Security News
vlt Debuts New JavaScript Package Manager and Serverless Registry at NodeConf EU
vlt introduced its new package manager and a serverless registry this week, innovating in a space where npm has stagnated.
pino-sentry
Advanced tools
npm install pino-sentry -g
Note: The v7 version of the Sentry JavaScript SDK requires a self-hosted version of Sentry 20.6.0 or higher. If you are using a version of self-hosted Sentry (aka onpremise) older than 20.6.0 then you will need to upgrade. See sentry-javascript@7.0.0 release notes.
Alternatively you can pin @sentry/*
packages to 6.x.
node ./app.js | pino-sentry --dsn=https://******@sentry.io/12345
const { createWriteStream, Sentry } = require("pino-sentry");
// ...
const opts = {
/* ... */
};
const stream = createWriteStream({ dsn: process.env.SENTRY_DSN });
const logger = pino(opts, stream);
// add tags
logger.info({ tags: { foo: "bar" }, msg: "Error" });
// add extra
logger.info({ extra: { foo: "bar" }, msg: "Error" });
// add breadcrumbs
// https://docs.sentry.io/platforms/node/enriching-events/breadcrumbs/
logger.info({
msg: "Error",
breadcrumbs: [
{
category: "auth",
message: "Authenticated user " + user.email,
level: "info",
},
],
});
// the sentry instance is exposed and can be used to manipulate the same sentry than pino-sentry
Sentry.addBreadcrumb({
category: "custom-logger",
message: "Hey there!",
level: "debug",
type: "debug",
data: { some: "data" },
});
options
)In case the generated message does not follow the standard convention, the main attribute keys can be mapped to different values, when the stream gets created. Following attribute keys can be overridden:
msg
- the field used to get the message, it can be dot notted (eg 'data.msg')extra
stack
- the field used to get the stack, it can be dot notted (eg 'err.stack')maxValueLength
- option to adjust max string length for values, default is 250decorateScope
- option to decorate, manipulate the sentry scope just before the capturesentryExceptionLevels
- option that represent the levels that will be handled as exceptions. Default : error
and fatal
const { createWriteStream, Severity } = require("pino-sentry");
// ...
const opts = {
/* ... */
};
const stream = createWriteStream({
dsn: process.env.SENTRY_DSN,
messageAttributeKey: "message",
stackAttributeKey: "trace",
extraAttributeKeys: ["req", "context"],
maxValueLength: 250,
sentryExceptionLevels: [
Severity.Warning,
Severity.Error,
Severity.Fatal,
],
decorateScope: (data, scope) => {
scope.setUser("userId", { id: data.userId });
},
});
const logger = pino(opts, stream);
--dsn
(-d
): your Sentry DSN or Data Source Name (defaults to process.env.SENTRY_DSN
)--environment
(-e
): (defaults to process.env.SENTRY_ENVIRONMENT || process.env.NODE_ENV || 'production'
)--serverName
(-n
): transport name (defaults to pino-sentry
)--debug
(-dm
): turns debug mode on or off (default to process.env.SENTRY_DEBUG || false
)--sampleRate
(-sr
): sample rate as a percentage of events to be sent in the range of 0.0 to 1.0 (default to 1.0
)--maxBreadcrumbs
(-mx
): total amount of breadcrumbs that should be captured (default to 100
)--level
(-l
): minimum level for a log to be reported to Sentry (default to debug
)Pino logging levels are mapped by default to Sentry's acceptable levels.
{
trace: 'debug',
debug: 'debug',
info: 'info',
warn: 'warning',
error: 'error',
fatal: 'fatal'
}
FAQs
@sentry/node transport for pino logger
The npm package pino-sentry receives a total of 16,571 weekly downloads. As such, pino-sentry popularity was classified as popular.
We found that pino-sentry demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
vlt introduced its new package manager and a serverless registry this week, innovating in a space where npm has stagnated.
Security News
Research
The Socket Research Team uncovered a malicious Python package typosquatting the popular 'fabric' SSH library, silently exfiltrating AWS credentials from unsuspecting developers.
Security News
At its inaugural meeting, the JSR Working Group outlined plans for an open governance model and a roadmap to enhance JavaScript package management.