Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@magic/log
Advanced tools
simple server side logging.
basically console.log + loglevels + process.env awareness
npm install @magic/log
import log from '@magic/log'
// set logLevel to all
log.setLevel('all')
log.setLevel(0)
// logLevel warn
log.setLevel('warn')
log.setLevel(1)
// only log errors:
log.setLevel('error')
log.setLevel(2)
// if production, set logLevel to "warn", if development, "all"
log.resetLevel()
// get current logLevel
log.getLevel()
// only outputs if logLevel === 'all'
log.info('Some interesting yet useless information')
// only outputs if logLevel === 'all'.
// output of first argument is green.
log.success('yay', 'only the first', 'argument was green')
// always outputs. first argument will be red
log.error('ERROR:', 'error messsage')
// outputs if logLevel === 'warn' || 'all'
log.warn('WARN:', 'warn message')
// make a message greyed out
log.annotate('Annotate this message')
// return process.hrtime to use in log.timeTaken
const start = log.hrtime()
// get delta between one hrtime and another
const delta = log.hrtime(start)
// print the s, ms or ns since start
log.timeTaken(start, 'before', 'after')
// logs 'before xns after'
#####v0.0.3 log.error now converts errors for better logging
use ecmascript modules
bump to get this version to be the default for install. 0.1.0-cjs was preferred, but is deprecated.
add log.hrtime and log.timeTaken
require node >= 13.5.0
...
FAQs
enhanced console.log
The npm package @magic/log receives a total of 343 weekly downloads. As such, @magic/log popularity was classified as not popular.
We found that @magic/log demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.