![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
@thi.ng/logger
Advanced tools
Readme
[!NOTE] This is one of 189 standalone projects, maintained as part of the @thi.ng/umbrella monorepo and anti-framework.
🚀 Help me to work full-time on these projects by sponsoring me on GitHub. Thank you! ❤️
Types & basis infrastructure for arbitrary logging (w/ default impls).
The types & implementations provided by this package are used in various places throughout the thi.ng/umbrella ecosystem and can be swapped out on demand to customize users' needs.
All loggers based on this basic framework provided by this package support the
following LogLevel
s
(in order of importance):
FINE
DEBUG
INFO
WARN
SEVERE
Logging calls targetting lower levels than configured in the logger will be ignored.
The following logger implementations are provided:
ConsoleLogger
: writes output to console
MemoryLogger
: writes output to in-memory journalNULL_LOGGER
: no-op logger, suppresses all outputLog messages can contain any number & types of arguments. No-arg functions can be provided as message arg to avoid evaluation of potentially costly message formatting for suppressed log levels. For example:
import { ConsoleLogger, LogLevel } from "@thi.ng/logger";
const logger = new ConsoleLogger("app", LogLevel.INFO);
const name = "thi.ng";
// eager (standard) arg evaluation
logger.info(`hello, ${name}`);
// [INFO] app: hello, thi.ng
// eager (standard) arg evaluation, but suppressed output
logger.debug("result is", 23 + 42);
// lazy arg evaluation
logger.info("result is", () => 23 + 42);
// [INFO] app: result is 65
STABLE - used in production
Search or submit any issues for this package
yarn add @thi.ng/logger
ES module import:
<script type="module" src="https://cdn.skypack.dev/@thi.ng/logger"></script>
For Node.js REPL:
const logger = await import("@thi.ng/logger");
Package sizes (brotli'd, pre-treeshake): ESM: 695 bytes
None
TODO
If this project contributes to an academic publication, please cite it as:
@misc{thing-logger,
title = "@thi.ng/logger",
author = "Karsten Schmidt",
note = "https://thi.ng/logger",
year = 2016
}
© 2016 - 2024 Karsten Schmidt // Apache License 2.0
FAQs
Unknown package
The npm package @thi.ng/logger receives a total of 1,332 weekly downloads. As such, @thi.ng/logger popularity was classified as popular.
We found that @thi.ng/logger demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.