Node.js v .env files, import modules, and Permission Model-JS Tutorial-php.cn

Home

Web Front-end

JS Tutorial

Node.js v .env files, import modules, and Permission Model

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Aug 09, 2024 pm 10:37 PM

Node.js v .env files, import modules, and Permission Model

Node.js v20.6 was released with amazing new features that are part of the LTS versions from October 24th, 2023. Let's see!

The INI configuration files

Say goodbye to the dotenv package, now Node.js can load environment variables from a .env file.

node --env-file path/to/.env index.js

? The path to the INI file is required because Node.js didn't choose a default name for the INI file.

? If the INI file doesn't exist the node process didn't fail, just start running without the environment variables.

Loading NODE_OPTIONS

You can load Node.js' specific environment variables (like NODE_OPTIONS) using an INI configuration file like the following example:

NODE_NO_WARNINGS=1
NODE_OPTIONS="--experimental-permission --allow-fs-read=*"
TZ=Pacific/Honolulu
UV_THREADPOOL_SIZE=5

You can use this with the same method:

node --env-file .env index.js

Preload ES modules

Preload ES modules at startup using the --import flag, the module will be loaded before any application code runs, even the entry point.

node --import path/to/file.js index.js

This flag is similar to the well known --require flag used to load CommonJS modules.

? Modules preloaded with --require will run before modules preloaded with --import.

Permission Model

We have a new mechanism to restrict access to specific resources during the execution of a Node.js process called Permission Model. The API exists behind a flag --experimental-permission which, when enabled, will restrict access to all resources not explicitly allowed.

File System permissions

The --allow-fs-read flag allows all FileSystemRead operations using *, or to specific paths using absolute routes.

node --experimental-permission --allow-fs-read=* index.js

To only allow access to specific paths you should use absolute routes

node --experimental-permission --allow-fs-read=/path/to/index.js --allow-fs-read=/path/to/directory index.js

? The initializer module also needs to be allowed. Otherwise index.js file cannot be loaded by the Node.js process itself.

? You can use . to allow access to the working directory, but you can't use it to specify the path to a file (e.g. ./index.js).

node --experimental-permission --allow-fs-read=. index.js

The --allow-fs-write flag allows access to specific paths or the whole file system using *.

node --experimental-permission --allow-fs-read=. --allow-fs-write=/tmp/ index.js

Child Process

When the Permission Model is enabled, the process will not be able to spawn any child process by default, you should use the --allow-child-process to allow this operation. Let's use the following code for the index.js.

const childProcess = require('node:child_process');
childProcess.spawn('node', ['-e', 'require("fs").writeFileSync("./new-file.txt", "Hello, World!")']);

To run this snippet with the Permission Model enabled you should execute index.js using the following command:

node --experimental-permission --allow-fs-read . --allow-child-process index.js

? The child process doesn't inherit the Permission Model by default, that's why the new-file.txt is created successfully.

More options

You can check the --allow-worker flag if you want to create Worker Threads under this Permission Model and --allow-wasi to allow the creation of WASI instances

Conclusion

We have a lot of new tools to load environment variables for our application, a method to import preload ES modules required in our code and a new Permission Model to increase the security of our systems.

Stay tuned to the Node.js' blog, this team is adding awesome features in every version! We have initial TypeScript support and a Network Inspection using the DevTools in v22.6.0.

The above is the detailed content of Node.js v .env files, import modules, and Permission Model. For more information, please follow other related articles on the PHP Chinese website!

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

JavaScript's Core: Is It Built on C or C ?May 05, 2025 am 12:07 AM

JavaScriptisnotbuiltonCorC ;it'saninterpretedlanguagethatrunsonenginesoftenwritteninC .1)JavaScriptwasdesignedasalightweight,interpretedlanguageforwebbrowsers.2)EnginesevolvedfromsimpleinterpreterstoJITcompilers,typicallyinC ,improvingperformance.

JavaScript Applications: From Front-End to Back-EndMay 04, 2025 am 12:12 AM

JavaScript can be used for front-end and back-end development. The front-end enhances the user experience through DOM operations, and the back-end handles server tasks through Node.js. 1. Front-end example: Change the content of the web page text. 2. Backend example: Create a Node.js server.

Python vs. JavaScript: Which Language Should You Learn?May 03, 2025 am 12:10 AM

Choosing Python or JavaScript should be based on career development, learning curve and ecosystem: 1) Career development: Python is suitable for data science and back-end development, while JavaScript is suitable for front-end and full-stack development. 2) Learning curve: Python syntax is concise and suitable for beginners; JavaScript syntax is flexible. 3) Ecosystem: Python has rich scientific computing libraries, and JavaScript has a powerful front-end framework.

JavaScript Frameworks: Powering Modern Web DevelopmentMay 02, 2025 am 12:04 AM

The power of the JavaScript framework lies in simplifying development, improving user experience and application performance. When choosing a framework, consider: 1. Project size and complexity, 2. Team experience, 3. Ecosystem and community support.

The Relationship Between JavaScript, C , and BrowsersMay 01, 2025 am 12:06 AM

Introduction I know you may find it strange, what exactly does JavaScript, C and browser have to do? They seem to be unrelated, but in fact, they play a very important role in modern web development. Today we will discuss the close connection between these three. Through this article, you will learn how JavaScript runs in the browser, the role of C in the browser engine, and how they work together to drive rendering and interaction of web pages. We all know the relationship between JavaScript and browser. JavaScript is the core language of front-end development. It runs directly in the browser, making web pages vivid and interesting. Have you ever wondered why JavaScr

Node.js Streams with TypeScriptApr 30, 2025 am 08:22 AM

Node.js excels at efficient I/O, largely thanks to streams. Streams process data incrementally, avoiding memory overload—ideal for large files, network tasks, and real-time applications. Combining streams with TypeScript's type safety creates a powe

Python vs. JavaScript: Performance and Efficiency ConsiderationsApr 30, 2025 am 12:08 AM

The differences in performance and efficiency between Python and JavaScript are mainly reflected in: 1) As an interpreted language, Python runs slowly but has high development efficiency and is suitable for rapid prototype development; 2) JavaScript is limited to single thread in the browser, but multi-threading and asynchronous I/O can be used to improve performance in Node.js, and both have advantages in actual projects.

The Origins of JavaScript: Exploring Its Implementation LanguageApr 29, 2025 am 12:51 AM

JavaScript originated in 1995 and was created by Brandon Ike, and realized the language into C. 1.C language provides high performance and system-level programming capabilities for JavaScript. 2. JavaScript's memory management and performance optimization rely on C language. 3. The cross-platform feature of C language helps JavaScript run efficiently on different operating systems.

See all articles