Security News
New Python Packaging Proposal Aims to Solve Phantom Dependency Problem with SBOMs
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
caterpillar
Advanced tools
Caterpillar is the ultimate logging system for Deno, Node.js, and Web Browsers. Log levels are implemented to the RFC standard. Log entries can be filtered and piped to various streams, including coloured output to the terminal, the browser's console, and
Caterpillar is the ultimate logging system for Deno, Node.js, and Web Browsers. Log levels are implemented to the RFC standard. Log entries can be filtered and piped to various streams, including coloured output to the terminal, the browser's console, and debug files. You can even write your own transforms.
The RFC Log Levels are provided by the rfc-log-levels
package which follows RFC 3164 - The BSD Syslog Protocol.
Log Entries that are within the lineLevel range, will have their line information fetched using the get-current-line
package.
The Logger
is what you write your log messages to, which you then pipe to destinations and transforms.
The Filter
transport is used to filter out log levels that we do not want to pass onto the next destination.
The Human
transport is used to convert the Log Entries into a human readable and colourful output.
The Browser
transport is used to send the human output, including colours, to the Web Browser console.
The Transform
is used to write your own transforms, and is what all the others are based from.
To get started for Node.js, setup a new Node.js project for this guide and install Caterpillar.
mkdir caterpillar-guide
cd caterpillar-guide
npm init
npm install --save caterpillar
touch index.js
Then edit our index.js
file with the following, that will output all the log messages in JSON format to stdout, and can be run via node index.js
:
const { Logger } = require('caterpillar')
const logger = new Logger()
logger.pipe(process.stdout)
logger.log('warn', 'this is a warning, which is level', 4)
logger.warn('this is a warning, which is level', 4)
logger.log('debug', 'this is a debug message, which is level', 7)
logger.warn('this is a debug message, which is level', 7)
Outputting in JSON format is not a nice experience, instead we can do better by using the Human
transport such that it is human readable.
const { Logger, Human } = require('caterpillar')
const logger = new Logger()
logger.pipe(new Human()).pipe(process.stdout)
logger.log('warn', 'this is a warning, which is level', 4)
logger.warn('this is a warning, which is level', 4)
logger.log('debug', 'this is a debug message, which is level', 7)
logger.warn('this is a debug message, which is level', 7)
However, perhaps we want to still store the JSON format for querying later. We can pipe the human format to stdout as before, but we can pipe the raw output to a debug file.
const { Logger, Human } = require('caterpillar')
const logger = new Logger()
const { createWriteStream } = require('fs')
logger.pipe(createWriteStream('./debug.log'))
logger.pipe(new Human()).pipe(process.stdout)
logger.log('warn', 'this is a warning, which is level', 4)
logger.warn('this is a warning, which is level', 4)
logger.log('debug', 'this is a debug message, which is level', 7)
logger.warn('this is a debug message, which is level', 7)
Now let's stay for some reason, we want to capitalise all the log messages that are warning levels and higher, we can do this by making our own transport by extending the Transform
.
const { Logger, Transform, Human } = require('caterpillar')
const logger = new Logger()
const { createWriteStream } = require('fs')
logger.pipe(createWriteStream('./debug.log'))
class Uppercase extends Transform {
format(entry) {
if (entry.levelNumber <= 4) {
entry.args.forEach(function (value, index) {
if (typeof value === 'string') {
entry.args[index] = value.toUpperCase()
}
})
}
return entry
}
}
logger.pipe(new Uppercase()).pipe(new Human()).pipe(process.stdout)
logger.log('warn', 'this is a warning, which is level', 4)
logger.warn('this is a warning, which is level', 4)
logger.log('debug', 'this is a debug message, which is level', 7)
logger.warn('this is a debug message, which is level', 7)
Futhermore, the user probably doesn't need to see debug messages, even though they are useful for debugging. We can filter out the debug messages for the user, but maintain them for the debug.log
file by applying the Filter
transport to the pipe that goes to stdout.
const { Logger, Transform, Filter, Human } = require('caterpillar')
const logger = new Logger()
const { createWriteStream } = require('fs')
logger.pipe(createWriteStream('./debug.log'))
class Uppercase extends Transform {
format(entry) {
if (entry.levelNumber <= 4) {
entry.args.forEach(function (value, index) {
if (typeof value === 'string') {
entry.args[index] = value.toUpperCase()
}
})
}
return entry
}
}
logger
.pipe(new Filter({ filterLevel: 5 }))
.pipe(new Uppercase())
.pipe(new Human())
.pipe(process.stdout)
logger.log('warn', 'this is a warning, which is level', 4)
logger.warn('this is a warning, which is level', 4)
logger.log('debug', 'this is a debug message, which is level', 7)
logger.warn('this is a debug message, which is level', 7)
As fetching line information is computationally expensive process, for large applications for performance we probably only want to fetch the line information for messages that we actually show to the user. As such, we should make the filterLevel
and the lineLevel
the same.
const { Logger, Transform, Filter, Human } = require('caterpillar')
const level = 5
const logger = new Logger({ lineLevel: level })
const { createWriteStream } = require('fs')
logger.pipe(createWriteStream('./debug.log'))
class Uppercase extends Transform {
format(entry) {
if (entry.levelNumber <= 4) {
entry.args.forEach(function (value, index) {
if (typeof value === 'string') {
entry.args[index] = value.toUpperCase()
}
})
}
return entry
}
}
logger
.pipe(new Filter({ filterLevel: 5 }))
.pipe(new Uppercase())
.pipe(new Human())
.pipe(process.stdout)
logger.log('warn', 'this is a warning, which is level', 4)
logger.warn('this is a warning, which is level', 4)
logger.log('debug', 'this is a debug message, which is level', 7)
logger.warn('this is a debug message, which is level', 7)
Finally, if we are using Caterpillar in web browser environments, instead of Node.js, instead of doing:
const { Logger, Transform, Filter, Human } = require('caterpillar')
// ...
logger.pipe(new Human()).pipe(process.stdout)
// ...
We would pipe to the Browser transform instead of to stdout.
const { Logger, Transform, Filter, Human, Browser } = require('caterpillar')
// ...
logger.pipe(new Human()).pipe(new Browser())
// ...
With this, you now have enough information to leverage the cross-platform power of Caterpillar for most purposes, and the power to write your own custom transforms which can be published as their own packages and shared.
npm install --save caterpillar
import * as pkg from ('caterpillar')
const pkg = require('caterpillar')
<script type="module">
import * as pkg from '//cdn.skypack.dev/caterpillar@^6.5.0'
</script>
<script type="module">
import * as pkg from '//unpkg.com/caterpillar@^6.5.0'
</script>
<script type="module">
import * as pkg from '//dev.jspm.io/caterpillar@6.5.0'
</script>
This package is published with the following editions:
caterpillar
aliases caterpillar/index.cjs
which uses the Editions Autoloader to automatically select the correct edition for the consumer's environmentcaterpillar/source/index.ts
is TypeScript source code with Import for modulescaterpillar/edition-browsers/index.js
is TypeScript compiled against ES2019 for web browsers with Import for modulescaterpillar/edition-esnext/index.js
is TypeScript compiled against ESNext for Node.js 14 with Require for modulescaterpillar/edition-es2019/index.js
is TypeScript compiled against ES2019 for Node.js 10 || 12 || 13 || 14 with Require for modulescaterpillar/edition-es2019-esm/index.js
is TypeScript compiled against ES2019 for Node.js 12 || 13 || 14 with Import for modulesDiscover the release history by heading on over to the HISTORY.md
file.
These amazing people are maintaining this project:
No sponsors yet! Will you be the first?
These amazing people have contributed code to this project:
Discover how you can contribute by heading on over to the CONTRIBUTING.md
file.
Unless stated otherwise all works are:
and licensed under:
FAQs
Caterpillar is the ultimate logging system for Deno, Node.js, and Web Browsers. Log levels are implemented to the RFC standard. Log entries can be filtered and piped to various streams, including coloured output to the terminal, the browser's console, and
The npm package caterpillar receives a total of 1,383 weekly downloads. As such, caterpillar popularity was classified as popular.
We found that caterpillar demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
Security News
Socket CEO Feross Aboukhadijeh discusses open source security challenges, including zero-day attacks and supply chain risks, on the Cyber Security Council podcast.
Security News
Research
Socket researchers uncover how threat actors weaponize Out-of-Band Application Security Testing (OAST) techniques across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.