Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
https://www.npmjs.com/package/hewer
A small, flexible and easy-to-use logging library for node.js
npm install --save hewer
var hewer = require('hewer');
var Logger = new hewer.Logger();
Logger.log({ // A JSON of data to be logged
'name' : 'Aragorn',
'class' : 'Ranger'
})
.with('level', '99') // Add more meta data
.with('kingdom', 'Gondor') // And a few more meta data
.info('Here comes the king');
// 2016-04-05T03:32:15.604Z INFO Here comes the king {"name":"Aragorn","class":"Ranger","level":"99","kingdom":"Gondor"}
Logger(filters, writers, formatter)
filters
: Array of Filter
- OPTIONAL
- A list of filters that will be applied to the log message.writers
: Array of Writer
- OPTIONAL
- A list of writers that will be used to write the log message to some output. If no writer is provided then the ConsoleWriter
will be used.formatter
: Formatter
- OPTIONAL
- A formatter that may transform and format the message before sending it to a writer. If no formatter is provided then the DefaultFormatter
will be used.Logger.log(meta)
returns Log
Creates a new log instance with the optional provided meta data.
meta
: JSON
- OPTIONAL
- A JSON with a any arbitrary meta.Log.with(key, value)
returns Log
Appends some meta data to the log.
key
: STRING
- MANDATORY
- The name of your meta data.value
: ANY
- MANDATORY
- Your actual data.Log.info(message)
returns Promise
Commits the message
and the meta
provided to the set of writers with log level INFO
.
message
: STRING
- `OPTIONAL - Some arbitrary log message.Log.warn(message)
returns Promise
Just like Log.info
but with log level WARN
.
Log.error(message)
returns Promise
Just like Log.info
but with log level ERROR
.
Log.debug(message)
returns Promise
Just like Log.info
but with log level DEBUG
.
A filter receives a formatted log message and then applies some string-transformation rule over it.
var hewer = require('hewer');
var PatternFilter = hewer.filters.PatternFilter;
var nameErasingFilter = new PatternFilter(/(\"name\"\:)(\".*?\")/, '$1[REDACTED]');
var Logger = new hewer.Logger([nameErasingFilter]);
Logger.log({ // A JSON of data to be logged
'name' : 'Aragorn',
'class' : 'Ranger'
})
.with('level', '99') // Add more meta data
.with('kingdom', 'Gondor') // And a few more meta data
.info('Here comes the king');
// 2016-04-08T15:02:54.022 INFO Here comes the king {"name":[REDACTED],"class":"Ranger","level":"99","kingdom":"Gondor"}
IdentityFilter
The default filter used in case you don't pick any. Just returns the string as it is.
var IdentityFilter = require('hewer').filters.IdentityFilter;
var filter = new IdentityFilter();
console.log(filter.apply('You shall not pass!'));
//You shall not pass!
PatternFilter(pattern, replacement)
A filter that applies a pattern or substring and replaces it by a pattern or substring
pattern
: STRING or REGEXP
- MANDATORY
- The pattern for matching some stringreplacement
: STRING
- MANDATORY
- The string for which the pattern should be replacedvar PatternFilter = require('hewer').filters.PatternFilter;
var filter = new PatternFilter(/(Aragorn)/, '$1 (A.K.A Strider)');
console.log(filter.apply("I am Aragorn son of Arathorn"));
//I am Aragorn (A.K.A Strider) son of Arathorn
A filter is simply a class that has an apply
method that takes a string as parameter and returns a string
Filter()
Filter.apply(message)
returns STRING
message
: STRING
- MANDATORY
- The log string that will be sent to a writervar hewer = require('hewer');
function CustomFilter() {
this.apply = function(str) {
//Do something with the string
return str + " That's what Bilbo Baggins hates!";
}
}
var Logger = new hewer.Logger([new CustomFilter()])
Logger.log().warn('Smash the bottles and burn the corks!');
//2016-04-10T15:30:50.546 WARN Smash the bottles and burn the corks! {} That's what Bilbo Baggins hates!
Logger.log().warn('Chip the glasses and crack the plates!');
//2016-04-10T15:30:50.551 WARN Chip the glasses and crack the plates! {} That's what Bilbo Baggins hates!
DefaultFormatter()
var DefaultFormatter = require('hewer').formatters.DefaultFormatter;
var formatter = new DefaultFormatter();
console.log(formatter.format("There is only one Lord of the Ring, only one who can bend it to his will", "INFO", {}));
//2016-04-10T16:16:13.763 INFO There is only one Lord of the Ring, only one who can bend it to his will {}
A formatter is simply a class that has a format
method that receives some message
, some log level name
, and some meta data
and returns a formatted string.
Formatter
Formatter.format(message, level, meta)
returns STRING
message
: STRING
- MANDATORY
- The log messagelevel
: STRING
- MANDATORY
- Some log level namemeta
: JSON
- MANDATORY
- Some meta data objectvar hewer = require('hewer');
var function CustomFormatter() {
this.format = function(message, level, meta) {
return `${level} ${message} ${JSON.stringify(meta)}`;
}
}
var Logger = new hewer.Logger(null, null, new CustomFormatter())
Logger.log({ titles : [
'The gray',
'The white'] })
.info('Gandalf!');
// "INFO Gandalf! {"titles":["The gray","The white"]}"
To be documented
To be documented
To be documented
If you want to contribute to the project with new Filters, Formatters, Writers, fixes, functionalities, optimizations, documentation, issues etc. All you have to do is open an issue and, if needed, fork this project and make a pull request.
The MIT License (MIT)
Copyright (c) 2016 Mateus Chagas
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
FAQs
A small, flexible, zero-dependency logging library
We found that hewer demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.