Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
A generic logger / error reporting facade. Can apply different loggers to different logging contexts, and escalate logging into runtime errors.
It is said that most problems in the computer science can be solve by adding the right amount of indirection. Escalate provides a way (of inderction) to intervene and decide what to do with logging and throwing errors. This allows you test how non functional code behaves.
In your code:
import {getMailBox} from 'escalate';
const MAILBOX = getMailBox(context);
where context
can be anything you want to use to identify the logging events from that specific instance.
Usually, that would be a string namespace in dot notation, like 'my.beautiful.library'
.
Naming the instance MAILBOX
is a code convention that will allow future tools to filter some logging invocation from the code before producing a production version.
then issue reports like so:
MAILBOX.error(`Something unexpected happened: ${message}`);
or like so:
MAILBOX.post('error', misMatchMessage(errorContext,fieldDef,fieldDef.defaults(),path));
supported logging levels: debug, info, warn, error, fatal'
By default, the debug
level is ignored, and the error
and fatal
levels will throw an error.
You can configure the behavior by using the config
method:
import {config} from 'escalate';
config(configuration);
The configuration
object may have any of 4 optional methods:
{
loggerStrategy : (context) => logger
panicStrategy : (context) => panic
logThresholdStrategy : (context) => logThreshold
panicThresholdStrategy : (context) => panicThreshold
}
The logger
type has 4 mandatory handler methods, nameddebug, info, warn, error'
. By default, this will be used:
let logger = {
error : (...params) => console.error(...params),
warn : (...params) => console.warn(...params),
info : (...params) => console.info(...params),
debug : (...params) => console.info(...params) // some environments don't have console.debug
};
The panic
type is a method that will be called whenever a logging event that passes the panic threshold occures. for example:
function panic(...params){
throw new Error(params.join(' '));
}
logThresholdStrategy
and panicThresholdStrategy
are methods that accept a context and return a logging level (string).
Any log event that is below the logging threshold returned by logThresholdStrategy
will be ignored at runtime, while any log event that is equal or above the logging threshold returned by panicThresholdStrategy
will escalate to the panic returned by panicStrategy
.
This software is in alpha version phase, and so does not respect semantic versioning yet. Breaking changes may occur between patch versions.
npm install
npm start
and then open browser at http://localhost:8080/webpack-dev-server/test
$ npm run build:src
We use a custom license, see LICENSE.md
FAQs
logger / error reporting facade
We found that escalate demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 9 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.