYour filenames determine the keys, so your directory could be set as follows:\n\n```\nconfig/dev.yml\nconfig/test.yml\nconfig/prod.yml\n```\n\n### Environment ID: --env Argument\nSet the Environment ID using --env command line argument.\n\n```\nnode app.js --env feature-xyz\n```\n\nThis is often helpful when running gulp tasks.\n\n```\ngulp deploy --env feature-xyz\n```\n\n### Environment ID: --${static-environment} Argument\nFor Static Environments set the Environment ID using the static environment id as an argument.\n\n```\ngulp deploy --prod\n```\n\n### Environment ID: ENVIRONMENT_ID\nSet the Environment ID using ENVIRONMENT_ID process environment variable.\n\n```\nexport ENVIRONMENT_ID=feature-xyz\n```\n\n### Environment ID: git branch\nIf an Environment ID is not found using one of the other methods, it will use the git branch for the current project\nfolder.  This branch can be filtered using regex.  Let's say your current branch is `Features/ISSUE-123-feature-xyz`,\nand you have the following setting in your config.yml.\n\n```yaml\n\nbranchRegex: Features/ISSUE-\\d+-((\\w|-)+)\n\n```\n\nThe Environment ID will be `feature-zyz`.  If no branchRegex is given the branch name will be taken as is.\n\n\n### Environment ID Substitution\nThe Environment ID can be substituted into the config.yml.  Let's say you have an Environment ID `feature-xyz` and\nthe following config.yml.\n\n```yaml\ndns: ${envId}.myapp.com\n\napp:\n    url: http://${dns}/home\n    cache: redis\n\ndb:\n    location: MYSQL-DB-${ENVID}\n```\n\nThis will yield the following:\n\n```javascript\nvar config = require('node-config-yaml').load();\n\nconsole.log(config.dns);          // feature-xyz.myapp.com\nconsole.log(config.app.url);      // http://feature-xyz.myapp.com\nconsole.log(config.db.location);  // MYSQL-DB-FEATURE-XYZ\n\n```\n\n### Environment Overrides\n\nFor Static Environments, settings can be overridden for that specific environment.  For example, with the following\nconfig.yml:\n\n```yaml\ndns: ${envId}.myapp.com\n\napp:\n    url: http://${dns}/home\n    cache: redis\n\ndb:\n    location: MYSQL-DB-${ENVID}\n\nprod:\n    app:\n        url: https://${dns}\n    db:\n        location: DB-${ENVID}\n\n```\n\nand the following app.js file:\n\n\n```javascript\nvar config = require('node-config-yaml').load();\n\nconsole.log(config.dns);\nconsole.log(config.app.url);\nconsole.log(config.app.cache);\nconsole.log(config.db.location);\n\n```\n\nthe following command:\n\n```\nnode app.js --prod\n```\n\nwould output the following:\n\n```\nprod.myapp.com\nhttps://prod.myapp.com\nredis\nMYSQL-DB-PROD\n```\n\n## Credits:\n\n[config-yml](https://www.npmjs.com/package/config-yml)\n\n[https://github.com/Nordstrom/config](https://github.com/Nordstrom/config)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcryden%2Fnode-config-yaml","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcryden%2Fnode-config-yaml","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcryden%2Fnode-config-yaml/lists"}