npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@lindorm/logger

v0.5.2

Published

Rich, type-safe wrapper around [winston](https://github.com/winstonjs/winston) that brings

Downloads

430

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

princejonnprincejonn

Keywords

Readme

@lindorm/logger

Rich, type-safe wrapper around winston that brings

  • hierarchical scopes ([ http | router | controller ])
  • request / transaction correlation metadata
  • pluggable path and key filters for sensitive data (passwords, tokens …)
  • colourised readable mode for local development

The implementation is framework-agnostic – the only runtime dependency is Winston – and therefore fits nicely into any Node.js / TypeScript code-base.

Installation

npm install @lindorm/logger
# or
yarn add @lindorm/logger

Quick start

import { Logger, LogLevel } from '@lindorm/logger';

// Create a root logger. All child loggers share the same Winston transport.
const logger = new Logger({
  level: LogLevel.Info,                       // minimum log level
  readable: process.env.NODE_ENV !== 'production', // pretty print when not in prod
});

logger.info('Server started');

// Correlate subsequent log lines with a request id
logger.correlation({ requestId: '4711' });

// Narrow the scope – perfect for per-module loggers
const http = logger.child(['http']);

http.verbose('Incoming request', { method: 'GET', url: '/' });

// Mask sensitive data by exact path
logger.filterPath('password');          // Replaces value with "[Filtered]"
logger.filterPath('user.jwt', () => '<jwt>');

// Mask sensitive keys at any depth (including inside arrays)
logger.filterKey('password');                  // matches "password" anywhere in the object tree
logger.filterKey(/token/i);                    // regex: matches accessToken, refreshToken, etc.
logger.filterKey(/secret|credential/i);        // broad security net

http.debug('Login attempt', {
  user: { password: 'super-secret' },   // caught by filterKey("password")
  accessToken: 'eyJhbGciOi…',           // caught by filterKey(/token/i)
});

Readable output will look similar to:

2024-01-01T12:00:00.000Z  DEBUG: Login attempt [ http ]
{
  "user": { "password": "[Filtered]" },
  "accessToken": "[Filtered]"
}

Public API

Constructor

new Logger(options?: {
  level?: LogLevel;   // default: LogLevel.Info
  readable?: boolean; // default: false (JSON output)
});

Logging

  • error(error: Error)
  • error(message: string, context?, extra?)
  • warn / info / verbose / debug / silly(message, context?, extra?)
  • log({ message, level?, context?, extra? }) – low-level helper

Utilities

  • child(scope?, correlation?) – returns a new Logger that reuses the same Winston transport but appends scope / correlation metadata.
  • scope(string[]) – append scope segments to the current instance.
  • correlation(record) – merge correlation metadata.
  • filterPath(path, callback?) – register a path-based filter. Matches an exact object path (e.g. "headers.authorization"). If no callback is supplied the value is replaced with "[Filtered]".
  • filterKey(key, callback?) – register a key-based filter. Matches a key name at any depth, including inside arrays. Accepts a string for exact match or a RegExp for pattern matching.
  • isLevelEnabled(level) – returns true if the given level would be logged.
  • time() – returns a LoggerTimer handle. Call .info(message, context?), .debug(…), etc. on the handle to log with the elapsed duration (ms) included at the top level of the log entry.
  • time(label) – starts a named timer stored in an internal Map.
  • timeEnd(label, context?, extra?) – ends the named timer and logs at "debug" level.
  • timeEnd(label, level, context?, extra?) – ends the named timer and logs at the given level.
  • level – getter / setter for the current minimum log level. Setting it updates all transports.

Timers

Two timer APIs are available:

Handle-based – call time() with no arguments to get a LoggerTimer handle. Call any log method on the handle to emit a log entry that includes the elapsed duration.

const timer = logger.time();

await fetchRemoteData();

timer.info('Remote data fetched', { url });
// → 2024-01-01T12:00:00.000Z  INFO: Remote data fetched (42ms 318µs)

timer.error(new Error('something broke'));
// error(Error) overload works the same as on Logger

Label-based – pass a label to time(label) to start a named timer. End it later with timeEnd(label). The label is used as the log message.

logger.time('db-query');

await db.query('SELECT ...');

// defaults to debug level
logger.timeEnd('db-query');

// explicit level + context
logger.time('http-request');
await fetch(url);
logger.timeEnd('http-request', 'info', { url, status: 200 });

Child loggers inherit parent timers (via snapshot), so a timer started on a parent can be ended on a child — but timers started on a child do not leak back to the parent.

Helper functions

import { sanitiseAuthorization, sanitiseToken } from '@lindorm/logger';

sanitiseAuthorization('Bearer eyJhbGciOiJ…');
// → 'Bearer eyJhbGciOiJ…eyJ0'   (JWT header + payload only)

TypeScript

@lindorm/logger is written in TypeScript and ships with declaration files. Important exports:

  • ILogger – public logger interface
  • ILoggerTimer – timer handle interface returned by time()
  • Log, LogContent, LogScope, LogCorrelation
  • LogLevel – enum of Winston log levels used throughout the package

License

AGPL-3.0-or-later – see the root LICENSE file for details.