Security News
RubyGems.org Adds New Maintainer Role
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
The debug npm package is a flexible debugging utility that allows developers to log messages in a structured and conditional way. It is designed to be simple to use and to support modular applications by allowing developers to enable or disable logging on a per-module or per-scope basis.
Conditional Logging
This feature allows developers to create conditional logging statements that can be enabled or disabled based on the namespace. The '%o' formatter can be used to pretty-print objects.
const debug = require('debug')('http');
debug('booting %o', 'My App');
if (error) debug('Error: %o', error);
Namespacing Logs
Namespacing allows developers to categorize logs into different sections, which can be individually toggled on or off. This is useful for separating logs from different parts of an application.
const debug = require('debug');
const log = debug('myapp:log');
const error = debug('myapp:error');
log('This will be logged under the myapp:log namespace');
error('This will be logged under the myapp:error namespace');
Environment Variable Control
The debug package can be controlled using the DEBUG environment variable, which allows developers to specify which namespaces should be logged. This can be set before running the application.
DEBUG=myapp:* node app.js
Browser Support
The debug package also works in the browser. Namespaces can be enabled by setting the debug key in localStorage to the desired namespace.
localStorage.debug = 'myapp:*';
Winston is a multi-transport async logging library for Node.js. Unlike debug, which is primarily for enabling/disabling logging, winston provides more features like multiple storage options for logs, custom log levels, and log formatting.
Pino is a very low overhead Node.js logger, which focuses on performance. It provides similar functionality to debug but is optimized for speed and includes features like child loggers and custom serializers.
Log4js is a logging framework for Node.js, which is inspired by the Java library log4j. It supports multiple appenders, log categories, and layouts. It is more complex and configurable compared to debug.
tiny node.js debugging utility modelled after node core's debugging technique.
$ npm install debug
With debug
you simply invoke the exported function to generate your debug function, passing it a name which will determine if a noop function is returned, or a decorated console.error
, so all of the console
format string goodies you're used to work fine. A unique color is selected per-function for visibility.
Example app.js:
var debug = require('debug')('http')
, http = require('http')
, name = 'My App';
// fake app
debug('booting %s', name);
http.createServer(function(req, res){
debug(req.method + ' ' + req.url);
res.end('hello\n');
}).listen(3000, function(){
debug('listening');
});
// fake worker of some kind
require('./worker');
Example worker.js:
var debug = require('debug')('worker');
setInterval(function(){
debug('doing some work');
}, 1000);
The DEBUG environment variable is then used to enable these based on space or comma-delimited names. Here are some examples:
When actively developing an application it can be useful to see when the time spent between one debug()
call and the next. Suppose for example you invoke debug()
before requesting a resource, and after as well, the "+NNNms" will show you how much time was spent between calls.
When stderr is not a TTY, Date#toUTCString()
is used, making it more useful for logging the debug information as shown below:
(NOTE: Debug now uses stderr instead of stdout, so the correct shell command for this example is actually DEBUG=* node example/worker 2> out &
)
If you're using this in one or more of your libraries, you should use the name of your library so that developers may toggle debugging as desired without guessing names. If you have more than one debuggers you should prefix them with your library name and use ":" to separate features. For example "bodyParser" from Connect would then be "connect:bodyParser".
The "*" character may be used as a wildcard. Suppose for example your library has debuggers named "connect:bodyParser", "connect:compress", "connect:session", instead of listing all three with DEBUG=connect:bodyParser,connect.compress,connect:session
, you may simply do DEBUG=connect:*
, or to run everything using this module simply use DEBUG=*
.
You can also exclude specific debuggers by prefixing them with a "-" character. For example, DEBUG=* -connect:*
would include all debuggers except those starting with "connect:".
Debug works in the browser as well, currently persisted by localStorage
. For example if you have worker:a
and worker:b
as shown below, and wish to debug both type debug.enable('worker:*')
in the console and refresh the page, this will remain until you disable with debug.disable()
.
a = debug('worker:a');
b = debug('worker:b');
setInterval(function(){
a('doing some work');
}, 1000);
setInterval(function(){
a('doing some work');
}, 1200);
(The MIT License)
Copyright (c) 2011 TJ Holowaychuk <tj@vision-media.ca>
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the 'Software'), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
FAQs
Lightweight debugging utility for Node.js and the browser
The npm package debug receives a total of 116,657,597 weekly downloads. As such, debug popularity was classified as popular.
We found that debug demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.
Security News
Research
Socket's threat research team has detected five malicious npm packages targeting Roblox developers, deploying malware to steal credentials and personal data.