Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
binder-logging
Advanced tools
binder-logging
Consistent logging reader/writer functions for all Node-based Binder modules
Takes a configuration file (the default version in conf/example.main) that specifies how to
- connect to a Logstash server for log writing
- connect to Elasticsearch/Kibana servers for log reading
- stream build logs from a websocket
The example configuration file included in the module has these defaults:
{
"host": "localhost",
"testing": true,
"logstash": {
"port": 8050,
"configDir": "~/binder-control/services/logging/logstash/"
},
"elasticsearch": {
"port": 8052,
"dir": "/data/binder/elasticsearch"
},
"kibana": {
"port": 8053
},
"streaming": {
"port": 2121
}
}
binder-control can launch Docker containers for Elasticsearch, Logstash and Kibana (with the same default values) through the binder-control start-service logging command. If you'd prefer to use existing logging infrastructure, specify the custom host/port in the config file.
If testing is enabled, the Winston logger will output to both Logstash and stdout (only Logstash otherwise).
install
npm install binder-logging
reader
lib/reader.js contains functions that wrap Elasticsearch queries to make it simpler to search through Binder logs. If you'd prefer to monitor a realtime stream of build logs, the streamLogs function is available (which will connect to Logstash's WebSocket output).
BinderLogReader.getLogs(opts, cb)
Get all historical logs, optionally matching an app name and optionally between before/after times
appstring - app name to filter onbeforestring - ISO8601 GMT timestampafterstring - ISO8601 GMT timestampcbfunction - callback(err, msgs)
BinderLogReader.streamLogs(opts)
Stream logs for a given app (mandatory option), optionally since an after timestamp. Returns a through stream
appstring - app name to filter onafterstring - ISO8601 GMT timestamp
usage
var getReader = require('binder-logging/lib/reader')
var reader = getReader({ host: '<custom logging host>' })
writer
lib/writer.js exposes a getInstance function that will return a Winston logger given a logger name. This logger exposes the standard logging api (logger.info, logger.error, ...).
getInstance(name)
Returns a Winston logger that's connected to the Binder logging stack
namestring - logger name (one logger will be created per name, per process)
usage
var getLogger = require('binder-logging/lib/writer')
var logger = getLogger('<logger name>')
logger.info('this is an info message')
FAQs
Module for consistent logging across Binder components
The npm package binder-logging receives a total of 1 weekly downloads. As such, binder-logging popularity was classified as not popular.
We found that binder-logging demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 21 Apr 2016
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025