Security News
Supply Chain Attack Detected in Solana's web3.js Library
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
@timberio/tools
Advanced tools
New to Timber? Here's a low-down on logging in Javascript.
@timberio/tools
This library provides helper tools used by the Javascript logger.
Queue<T>
Generic FIFO queue. Used by makeThrottle
to store pipeline functions to be executed as concurrent 'slots' become available. Provides fast retrieval for any primitive or object that needs ordered, first-in, first-out retrieval.
Used to store .log()
Promises that are being batched/throttled.
Usage example
import { Queue } from "@timberio/tools";
// Interface representing a person
interface IPerson {
name: string;
age: number;
}
// Create a queue to store `IPerson` objects
const q = new Queue<IPerson>();
// Add a couple of records...
q.push({ name: "Jeff", age: 50 });
q.push({ name: "Sally", age: 39 });
// Pull values from the queue...
while (q.length) {
console.log(q.shift().name); // <-- first Jeff, then Sally...
}
makeThrottle<T>(max: number)
Returns a throttle
higher-order function, which wraps an async
function, and limits the number of active Promises to max: number
The throttle
function has this signature:
throttle(fn: T): (...args: InferArgs<T>[]) => Promise<InferArgs<T>>
Usage example
import Timber from "@timberio/logger";
import { makeThrottle } from "@timberio/tools";
// Create a new Timber instance
const timber = new Timber("apiKey");
// Guarantee a pipeline will run a max of 2x at once
const throttle = makeThrottle(2);
// Create a basic pipeline function which resolves after 2 seconds
const pipeline = async log =>
new Promise(resolve => {
setTimeout(() => resolve(log), 2000);
});
// Add a pipeline which has been throttled
timber.addPipeline(throttle(pipeline));
// Add 10 logs, and store the Promises
const promises = [];
for (let i = 0; i < 10; i++) {
promises.push(timber.log({ message: `Hello ${i}` }));
}
void (async () => {
void (await promises); // <-- will take 10 seconds total!
})();
makeBatch(size: number, flushTimeout: number)
Creates a higher-order batch function aggregates Timber logs and resolves when either size
# of logs have been collected, or when flushTimeout
(in ms) has elapsed -- whichever occurs first.
This is used alongside the throttler to provide an array of ITimberLog
to the function set in the .setSync()
method, to be synced with Timber.io
Used internally by the @timberio/core Base class
to implicitly batch logs:
// Create a throttler, for sync operations
const throttle = makeThrottle(this._options.syncMax);
// Sync after throttling
const throttler = throttle((logs: any) => {
return this._sync!(logs);
});
// Create a batcher, for aggregating logs by buffer size/interval
const batcher = makeBatch(this._options.batchSize, this._options.batchInterval);
this._batch = batcher((logs: any) => {
return throttler(logs);
});
base64Encode(str: string): string
Node.js only
Converts a plain-text string to a Base64 encoded string. Similar to window.btoa() in the browser.
Used by the logger to convert an API key to Timber's user:password
basic auth.
Usage example:
import { atob } from "@timberio/tools";
console.log(atob("hello world")); // <-- returns "aGVsbG8gd29ybGQ="
FAQs
Javascript logging tools
We found that @timberio/tools demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.