
Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
loglevel-prefix
Advanced tools
Minimal lightweight (0.9KB minified and gzipped) plugin for loglevel message prefixing
npm install loglevel-prefix --save
prefix(log[, options]);
log - root logger, imported from loglevel package
options - configuration object
default_options = {
template: '[%t] %l:',
timestampFormatter: date => date.toTimeString().replace(/.*(\d{2}:\d{2}:\d{2}).*/, '$1'),
levelFormatter: level => level.toUpperCase(),
nameFormatter: name => name || 'root'
}
Plugin formats the prefix using template option as a printf-like format.
The template is a string containing zero or more placeholder tokens. Each placeholder token is replaced with the value from loglevel messages parameters. Supported placeholders are:
%t - Timestamp of message.
%l - Level of message.
%n - Name of logger.
The timestampFormatter, levelFormatter and nameFormatter is a functions for formatting corresponding values
Download production version and copy to your project folder
<script src="loglevel.min.js"></script>
<script src="loglevel-prefix.min.js"></script>
<script>
prefix(log);
log.warn('prefixed message');
</script>
Output
[12:53:46] WARN: prefixed message
import log from 'loglevel';
import prefix from 'loglevel-prefix';
prefix(log);
log.warn('prefixed message');
var log = require('loglevel');
var prefix = require('loglevel-prefix');
prefix(log);
// or
// var log = require('loglevel-prefix')(require('loglevel'));
log.warn('prefixed message');
define(['loglevel', 'loglevel-prefix'], function(log, prefix) {
prefix(log);
log.warn('prefixed message');
});
import log from 'loglevel';
import prefix from 'loglevel-prefix';
prefix(log, {
template: '[%t] %l (%n) static text:',
timestampFormatter: date => date.toISOString(),
levelFormatter: level => level.charAt(0).toUpperCase() + level.substr(1),
nameFormatter: name => name || 'global'
});
log.warn('prefixed message');
Output
[2017-05-29T16:53:46.000Z] Warn (global) static text: prefixed message
// moduleA.js
import log from 'loglevel';
export default function () {
log.warn('message from moduleA');
}
// moduleB.js
import log from 'loglevel';
const logger = log.getLogger('moduleB');
export default function () {
logger.warn('message from moduleB');
}
// moduleC.js
import log from 'loglevel';
export default function () {
const logger = log.getLogger('moduleC');
logger.warn('message from moduleC');
}
// main.js
import log from 'loglevel';
import prefix from 'loglevel-prefix';
import a from './moduleA';
import b from './moduleB';
import c from './moduleC';
log.warn('message from root %s prefixing', 'before');
prefix(log, {
template: '[%t] %l (%n):',
});
log.warn('message from root %s prefixing', 'after');
a();
b();
c();
Output
message from root before prefixing
[16:53:46] WARN (root): message from root after prefixing
[16:53:46] WARN (root): message from moduleA
message from moduleB
[16:53:46] WARN (moduleC): message from moduleC
// main.js
import log from 'loglevel';
import prefix from 'loglevel-prefix';
log.setLevel('info');
prefix(log);
log.info('message from root after prefixing');
try {
prefix(log, {
timestampFormatter: date => date.toISOString()
});
} catch(e) {
log.error(e);
};
log.info('message from root after pre-prefixing');
const logger = log.getLogger('main');
try {
prefix(logger, {
template: '[%t] %l (%n):'
});
} catch(e) {
logger.error(e);
};
logger.info('message from child logger');
Output
[16:53:46] INFO: message from root after prefixing
[16:53:46] ERROR: TypeError: You can assign a prefix only one time
[16:53:46] INFO: message from root after pre-prefixing
[16:53:46] ERROR: TypeError: Argument is not a root loglevel object
[16:53:46] INFO: message from child logger
FAQs
Plugin for loglevel message prefixing
The npm package loglevel-prefix receives a total of 0 weekly downloads. As such, loglevel-prefix popularity was classified as not popular.
We found that loglevel-prefix demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
Research
A malicious package uses a QR code as steganography in an innovative technique.
Research
/Security News
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.