Security News
Cloudflare Adds Security.txt Setup Wizard
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Logging add-on to send logs over HTTP to your server in Node and Browser environments. Works with any logger! Chop up your logs consistently! Made for Cabin and Lad.
Logging add-on to send logs over HTTP to your server in Node and Browser environments. Works with any logger! Chop up your logs consistently! Made for Cabin and Lad.
npm:
npm install axe
yarn:
yarn add axe
<script src="https://unpkg.com/axe"></script>
<script type="text/javascript">
(function() {
var Axe = new Axe({ key: 'YOUR-CABIN-API-KEY' });
axe.info('hello world');
});
</script>
If you're using something like browserify, webpack, or rollup, then install the package as you would with Node above.
We adhere to the Log4j standard. This means that you can use any custom logger (or the default console
), but we strictly support the following log levels:
trace
debug
info
warn
error
fatal
(uses error
)We highly recommend that you follow this approach when logging (message, meta)
:
const message = 'Hello world';
const meta = { beep: 'boop', foo: true };
axe.info(message, meta);
You can also make logs with three arguments (level, message, meta)
:
const level = 'info';
const message = 'Hello world';
const meta = { beep: 'boop', foo: true };
axe.log(level, message, meta);
You should also log errors like this:
const err = new Error('Oops!');
axe.error(err);
To recap: The first argument message
should be a String, and the second meta
should be an optional Object.
If you simply use axe.log
, then the log level used will be info
, but it will still use the logger's native log
method (as opposed to using info
).
If you invoke axe.log
(or any other logging method, e.g. info
), then it will return a consistent value no matter the edge case.
For example, if you log axe.log('hello world')
, it will output with console.log
(or your custom logger's log
method) and return
the Object:
{ message: 'hello world', meta: { level: 'info' } }
And if you were to log axe.info('hello world')
, it will output with console.info
(or your custom logger's info
method) and return
the Object:
{ message: 'hello world', meta: { level: 'info' } }
Lastly if you were to log axe.warn('uh oh!', { amount_spent: 50 })
, it will output with console.warn
(or your custom logger's warn
method) and return
the Object:
{ message: 'uh oh!', meta: { amount_spent: 50, level: 'warn' } }
These returned values will be automatically sent to the endpoint (by default to your Cabin account associated with your API key).
You can also use format specifiers thanks to format-util
and format-specifiers
. To view the full list of format specifiers see https://github.com/nodejs/node/blob/master/doc/api/util.md#utilformatformat-args.
This consistency among server and browser environments is the beauty of Axe – and when used in combination with Cabin, your logs will be beautiful with HTTP request information, user metadata, IP address, User-Agent, and more!
By default a meta.app
property is populated in all logs for you using parse-app-info.
At a glance, here are the properties that are automatically populated for you:
Property | Description |
---|---|
environment | The value of NODE_ENV |
hostname | Name of the computer |
name | Name of the app from package.json |
node | Version if node.js running the app |
pid | Process ID as in process.pid |
version | Version of the app package.json |
Additional properties when the app is in a git repository
Property | Description |
---|---|
hash | git hash of latest commit if the app |
tag | the latest git tag. Property is not available when there is no tag |
const Axe = require('axe');
const axe = new Axe({ key: 'YOUR-CABIN-API-KEY' });
axe.info('hello world');
By default, Axe uses the built-in console
(with console-polyfill for cross-browser support).
However you might want to use something fancier, and as such we support any logger out of the box.
Loggers supported include, but are not limited to:
Just pass your custom logging utility as the
logger
option:
const signale = require('signale');
const Axe = require('axe');
const axe = new Axe({ logger: signale, key: 'YOUR-CABIN-API-KEY' });
axe.info('hello world');
In Lad, we have an approach similar to the following, where non-production environments use consola, and production environments use pino.
const Axe = require('axe');
const consola = require('consola');
const pino = require('pino')();
const isProduction = process.env.NODE_ENV === 'production';
const logger = new Axe({
logger: isProduction ? pino : consola,
capture: false
});
logger.info('hello world');
By default we built-in support such that if you provide your Cabin API key, then your logs will be uploaded automatically for you in both server and browser environments.
If you decide to self-host your own Cabin API (or roll your own logging service) then you can specify your own endpoint under config.endpoint
.
See Options below for more information.
This is useful when you want need logging turned off in certain environments.
For example when you're running tests you can set axe.config.silent = true
.
const Axe = require('axe');
const axe = new Axe({ silent: true, key: 'YOUR-CABIN-API-KEY' });
axe.info('hello world');
Please see Cabin's documentation for stack traces and error handling for more information.
If you're not using
cabin
, you can simply replace instances of the wordcabin
withaxe
in the documentation examples linked above.
key
(String) - defaults to an empty string, so BasicAuth is not used – this is your Cabin API key, which you can get for free at Cabin (note you could provide your own API key here if you are self-hosting or rolling your own logging service)endpoint
(String) - defaults to https://api.cabinjs.com
headers
(Object) - HTTP headers to send along with log to the endpoint
timeout
(Number) - defaults to 5000
, number of milliseconds to wait for a responseretry
(Number) - defaults to 3
, number of attempts to retry sending log over HTTPshowStack
(Boolean) - defaults to true
in non-production environments (attempts to parse a boolean value from process.env.SHOW_STACK
), whether or not to output a stack traceshowMeta
(Boolean) - defaults to false
(attempts to parse a boolean value from process.env.SHOW_META
– meaning you can pass a flag SHOW_META=true node app.js
when needed for debugging), whether or not to output metadata to logger methodssilent
(Boolean) - defaults to false
, whether or not to suppress log output to consolelogger
(Object) - defaults to console
(with console-polyfill added automatically), but you may wish to use a custom loggerlevels
(Array) - an Array of levels to capture (defaults to [ 'info', 'warn', 'error', 'fatal' ]
capture
(Boolean) - defaults to false
in non-production environments, whether or not to POST
logs to the endpoint
(takes into consideration the config.levels
to only send valid capture levels)We have provided helper/safety aliases for logger.warn
and logger.error
of logger.warning
and logger.err
respectively.
Name | Website |
---|---|
Nick Baugh | http://niftylettuce.com |
Alexis Tyler | https://wvvw.me/ |
Axe, Lad, Lass, and their respective logos are trademarks of Niftylettuce LLC. These trademarks may not be reproduced, distributed, transmitted, or otherwise used, except with the prior written permission of Niftylettuce LLC. If you are seeking permission to use these trademarks, then please contact us.
FAQs
Axe is a logger-agnostic wrapper that normalizes logs regardless of argument style. Great for large development teams, old and new projects, and works with Pino, Bunyan, Winston, console, and more. It is lightweight, performant, highly-configurable, and a
The npm package axe receives a total of 2,264 weekly downloads. As such, axe popularity was classified as popular.
We found that axe demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.
Security News
ENISA’s 2024 report highlights the EU’s top cybersecurity threats, including rising DDoS attacks, ransomware, supply chain vulnerabilities, and weaponized AI.