{"id":14155528,"url":"https://github.com/strong-config/node","last_synced_at":"2025-08-06T01:31:41.101Z","repository":{"id":35146263,"uuid":"202177396","full_name":"strong-config/node","owner":"strong-config","description":"💪 Simple \u0026 Secure Config Management for Node.js 💪","archived":false,"fork":false,"pushed_at":"2023-10-18T01:37:49.000Z","size":1769,"stargazers_count":35,"open_issues_count":4,"forks_count":2,"subscribers_count":5,"default_branch":"master","last_synced_at":"2024-11-29T10:19:13.778Z","etag":null,"topics":["configuration-management","dotenv","javascript","node","secrets-management"],"latest_commit_sha":null,"homepage":"https://strong-config.dev","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/strong-config.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-08-13T15:51:42.000Z","updated_at":"2024-05-08T16:26:13.000Z","dependencies_parsed_at":"2024-08-17T08:16:46.671Z","dependency_job_id":null,"html_url":"https://github.com/strong-config/node","commit_stats":{"total_commits":331,"total_committers":8,"mean_commits":41.375,"dds":"0.42900302114803623","last_synced_commit":"7c1e0b39c32b72e8d1e0d5fabcaa65b44064da5d"},"previous_names":[],"tags_count":82,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/strong-config%2Fnode","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/strong-config%2Fnode/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/strong-config%2Fnode/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/strong-config%2Fnode/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/strong-config","download_url":"https://codeload.github.com/strong-config/node/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":228821405,"owners_count":17977166,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["configuration-management","dotenv","javascript","node","secrets-management"],"created_at":"2024-08-17T08:03:46.946Z","updated_at":"2024-12-09T02:31:25.900Z","avatar_url":"https://github.com/strong-config.png","language":"TypeScript","funding_links":[],"categories":["node"],"sub_categories":[],"readme":"\u003c!-- markdownlint-disable MD013 MD026 MD033 MD034 --\u003e\n\n# 💪 Strong Config\n\nhttps://strong-config.dev\n\n![Continuous Integration](https://github.com/strong-config/node/workflows/Continuous%20Integration%20Checks/badge.svg)\n[![Coverage Status](https://coveralls.io/repos/github/strong-config/node/badge.svg?branch=master)](https://coveralls.io/github/strong-config/node?branch=master)\n\n## Have you ever...\n\n❓ ...struggled with config drift between local, staging, prod?\n\n❓ ...forgot to update the production config after updating the development config?\n\n❓ ...forgot to tell your teammates to update their local `.env` files after you made a change?\n\n❓ ...worried about leaking secrets by accidentally pushing your `.env` files to GitHub?\n\n❓ ...wished you could nest config values in your `.env` just like in a JavaScript object?\n\n❓...had a CI build fail due to environment variable issues?\n\n## Strong Config is here to help!\n\n✅ **Commit your configs to version-control** safely and easily, for all your environments\n\n✅ **Define your config in JSON or YAML** instead of `.env` files\n\n✅ **Nest your values** for clearly structured config files\n\n✅ **Validate your config against a [JSON Schema](https://json-schema.org/)** to catch config errors early\n\n✅ **Encrypt your secrets with strong cryptography**. Fully encrypted at rest and only decrypted in-memory at runtime.\n\n✅ **Safeguard your config through git hooks**. Ensure config is both valid and encrypted before committing and pushing.\n\n✅ **Easy integration with the most popular cloud key management services** [AWS KMS](https://aws.amazon.com/kms/), [Google Cloud KMS](https://cloud.google.com/kms/), and [Azure Key Vault](https://azure.microsoft.com/en-us/services/key-vault/). Powered by [Mozilla's SOPS](https://github.com/mozilla/sops).\n\n✅ **Enforce environment-specific permissions** via your KMS. Decide who can encrypt and decrypt configs for which environments. For example, you could allow _all_ engineers to decrypt your staging config, but restrict the production config to fewer people.\n\n✅ **Auto-generate TypeScript types for your config** (requires a [JSON Schema](https://json-schema.org))\n\n\u003cbr\u003e\n\n## Example config before encryption\n\n```yaml\n# A top-level config value which will be available to your application as `config.logger`\nlogger:\n # A nested value which will be available as `config.logger.level`\n level: DEBUG\n\nauth:\n apiClientId: non-secret-client-id\n # A secret. Every key with a 'Secret' suffix will be encrypted by Strong Config (e.g. 'encryptMeSecret')\n apiSecret: top-secret-api-credential\n\n# A dynamic value that will be substituted at runtime with the value of the environment variable $SHELL\nshell: ${SHELL}\n```\n\n## Example config after encryption\n\n```yaml\nlogger:\n # This value remains as is because it doesn't have a 'Secret' suffix\n level: DEBUG\n\nauth:\n apiClientId: non-secret-client-id\n # This is now encrypted and safe to commit into version control :)\n apiSecret: ENC[AES256_GCM,data:aeQ+hlVIah7WyJoVR/Jbkb6GLH7ihsV0D81+U++pkiWD0zeoRL/Oe9Q3Tz6j/TNvKKVDnohIMyw3UVjELOuSY+A==,iv:nVRZWogV4B7o=,tag:KrE2jssfP4uCvqq+pc/JyQ==,type:str]\n\n# Also still the same value which will be substituted only at runtime\nshell: ${SHELL}\n\n# The below section is auto-generated by sops and contains important metadata to\n# decrypt the config at runtime. Do not manually edit or delete this section.\nsops:\n gcp_kms:\n - resource_id: projects/my-project/locations/europe-west2/keyRings/my-project-key-ring/cryptoKeys/my-strong-config-key\n created_at: '2020-01-07T10:11:12Z'\n enc: AiAAmdAgj1dw1XdD2MsVpvmA4Deo867hmcX2B3NDhe9BCF2axuZ18hJJFK9oBlE1BrD70djwqi+L8T+NRNVnGUP+1//w8cJATAfJ8W/cQZFcdFTqjezC+VYv9xYI8i1bRna4xfFo/INIJtFDR38ZH1nrQg==\n lastmodified: '2020-01-07T10:11:12Z'\n mac: ENC[AES256_GCM,data:ABcd1EF2gh3IJKl4MNOpQr5stuvWXYz6sBCDEfGhIjK=,iv:A1AaAAAaa111a1Aa111AA/aaaAaaAAaa+aAaAaAAAaA=,tag:AAaaA1a1aaaAa/aa11AaaA==,type:str]\n encrypted_suffix: Secret\n version: 3.5.0\n```\n\n\u003cbr\u003e\n\n## Quickstart\n\nFor the full documentation, check https://strong-config.dev. Here's a short teaser:\n\n1. **Install `@strong-config/node` and the SOPS binary.**\n\n ```sh\n npm install @strong-config/node\n # or\n yarn add @strong-config/node\n ```\n\n **Sidenote: The Sops Binary**\n After package installation, Strong Config automatically runs a `postinstall` script that checks for availability of the sops binary on your system. If it can't find the sops binary, it will try to download it to `node_modules/.bin/sops` which is always part of `$PATH` when you `yarn run` or `npm run` scripts.\n Alternatively, you can also install sops globally via `brew install sops` (macOS). For other systems check the [official sops releases on GitHub](https://github.com/mozilla/sops/releases).\n\n1. **Create a config file**\n\n ```sh\n # By default, strong-config uses the ./config folder.\n # You can configure this to be a different folder via the options\n mkdir config\n\n # We'll use YAML here, but this could also JSON\n echo \"myFirstConfig: strong\" \u003e config/development.yml\n echo \"myFirstSecret: a development secret\" \u003e\u003e config/development.yml\n ```\n\n1. **Load config in your application code**\n\n ```js\n /* src/config.js */\n\n const StrongConfig = require('@strong-config/node')\n\n // Instantiate StrongConfig, then decrypt and load config file\n const config = new StrongConfig().getConfig()\n\n // This will print \"{ myFirstConfig: 'strong' }\" to the console\n console.log(config)\n\n /*\n * OPTIONAL (but recommended)\n * Call `new StrongConfig()` just once in your application, then export the memoized config for other files to use.\n * If you call `new StrongConfig()` again from another file, it would still work, but would re-instantiate a new\n * StrongConfig instance and load the config file from disk again which is slower than loading it from memory.\n */\n module.exports = config\n ```\n\n1. **Run your app**\n\n `strong-config` relies on the `NODE_ENV` environment variable to determine which config file\n to load. For example, setting `NODE_ENV=development` will load `./config/development.yaml`\n\n ```sh\n # Set the environment variable\n NODE_ENV=development yarn start # or `NODE_ENV=development npm start\n ```\n\n If you used our example code from the previous step, the config should now be\n printed to the terminal 💪.\n\n1. **Check [the Strong Config website](https://strong-config.dev) for more documentation**\n\n Check out the full documentation on https://strong-config.dev to learn how to:\n\n - Encrypt your config\n - Validate your config against a schema\n - Generate TypeScript types for your config\n\n ...and more :)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstrong-config%2Fnode","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fstrong-config%2Fnode","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstrong-config%2Fnode/lists"}