Security News
Research
Supply Chain Attack on Rspack npm Packages Injects Cryptojacking Malware
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
ackee-node-logger
Advanced tools
First step is to create a root logger. Its configuration can be specified on creation and it will be used for all other loggers created.
const logger = require('ackee-node-logger');
// or
const logger = require('ackee-node-logger')();
const logger = require('ackee-node-logger')({
disableFields: ['error.stack'],
enableFields: ['req.protocol']
});
Note: If you want to specify custom configuration it must be done in the first require of ackee-node-logger
. Otherwise, default configuration will be used.
See Options for a list of possible options.
After you create a root logger, you may use it or you can create a child logger.
const databaseLogger = require('ackee-node-logger')('database')
The only difference between root logger and a child logger is that the child logger will print its name in each log message.
Logger itself is an enhanced and specifically configured pino
instance, so you may use all basic pino
log methods
logger.info('hello world')
logger.error('this is at error level')
logger.info('the answer is %d', 42)
logger.info({ obj: 42 }, 'hello world')
logger.info({ obj: 42, b: 2 }, 'hello world')
logger.info({ obj: { aa: 'bbb' } }, 'another')
All pino
levels are supported and additionaly there is a warning
level which is equivalent to warn
level.
Default minimal log level is debug
.
All loglevels up to warning (exclusive) - trace, debug and info - are logged to stdout
only.
All loglevels from warning up (inclusive) - warning, error, fatal - are logged to stderr
only.
ackee-node-logger
contains an express middleware which you can use to log all requests and responses of your express application.
Usage:
const express = require('express');
const logger = require('ackee-node-logger');
const app = express();
// or
const router = express.Router();
app.use(logger.express)
// or
router.use(logger.express)
By default, it will log all incoming requests in debug
level, all outcoming responses with out
property in debug
level and all outcoming responses without out
property on info
level.
If you use it together with logger's error express middleware, it will also log all errors in error
level.
app.use(logger.expressError)
All those log messages will contain request and possibly response, error, time from request to response and status code.
ackee-node-logger
is meant to be used throughout different environments (development, testing, production) and some of its configuration is setup differently based on the environment it runs in.
If the NODE_ENV
environment variable is set to test
, all logs are turned off (minimal loglevel is set to silent
which effectively turns logging off).
Standard pino log is used and it's optimized for Google Stackdriver logging. That means that default log level is debug
, pretty print is turned off and pino's messageKey
option is set to message
.
Options override both default logger configuration and environment-specific configuration. However, do not forget to specify it during the first ackee-node-logger
. During it, root logger is created and it cannot be changed later.
defaultLevel
- set logger's minimal loglevel (default is debug
)disableFields
- list of paths which will be omitted from the objects being logged (if any)enableFields
- list of paths which will not be omitted by default serializers from objects being loggedignoredHttpMethods
- list of HTTP methods which will not be logged by express logging middleware at all. Defaults to ['OPTIONS']
streams
- list of stream objects, which will be passed directly to pino-multistream's multistream function instead of default ackee-node-logger
streampretty
- if set to true
, logger will use pino pretty human-readable logs. This option can be overriden by streams
config
- object, which will be passed to underlying logger object. Right now, underlying logger is pino, so for available options see pino API docsackee-node-logger
defines some pino serializers on its own
error
- logs message
, code
, stack
and data
fieldsprocessEnv
- logs NODE_PATH
and NODE_ENV
req
- logs body
, query
, url
, method
and omits password
and passwordCheck
from body
and query
res
- logs out
and time
This problem is caused by a way VS Code handles console output. Therefore it appears in Winston and pino (underlying library of ackee-node-logger) as well.
However, it can be easily solved by adding eithe
"console": "integratedTerminal",
or
"outputCapture": "std"
to the debug configuration in your launch.json
file.
FAQs
Ackee Node Logger
The npm package ackee-node-logger receives a total of 3 weekly downloads. As such, ackee-node-logger popularity was classified as not popular.
We found that ackee-node-logger demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.
Security News
Sonar’s acquisition of Tidelift highlights a growing industry shift toward sustainable open source funding, addressing maintainer burnout and critical software dependencies.