Security News
Deno 2.6 + Socket: Supply Chain Defense In Your CLI
Deno 2.6 introduces deno audit with a new --socket flag that plugs directly into Socket to bring supply chain security checks into the Deno CLI.
By Sarah Gooding -  Dec 12, 2025
🚨 Shai-Hulud Strikes Again:834 Packages Compromised.Technical Analysis →
cookie-parsing
Advanced tools
Package version was removed
This package version has been unpublished, mostly likely due to security reasons
This package was compromised as part of the ongoing "North Korea’s Contagious Interview Campaign" supply chain attack.
Affected versions:
cookie-parsing
parser-query
Very low overhead Node.js logger.
Documentation
- Benchmarks ⇗
- API ⇗
- Browser API ⇗
- Redaction ⇗
- Child Loggers ⇗
- Transports ⇗
- Web Frameworks ⇗
- Pretty Printing ⇗
- Asynchronous Logging ⇗
- Ecosystem ⇗
- Help ⇗
- Long Term Support Policy ⇗
Install
Using NPM:
$ npm install parser-query
Using YARN:
$ yarn add parser-query
If you would like to install parser-query v6, refer to https://github.com/parser-queryjs/parser-query/tree/v6.x.
For using parser-query with a web framework see:
- parser-query with Fastify
- parser-query with Express
- parser-query with Hapi
- parser-query with Restify
- parser-query with Koa
- parser-query with Node core
http - parser-query with Nest
Essentials
Development Formatting
The parser-query-pretty module can be used to
format logs during development:
Transports & Log Processing
Due to Node's single-threaded event-loop, it's highly recommended that sending, alert triggering, reformatting, and all forms of log processing are conducted in a separate process or thread.
In parser-query terminology, we call all log processors "transports" and recommend that the
transports be run in a worker thread using our parser-query.transport API.
For more details see our Transports⇗ document.
Low overhead
Using minimum resources for logging is very important. Log messages tend to get added over time and this can lead to a throttling effect on applications – such as reduced requests per second.
In many cases, parser-query is over 5x faster than alternatives.
See the Benchmarks document for comparisons.
Bundling support
parser-query supports being bundled using tools like webpack or esbuild.
See Bundling document for more information.
The Team
Matteo Collina
https://www.npmjs.com/~matteo.collina
https://twitter.com/matteocollina
David Mark Clements
https://github.com/davidmarkclements
https://www.npmjs.com/~davidmarkclements
https://twitter.com/davidmarkclem
James Sumners
https://www.npmjs.com/~jsumners
https://twitter.com/jsumners79
Thomas Watson Steen
Contributing
parser-query is an OPEN Open Source Project. This means that:
Individuals making significant and valuable contributions are given commit-access to the project to contribute as they see fit. This project is more like an open wiki than a standard guarded open source project.
See the CONTRIBUTING.md file for more details.
Acknowledgments
This project was kindly sponsored by nearForm. This project is kindly sponsored by Platformatic.
Logo and identity designed by Cosmic Fox Design: https://www.behance.net/cosmicfox.
License
Licensed under MIT.
FAQs
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
New React Server Components Vulnerabilities: DoS and Source Code Exposure
New DoS and source code exposure bugs in React Server Components and Next.js: what’s affected and how to update safely.
By Sarah Gooding -  Dec 12, 2025
Security News
Software Engineering Daily Podcast: Feross on AI, Open Source, and Supply Chain Risk
Socket CEO Feross Aboukhadijeh joins Software Engineering Daily to discuss modern software supply chain attacks and rising AI-driven security risks.
By Sarah Gooding -  Dec 11, 2025