{"id":14985572,"url":"https://github.com/johnhunter/yaml2csp","last_synced_at":"2026-03-27T04:58:02.857Z","repository":{"id":248307539,"uuid":"828338237","full_name":"johnhunter/yaml2csp","owner":"johnhunter","description":"A node CLI utility for converting a yaml file to a CSP header value.","archived":false,"fork":false,"pushed_at":"2024-07-14T11:53:13.000Z","size":17,"stargazers_count":1,"open_issues_count":1,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-02-20T05:34:19.621Z","etag":null,"topics":["cli","csp","yaml"],"latest_commit_sha":null,"homepage":"https://www.npmjs.com/package/@johnhunter/yaml2csp","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/johnhunter.png","metadata":{"files":{"readme":"readme.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-07-13T20:37:38.000Z","updated_at":"2024-07-14T16:43:04.000Z","dependencies_parsed_at":"2024-07-13T21:45:41.661Z","dependency_job_id":"1665068a-acbc-4c45-a628-4ee1318bc700","html_url":"https://github.com/johnhunter/yaml2csp","commit_stats":{"total_commits":10,"total_committers":1,"mean_commits":10.0,"dds":0.0,"last_synced_commit":"49d6ce9df9f23568acfdc663856bf50d0f42c77e"},"previous_names":["johnhunter/yaml2csp"],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/johnhunter%2Fyaml2csp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/johnhunter%2Fyaml2csp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/johnhunter%2Fyaml2csp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/johnhunter%2Fyaml2csp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/johnhunter","download_url":"https://codeload.github.com/johnhunter/yaml2csp/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243364732,"owners_count":20279211,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cli","csp","yaml"],"created_at":"2024-09-24T14:11:13.812Z","updated_at":"2025-12-29T02:22:03.504Z","avatar_url":"https://github.com/johnhunter.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# yaml2csp\n\nA node CLI utility for converting a yaml file to a [CSP](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) header value.\n\n## Motivation\n\nCSP header values are often complex and it is useful to format these for\nreadability. However, http header values need to be a single line string.\nBy using yaml as a format we can include structure and comments.\n\nThese strings can then be used in http header configuration for servers and\nreverse-proxies.\n\n## Usage\n\n1. Create your CSP yaml file\n2. Install and run the utility\n   - Either: `npx @johnhunter/yaml2csp parse \u003cyaml file\u003e`\n   - Or:\n     - `npm install -g @johnhunter/yaml2csp`\n     - Then `yaml2csp parse \u003cyaml file\u003e`\n3. Copy result from the console (or specify an output file with `-o`)\n\n## Example\n\n### Yaml source file:\n\n```yaml\nframe-ancestors:\n  - 'self'\n  - 'https://www.coolwebsite.com'\n\ndefault-src:\n  - 'self' # we can use comments!!\n  - 'https://*.foo.com'\n\nscript-src:\n  - 'self'\n  - 'unsafe-eval'\n  - 'blob:'\n  - 'https://www.coolwebsite.com'\n  - 'https://*.another-website.com'\n\nimg-src:\n  - 'data:'\n  - '*'\n```\n\n### Generated output:\n\n```text\nframe-ancestors 'self' https://www.coolwebsite.com; default-src 'self' https://*.foo.com; script-src 'self' 'unsafe-eval' blob: https://www.coolwebsite.com https://*.another-website.com; img-src data: *\n```\n\n## Resources\n\n- MDN documentation for [CSP concepts](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) and the [http header syntax](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy)\n- https://cspvalidator.org - validate the output string for correctness\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjohnhunter%2Fyaml2csp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjohnhunter%2Fyaml2csp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjohnhunter%2Fyaml2csp/lists"}