Security News
The Hidden Blast Radius of the Axios Compromise
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.
By Ahmad Nassri - Apr 01, 2026
New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
express-youch
Advanced tools
Beautiful error reporting for express
Beautiful, spec-compliant error reporting for express.
What does this do?
This express middleware simplifies debugging errors in express applications by presenting errors in a developer-friendly way.
Features:
- Beautiful HTML error reports thanks to youch
- Respects the
AcceptHTTP header - Hides sensitive information when running in production
- Compatible with other error middleware (custom error pages, custom error logging, ...)
Usage
npm install express-youch
const { errorReporter } = require('express-youch');
app.use(errorReporter());
Configuration options
links
Add custom links to the error report.
app.use(errorReporter({
links: [
({message}) =>{
const url = `https://stackoverflow.com/search?q=${encodeURIComponent(`[adonis.js] ${message}`)}`;
return `<a href="${url}" target="_blank" title="Search on stackoverflow">Search stackoverflow</a>`;
}
]
}));
Recepies
How do I customize the error pages?
When running in production (ie. when the NODE_ENV environment variable is set to production.), express-youch will delegate HTML errors to the next error reporting middleware. Here is a basic example:
const { errorReporter } = require('express-youch');
// First, pass the errors to the error reporter
app.use(errorReporter());
// Then add some custom handling logic
app.use(function (error, req, res, next) {
if (!res.headersSent) {
// If we get to this point, that means express-youch decided to delegate response rendering to the
// next handler in the chain. You can safely assume the client wants an HTML response here.
res .status(error.statusCode)
.render('error-page', { error });
} else {
next(error);
}
});
The error object contains the properties statusCode and message, which you may use to create different error pages for different error types.
How to better manage my errors
You should us a combination of an asynchronous express router such as this one and the async/await syntax to make sure no errors leak outside of your control. Read this blog post to learn more about error handling in express.
FAQs
Express middleware for youch
We found that express-youch demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 10 Feb 2020
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Supply Chain Attack on Axios Pulls Malicious Dependency from npm
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
By Socket Research Team - Mar 31, 2026
Research
TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
By Socket Research Team - Mar 27, 2026