Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Bunyan / Pino Logger instance ready to use
Bunyan is really great for debugging purposes but Pino is crazily fast.
Thinking about that this package was created to use Bunyan whenever the
LOG_LEVEL environmental variable is set to debug
or trace
;
npm install em-loger --save
Logr will use bunyan if the LOG_LEVEL environmental variable has the values trace or debug and it will also enable the src option of bunyan automatically, which displays the filename along side with the line number on each log message.
Using LOG_LEVEL environmental variable with the values info, warn or trace will load pinojs which is faster and has a very similar api.
const logr = require('em-logr');
logr.trace('My trace message');
logr.debug('My debug message');
logr.info('My info message');
logr.warn('My warn message')
logr.error('My error message');
Child loggers
const
_1stChildLogr = require('em-logr').child({name:'1stChild'}),
_2ndChildLogr = require('em-logr').child({name:'2ndChild'});
_1stChildLogr.info("The remote is mine, I am the first born child");
_2ndChildLogr.info("The remote is mine, Mom likes me better");
_1stChildLogr.warn("Get out of here or I'll hit you in the face!");
_2ndChildLogr.info("Do not touch me or I'll tell mom to know about secret.");
_1stChildLogr.error("I did' see that coming!");
FAQs
Bunyan/Pino Logger instance ready to use
The npm package em-logr receives a total of 0 weekly downloads. As such, em-logr popularity was classified as not popular.
We found that em-logr demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.