The latest articles on DEV Community by Chintan Shah (@chintanshah35). https://dev.to/chintanshah35 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F419795%2F0f2d976e-cd0d-4b94-8b6a-872170cfc47b.jpeg https://dev.to/chintanshah35 en Chintan Shah Fri, 05 Jun 2026 05:46:18 +0000 https://dev.to/chintanshah35/how-to-scan-for-hardcoded-secrets-in-a-nodejs-project-github-actions-guide-2k68 https://dev.to/chintanshah35/how-to-scan-for-hardcoded-secrets-in-a-nodejs-project-github-actions-guide-2k68 <p>Hardcoded API keys in source code are one of the most common security mistakes in Node.js projects. Not <code>.env</code> files committed by accident (though that happens too). I mean a Stripe key pasted into a test fixture, a GitHub token left in a debug script, or a PostgreSQL URL sitting in a migration comment.</p> <p><strong>Secret scanning in GitHub Actions</strong> catches these before merge. This guide covers a local scan, a full workflow file you can copy, how it compares to <strong>gitleaks</strong> and <strong>trufflehog</strong>, and what to do when you actually find a leaked key.</p> <p>Takes about 10 minutes to set up.</p> <h2> TL;DR </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Goal</th> <th>What to do</th> </tr> </thead> <tbody> <tr> <td>Scan locally before commit</td> <td><code>npx secretguard .</code></td> </tr> <tr> <td>Block merges with live keys</td> <td>Add workflow below to GitHub Actions</td> </tr> <tr> <td>Scan git history for old leaks</td> <td>Use gitleaks or trufflehog</td> </tr> <tr> <td>Stop pushes at GitHub boundary</td> <td>Enable push protection (free on public repos)</td> </tr> <tr> <td>Avoid noise from test fixtures</td> <td>Use a scanner that skips fake emails in <code>*.test.ts</code> </td> </tr> </tbody> </table></div> <h2> Why hardcoded secrets in source code are still a problem </h2> <p><code>.gitignore</code> protects <code>.env</code>. It does not protect <code>src/config.ts</code>.</p> <p>Common leak locations in Node.js repos:</p> <ul> <li>Test files with copied production tokens</li> <li>Debug scripts committed to <code>scripts/</code> </li> <li>Database URLs in ORM config or seed files</li> <li>Sample API responses checked into <code>fixtures/</code> </li> <li>Commented-out credentials "just for reference"</li> </ul> <p>GitHub <strong>secret scanning</strong> and <strong>push protection</strong> help at the remote. But you often discover the problem when <code>git push</code> fails at 6pm before a release. Scanning in CI on every pull request shifts that feedback to review time.</p> <h2> What to scan for </h2> <h3> Credentials (rotate immediately if found) </h3> <ul> <li>Cloud keys: <code>AKIA...</code> (AWS), <code>sk_live_...</code> (Stripe), <code>ghp_...</code> (GitHub)</li> <li>Database URLs with embedded passwords (<code>postgres://user:pass@...</code>)</li> <li>Private keys: RSA, OpenSSH, PGP blocks</li> <li>JWTs and high-entropy strings assigned to <code>api_key</code>, <code>API_KEY</code>, <code>secret</code> </li> </ul> <h3> PII in source (compliance risk) </h3> <ul> <li>Emails, phone numbers, SSNs, credit card numbers in non-test files</li> <li>Public IPs in config (private ranges like <code>192.168.x</code> are usually fine to ignore)</li> </ul> <p><code>.env</code> must stay out of git. Add <code>.env</code> to <code>.gitignore</code> and commit only <code>.env.example</code> with placeholder values.</p> <h2> Scan your Node.js repo locally </h2> <p>No install. Works on any machine with Node 18+.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npx secretguard <span class="nb">.</span> </code></pre> </div> <p>This scans the working tree (current files on disk), not git history. It skips <code>node_modules</code>, <code>.git</code>, <code>dist</code>, <code>build</code>, and binary files automatically. Findings are grouped by severity. Values are <strong>masked</strong> in output.</p> <p>Useful variants:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Scan only application source</span> npx secretguard ./src <span class="c"># JSON for scripts or CI artifacts</span> npx secretguard <span class="nb">.</span> <span class="nt">--json</span> <span class="c"># HTML report for security review</span> npx secretguard <span class="nb">.</span> <span class="nt">--output</span> report.html <span class="c"># Extra ignore paths</span> npx secretguard <span class="nb">.</span> <span class="nt">--ignore</span> legacy <span class="nt">--ignore</span> sandbox </code></pre> </div> <p><strong>Exit codes:</strong> <code>0</code> = no CRITICAL findings, <code>1</code> = at least one CRITICAL. HIGH and MEDIUM are reported but do not fail by default. That is a practical default: a live Stripe key should block a merge; a JWT-shaped string in a test helper might be worth reviewing without stopping the pipeline.</p> <h2> Secret scanning in GitHub Actions </h2> <p>Below is a complete workflow file. Copy it to <code>.github/workflows/secret-scan.yml</code>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">name</span><span class="pi">:</span> <span class="s">Secret Scan</span> <span class="na">on</span><span class="pi">:</span> <span class="na">pull_request</span><span class="pi">:</span> <span class="na">branches</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">main</span><span class="pi">,</span> <span class="nv">master</span><span class="pi">]</span> <span class="na">push</span><span class="pi">:</span> <span class="na">branches</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">main</span><span class="pi">,</span> <span class="nv">master</span><span class="pi">]</span> <span class="na">permissions</span><span class="pi">:</span> <span class="na">contents</span><span class="pi">:</span> <span class="s">read</span> <span class="na">jobs</span><span class="pi">:</span> <span class="na">secret-scan</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Scan for hardcoded secrets</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Checkout</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v4</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Setup Node.js</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/setup-node@v4</span> <span class="na">with</span><span class="pi">:</span> <span class="na">node-version</span><span class="pi">:</span> <span class="m">20</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Scan source for secrets and PII</span> <span class="na">run</span><span class="pi">:</span> <span class="s">npx secretguard . --json &gt; secretguard-report.json</span> <span class="na">continue-on-error</span><span class="pi">:</span> <span class="kc">true</span> <span class="na">id</span><span class="pi">:</span> <span class="s">scan</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Upload scan report</span> <span class="na">if</span><span class="pi">:</span> <span class="s">always()</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/upload-artifact@v4</span> <span class="na">with</span><span class="pi">:</span> <span class="na">name</span><span class="pi">:</span> <span class="s">secretguard-report</span> <span class="na">path</span><span class="pi">:</span> <span class="s">secretguard-report.json</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Fail on CRITICAL findings</span> <span class="na">if</span><span class="pi">:</span> <span class="s">steps.scan.outcome == 'failure'</span> <span class="na">run</span><span class="pi">:</span> <span class="pi">|</span> <span class="s">echo "CRITICAL secrets or PII found. Review the scan report artifact."</span> <span class="s">exit 1</span> </code></pre> </div> <p><strong>Why a separate workflow:</strong> Keeps security checks visible in the Actions tab. Teams can require this check in branch protection without coupling it to your test job.</p> <p><strong>Minimal one-liner</strong> if you already have a CI workflow:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Scan for hardcoded secrets</span> <span class="na">run</span><span class="pi">:</span> <span class="s">npx secretguard .</span> </code></pre> </div> <p>No API key or config file required. <code>npx</code> pulls the latest published version from npm.</p> <h2> Avoiding false positives in test files </h2> <p>Scanners that flag every email and phone number fail on real codebases. Test files contain <code>user@example.com</code> and <code>555-123-4567</code>. That is fixture data, not a production leak.</p> <p>Three approaches teams use:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Approach</th> <th>Pros</th> <th>Cons</th> </tr> </thead> <tbody> <tr> <td>Ignore all test directories</td> <td>Zero noise</td> <td>Misses real tokens copied into tests</td> </tr> <tr> <td>Filter placeholder values</td> <td>Works in prod files</td> <td>Misses realistic fake data</td> </tr> <tr> <td>Credentials everywhere, PII only in prod paths</td> <td>Balanced</td> <td>Slightly more complex</td> </tr> </tbody> </table></div> <p><a href="https://github.com/chintanshah35/secretguard" rel="noopener noreferrer">secretguard</a> uses the third approach. PII patterns are skipped in <code>*.test.*</code>, <code>*.spec.*</code>, <code>__tests__/</code>, <code>fixtures/</code>, and <code>mocks/</code>. Placeholders like <code>example.com</code> and US <code>555-</code> numbers are filtered elsewhere. <strong>Credentials are always scanned</strong>, including in test files, because a real <code>ghp_</code> token in a test is still a real leak.</p> <h2> gitleaks vs trufflehog vs a Node.js CI scanner </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Tool</th> <th>Scans git history</th> <th>Scans working tree</th> <th>Node.js native</th> <th>Best for</th> </tr> </thead> <tbody> <tr> <td><a href="https://github.com/gitleaks/gitleaks" rel="noopener noreferrer">gitleaks</a></td> <td>Yes</td> <td>Yes (<code>detect --no-git</code>)</td> <td>No (Go binary)</td> <td>Finding secrets in past commits</td> </tr> <tr> <td><a href="https://github.com/trufflesecurity/trufflehog" rel="noopener noreferrer">trufflehog</a></td> <td>Yes</td> <td>Yes</td> <td>No</td> <td>Deep entropy + verified secrets</td> </tr> <tr> <td>GitHub secret scanning</td> <td>On push</td> <td>No</td> <td>N/A</td> <td>Platform-level detection</td> </tr> <tr> <td><a href="https://github.com/chintanshah35/secretguard" rel="noopener noreferrer">secretguard</a></td> <td>No</td> <td>Yes</td> <td>Yes</td> <td>Fast PR check, credentials + PII</td> </tr> </tbody> </table></div> <p><strong>Practical combo many teams use:</strong></p> <ol> <li> <strong>gitleaks</strong> or <strong>trufflehog</strong> in CI weekly (or on main) for git history</li> <li> <strong>secretguard</strong> on every PR for the current diff's files on disk</li> <li> <strong>GitHub push protection</strong> enabled as a last line of defense</li> </ol> <p>Example gitleaks step for comparison:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Gitleaks scan</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">gitleaks/gitleaks-action@v2</span> <span class="na">env</span><span class="pi">:</span> <span class="na">GITHUB_TOKEN</span><span class="pi">:</span> <span class="s">${{ secrets.GITHUB_TOKEN }}</span> </code></pre> </div> <p>None of these replace a secrets manager (Vault, AWS Secrets Manager, Doppler) or proper <code>.gitignore</code> hygiene.</p> <h2> Enable GitHub push protection (free for public repos) </h2> <p>GitHub can block pushes that contain known secret patterns before they enter the repo.</p> <ol> <li>Go to <strong>Repository → Settings → Code security and analysis</strong> </li> <li>Enable <strong>Secret scanning</strong> (public repos: free)</li> <li>Enable <strong>Push protection</strong> </li> </ol> <p>This is reactive at push time. CI scanning on pull requests is proactive at review time. Use both.</p> <p>Official docs: <a href="https://docs.github.com/en/code-security/secret-scanning/working-with-secret-scanning-and-push-protection/working-with-push-protection-from-the-command-line" rel="noopener noreferrer">Working with push protection</a></p> <h2> What to do when you find a leaked API key </h2> <p>Finding a secret is not enough. You have to assume it is compromised.</p> <p><strong>Step 1: Remove from code immediately</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Find the file and line from scan output, edit, commit</span> git add <span class="nt">-A</span> <span class="o">&amp;&amp;</span> git commit <span class="nt">-m</span> <span class="s2">"Remove hardcoded API key"</span> </code></pre> </div> <p><strong>Step 2: Rotate the credential</strong></p> <ul> <li>Stripe: roll the key in Dashboard → Developers → API keys</li> <li>GitHub: revoke the PAT under Settings → Developer settings</li> <li>AWS: deactivate the access key in IAM</li> <li>Database: change the password and update your secrets manager</li> </ul> <p><strong>Step 3: Check git history</strong></p> <p>If the key was ever committed, removing it from HEAD is not enough. It still exists in old commits. Use gitleaks or <code>git log -S 'sk_live_'</code> to find when it was introduced. You may need <code>git filter-repo</code> or GitHub's secret scanning alert workflow for serious incidents.</p> <p><strong>Step 4: Enable prevention</strong></p> <ul> <li>Add secret scanning to CI (workflow above)</li> <li>Add a pre-commit hook locally</li> <li>Never use production keys in test fixtures; use env vars or mock values</li> </ul> <p><strong>Step 5: Document for your team</strong></p> <p>Log the incident (without the secret value). Note which key was rotated and when.</p> <h2> Pre-commit secret scan (optional) </h2> <p>Catch leaks before they leave your laptop:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c">#!/bin/sh</span> <span class="c"># .git/hooks/pre-commit</span> npx secretguard <span class="nb">.</span> <span class="o">||</span> <span class="nb">exit </span>1 </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">chmod</span> +x .git/hooks/pre-commit </code></pre> </div> <p>Slower feedback than CI but prevents the push entirely. For teams, consider <a href="https://typicode.github.io/husky/" rel="noopener noreferrer">Husky</a> to share hooks via the repo.</p> <h2> Example scan output </h2> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>CRITICAL (2) src/config.ts:14 Stripe Live Secret Key sk_live_****7890 src/db.ts:8 Database URL (PostgreSQL) postgres://****@host/db HIGH (1) src/auth.ts:22 JWT Token eyJhbG****In0 </code></pre> </div> <p>Add a screenshot of your own scan before publishing. Use alt text: <code>secretguard terminal output showing masked API key findings</code>.</p> <h2> Programmatic scan in Node.js </h2> <p>Embed scanning in custom tooling:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">scan</span><span class="p">,</span> <span class="nx">credentialPatterns</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">secretguard</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">scan</span><span class="p">(</span><span class="dl">'</span><span class="s1">./src</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">patterns</span><span class="p">:</span> <span class="p">[...</span><span class="nx">credentialPatterns</span><span class="p">],</span> <span class="p">})</span> <span class="kd">const</span> <span class="nx">critical</span> <span class="o">=</span> <span class="nx">result</span><span class="p">.</span><span class="nx">findings</span><span class="p">.</span><span class="nf">filter</span><span class="p">((</span><span class="nx">f</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nx">f</span><span class="p">.</span><span class="nx">severity</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">CRITICAL</span><span class="dl">'</span><span class="p">)</span> <span class="k">if </span><span class="p">(</span><span class="nx">critical</span><span class="p">.</span><span class="nx">length</span> <span class="o">&gt;</span> <span class="mi">0</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="s2">`Found </span><span class="p">${</span><span class="nx">critical</span><span class="p">.</span><span class="nx">length</span><span class="p">}</span><span class="s2"> critical issues`</span><span class="p">)</span> <span class="nx">process</span><span class="p">.</span><span class="nf">exit</span><span class="p">(</span><span class="mi">1</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <h2> FAQ </h2> <h3> How do I detect hardcoded API keys in a Node.js project? </h3> <p>Run a secret scanner against your source tree: <code>npx secretguard .</code> locally, or add a GitHub Actions step that runs the same command on every pull request. Complement with gitleaks for git history if keys may exist in old commits.</p> <h3> What is the best secret scanning tool for GitHub Actions? </h3> <p>Depends on scope. <strong>gitleaks</strong> and <strong>trufflehog</strong> are strong for git history. For a lightweight check of current files without installing Go/Python tooling, a Node-native CLI like <strong>secretguard</strong> fits standard JavaScript CI images. Enable GitHub push protection regardless of which scanner you pick.</p> <h3> Does secret scanning replace .gitignore? </h3> <p>No. <code>.gitignore</code> prevents committing <code>.env</code>. Secret scanning catches credentials written directly in <code>.ts</code>, <code>.js</code>, <code>.json</code>, and test files that are supposed to be in the repo.</p> <h3> Should I scan test files? </h3> <p>Yes for credentials. A real GitHub token in <code>auth.test.ts</code> is a real leak. PII scanners should skip or filter test fixtures to avoid false positives from <code>user@example.com</code>.</p> <h3> What exit code should fail CI? </h3> <p>Fail on CRITICAL (live API keys, private keys, database passwords). Report HIGH and MEDIUM without blocking until your team agrees on policy.</p> <h2> Checklist before you merge </h2> <ul> <li>[ ] Run <code>npx secretguard .</code> locally once</li> <li>[ ] Add <code>.github/workflows/secret-scan.yml</code> </li> <li>[ ] Enable GitHub push protection</li> <li>[ ] Fix CRITICAL findings and rotate any exposed keys</li> <li>[ ] Confirm test fixtures use mocks, not production credentials</li> <li>[ ] Add terminal screenshot to this post before publishing (if on own blog)</li> </ul> <h2> Links </h2> <ul> <li>GitHub: <a href="https://github.com/chintanshah35/secretguard" rel="noopener noreferrer">github.com/chintanshah35/secretguard</a> </li> <li>npm: <a href="https://www.npmjs.com/package/secretguard" rel="noopener noreferrer">npmjs.com/package/secretguard</a> </li> <li>GitHub secret scanning docs: <a href="https://docs.github.com/en/code-security/secret-scanning" rel="noopener noreferrer">docs.github.com/code-security/secret-scanning</a> </li> </ul> <p>If you run secret scanning in a monorepo or use gitleaks alongside a Node scanner, share your setup in the comments.</p> node security devops javascript Chintan Shah Wed, 27 May 2026 04:55:08 +0000 https://dev.to/chintanshah35/winston-vs-pino-in-2026-a-production-tested-comparison-6o0 https://dev.to/chintanshah35/winston-vs-pino-in-2026-a-production-tested-comparison-6o0 <p>I ran both <strong>winston</strong> and <strong>pino</strong> in production Node.js APIs over the past two years. Both are excellent. Both are well-maintained. Both have millions of weekly downloads. But they're built for different priorities.</p> <p>This post compares them honestly: benchmarks, features, migration paths, and which one I'd reach for in different scenarios. At the end I'll cover where both fall short — and what I ended up doing about it.</p> <h2> TL;DR </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>If You...</th> <th>Pick</th> </tr> </thead> <tbody> <tr> <td>Serve 5k+ RPS and care about throughput</td> <td><strong>pino</strong></td> </tr> <tr> <td>Already use winston in production with no real pain</td> <td> <strong>winston</strong> (don't migrate for fun)</td> </tr> <tr> <td>Need an obscure transport (syslog, raw TCP)</td> <td><strong>winston</strong></td> </tr> <tr> <td>Want a smaller, more focused API</td> <td><strong>pino</strong></td> </tr> <tr> <td>Need JSON logs for log aggregator only</td> <td><strong>pino</strong></td> </tr> <tr> <td>Need custom format combinators</td> <td><strong>winston</strong></td> </tr> </tbody> </table></div> <h2> Benchmark: 10,000 Structured Logs </h2> <p>Same workload. JSON output to stdout. Structured metadata. Node 22.</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Logger</th> <th>Time (ms)</th> <th>Memory (MB)</th> <th>Bundle (gzipped)</th> </tr> </thead> <tbody> <tr> <td><strong>pino</strong></td> <td>31</td> <td>17</td> <td>8 KB</td> </tr> <tr> <td><strong>winston</strong></td> <td>58</td> <td>22</td> <td>32 KB</td> </tr> </tbody> </table></div> <p><strong>pino is roughly 1.9x faster than winston</strong> on this machine (Node 22, Apple M-series, stdout redirected to <code>/dev/null</code>). Not new information but worth seeing real numbers rather than theoretical ones.</p> <p>Benchmark code is at the bottom of this post.</p> <h3> When This Matters </h3> <p>If your API serves under 1k RPS, <strong>the difference is invisible to your users.</strong> Your bottleneck is your database, your downstream services, or your business logic. Not log serialization.</p> <p>If your API serves 10k+ RPS or runs on small instances where every CPU cycle matters, <strong>pick pino</strong>.</p> <h2> Feature Comparison </h2> <h3> Log Levels &amp; Namespaces </h3> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Feature</th> <th>winston</th> <th>pino</th> </tr> </thead> <tbody> <tr> <td>Standard levels</td> <td>Yes</td> <td>Yes</td> </tr> <tr> <td>Custom levels</td> <td>Yes</td> <td>Yes</td> </tr> <tr> <td>Namespaced child loggers</td> <td>Yes</td> <td>Yes</td> </tr> </tbody> </table></div> <p>Roughly equal. Neither is meaningfully easier.</p> <h3> PII Redaction </h3> <p><strong>winston:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="nx">winston</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">winston</span><span class="dl">'</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">format</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">winston</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">log</span> <span class="o">=</span> <span class="nx">winston</span><span class="p">.</span><span class="nf">createLogger</span><span class="p">({</span> <span class="na">format</span><span class="p">:</span> <span class="nx">format</span><span class="p">.</span><span class="nf">combine</span><span class="p">(</span> <span class="nf">format</span><span class="p">((</span><span class="nx">info</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">delete</span> <span class="nx">info</span><span class="p">.</span><span class="nx">password</span> <span class="k">delete</span> <span class="nx">info</span><span class="p">.</span><span class="nx">token</span> <span class="k">return</span> <span class="nx">info</span> <span class="p">})(),</span> <span class="nx">format</span><span class="p">.</span><span class="nf">json</span><span class="p">()</span> <span class="p">)</span> <span class="p">})</span> </code></pre> </div> <p>Field deletion via custom format. No path syntax. No pattern detection. The <code>winston-redact</code> plugin exists but is barely maintained as of 2026.</p> <p><strong>pino:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="nx">pino</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">pino</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">log</span> <span class="o">=</span> <span class="nf">pino</span><span class="p">({</span> <span class="na">redact</span><span class="p">:</span> <span class="p">{</span> <span class="na">paths</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">password</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">token</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">user.email</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">user.*.email</span><span class="dl">'</span><span class="p">],</span> <span class="na">censor</span><span class="p">:</span> <span class="dl">'</span><span class="s1">[REDACTED]</span><span class="dl">'</span> <span class="p">}</span> <span class="p">})</span> </code></pre> </div> <p>Cleaner. Path syntax with wildcards. Still no pattern detection (emails, SSNs, credit cards in free-form strings will leak through).</p> <p><strong>Winner: pino</strong>, by a clean API margin. Neither does automatic PII pattern detection.</p> <h3> Transports &amp; Integrations </h3> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Destination</th> <th>winston</th> <th>pino</th> </tr> </thead> <tbody> <tr> <td>Console</td> <td>Built-in</td> <td>Built-in</td> </tr> <tr> <td>File (with rotation)</td> <td>winston-daily-rotate-file</td> <td>pino-roll</td> </tr> <tr> <td>Sentry</td> <td>winston-sentry</td> <td>pino-sentry</td> </tr> <tr> <td>Datadog</td> <td>winston-datadog</td> <td>pino-datadog</td> </tr> <tr> <td>Elasticsearch</td> <td>winston-elasticsearch</td> <td>pino-elasticsearch</td> </tr> <tr> <td>CloudWatch</td> <td>winston-cloudwatch</td> <td>pino-cloudwatch-transport</td> </tr> <tr> <td>Loki</td> <td>community</td> <td>pino-loki</td> </tr> <tr> <td>Splunk</td> <td>winston-splunk</td> <td>pino-splunk</td> </tr> <tr> <td>OpenTelemetry</td> <td>winston-opentelemetry</td> <td>pino-opentelemetry-transport</td> </tr> </tbody> </table></div> <p>Both have most integrations. <strong>winston's ecosystem is larger but more fragmented</strong> (several popular plugins are unmaintained as of 2026). <strong>pino's ecosystem is smaller but more consistently maintained.</strong></p> <p>If you check the GitHub commit dates on plugins before installing, you'll quickly see what I mean.</p> <h3> TypeScript Support </h3> <p>Both work fine. pino's type inference is slightly nicer in 2026. winston's types are correct but verbose.</p> <h3> Browser Support </h3> <ul> <li> <strong>winston:</strong> Plugin-based (winston-browser), limited</li> <li> <strong>pino:</strong> Node-only by design</li> </ul> <p>Neither is great if you want the same logger in your frontend and backend. If that matters to you, neither of these is your answer (look at consola, loglevel, or other browser-focused options).</p> <h3> Backpressure &amp; Reliability </h3> <p><strong>winston:</strong></p> <ul> <li>Uses Node streams for transports</li> <li>Built-in retry support varies by transport</li> <li>No first-class circuit breaker</li> </ul> <p><strong>pino:</strong></p> <ul> <li>Uses worker threads (in <code>pino.transport()</code> mode) to move serialization off the main loop</li> <li>Async transport by default, drops logs gracefully under backpressure</li> <li>No first-class circuit breaker either</li> </ul> <p><strong>Winner: pino.</strong> The worker-thread architecture is a real engineering advantage when your log destination has hiccups.</p> <h2> When To Use Which </h2> <h3> Use winston if: </h3> <ul> <li>You already use it in production. Migration cost is real and rarely worth it.</li> <li>You need a transport that only winston has (winston-syslog is one example).</li> <li>Your team has years of winston tribal knowledge.</li> <li>You need flexible custom format chains.</li> </ul> <h3> Use pino if: </h3> <ul> <li>You're optimizing every CPU cycle.</li> <li>You're okay with JSON-only output (typical for production).</li> <li>You want a smaller, more focused API surface.</li> <li>You're starting a new Node.js project today.</li> </ul> <p><strong>For new projects in 2026, pino is the safer default.</strong> It's faster, more focused, and the ecosystem is healthier.</p> <h2> Migration: winston → pino </h2> <p>The most common migration path. Takes 1-2 hours for a typical app.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// Before</span> <span class="k">import</span> <span class="nx">winston</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">winston</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">log</span> <span class="o">=</span> <span class="nx">winston</span><span class="p">.</span><span class="nf">createLogger</span><span class="p">({</span> <span class="na">format</span><span class="p">:</span> <span class="nx">winston</span><span class="p">.</span><span class="nx">format</span><span class="p">.</span><span class="nf">json</span><span class="p">(),</span> <span class="na">defaultMeta</span><span class="p">:</span> <span class="p">{</span> <span class="na">service</span><span class="p">:</span> <span class="dl">'</span><span class="s1">api</span><span class="dl">'</span> <span class="p">},</span> <span class="na">transports</span><span class="p">:</span> <span class="p">[</span><span class="k">new</span> <span class="nx">winston</span><span class="p">.</span><span class="nx">transports</span><span class="p">.</span><span class="nc">Console</span><span class="p">()]</span> <span class="p">})</span> <span class="nx">log</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">User login</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">userId</span><span class="p">:</span> <span class="mi">123</span> <span class="p">})</span> <span class="nx">log</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="dl">'</span><span class="s1">Failed</span><span class="dl">'</span><span class="p">,</span> <span class="nx">err</span><span class="p">)</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// After</span> <span class="k">import</span> <span class="nx">pino</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">pino</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">log</span> <span class="o">=</span> <span class="nf">pino</span><span class="p">({</span> <span class="na">base</span><span class="p">:</span> <span class="p">{</span> <span class="na">service</span><span class="p">:</span> <span class="dl">'</span><span class="s1">api</span><span class="dl">'</span> <span class="p">}</span> <span class="p">})</span> <span class="nx">log</span><span class="p">.</span><span class="nf">info</span><span class="p">({</span> <span class="na">userId</span><span class="p">:</span> <span class="mi">123</span> <span class="p">},</span> <span class="dl">'</span><span class="s1">User login</span><span class="dl">'</span><span class="p">)</span> <span class="c1">// note: payload first</span> <span class="nx">log</span><span class="p">.</span><span class="nf">error</span><span class="p">({</span> <span class="nx">err</span> <span class="p">},</span> <span class="dl">'</span><span class="s1">Failed</span><span class="dl">'</span><span class="p">)</span> <span class="c1">// errors go in object</span> </code></pre> </div> <h3> The Three Things That Trip People Up </h3> <ol> <li><p><strong>Argument order swaps.</strong> winston: <code>log.info(message, payload)</code>. pino: <code>log.info(payload, message)</code>. A regex find-replace handles 80% of it.</p></li> <li><p><strong>Errors aren't first-class.</strong> winston accepts <code>log.error(err)</code>. pino prefers <code>log.error({ err }, 'description')</code> because it serializes errors via the <code>errorSerializer</code>. Set up serializers early.</p></li> <li><p><strong>No pretty output in production.</strong> pino's default is JSON to stdout, no colors. In development, pipe through <code>pino-pretty</code>. In production, ship raw JSON to your aggregator.</p></li> </ol> <h2> Migration: pino → winston (Rare) </h2> <p>Almost no one does this. If you're considering it, you probably want:</p> <ul> <li>More flexible custom format chains (winston's <code>format.combine</code> is genuinely nice)</li> <li>A specific transport only winston has</li> </ul> <p>Otherwise, stay on pino.</p> <h2> What's Missing From Both </h2> <p>Honest critique of both libraries:</p> <ol> <li><p><strong>Neither does automatic PII pattern detection.</strong> You write the regex or you use a plugin. In 2026 with GDPR, HIPAA, and PCI-DSS audits everywhere, this feels like a real gap. Path-based redaction (<code>paths: ['user.email']</code>) misses emails that slip into free-form message strings.</p></li> <li><p><strong>Neither has a built-in circuit breaker.</strong> If your log destination (Datadog, Elasticsearch) goes down, your app's transport queue grows until something bad happens. I've seen this OOM a production pod. You bolt the fix on yourself.</p></li> <li><p><strong>Neither has a great browser story.</strong> If your frontend and backend should share a logging abstraction, you're picking between two Node-first tools.</p></li> </ol> <p>I ran into all three of these hard enough that I eventually built a logger to address them — <a href="https://github.com/chintanshah35/logfx" rel="noopener noreferrer">logfx</a>. It's newer than both and I'm not claiming it competes on adoption. But if any of these gaps resonate, it might be worth a look. I'll write up the full story in a follow-up post.</p> <h2> Conclusion </h2> <p><strong>For most teams in 2026, pino is the right answer.</strong> Faster, well-maintained, focused API, healthy ecosystem.</p> <p><strong>winston is fine if you already use it.</strong> Don't migrate for fun. Migrations have real costs.</p> <p>The "best logger" depends on what you're optimizing for. Hopefully this comparison made the tradeoffs clear.</p> <h2> Appendix: Benchmark Code </h2> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">performance</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">node:perf_hooks</span><span class="dl">'</span> <span class="k">import</span> <span class="nx">winston</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">winston</span><span class="dl">'</span> <span class="k">import</span> <span class="nx">pino</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">pino</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">ITERATIONS</span> <span class="o">=</span> <span class="mi">10</span><span class="nx">_000</span> <span class="kd">const</span> <span class="nx">PAYLOAD</span> <span class="o">=</span> <span class="p">{</span> <span class="na">userId</span><span class="p">:</span> <span class="mi">123</span><span class="p">,</span> <span class="na">email</span><span class="p">:</span> <span class="dl">'</span><span class="s1">user@example.com</span><span class="dl">'</span><span class="p">,</span> <span class="na">action</span><span class="p">:</span> <span class="dl">'</span><span class="s1">login</span><span class="dl">'</span><span class="p">,</span> <span class="na">metadata</span><span class="p">:</span> <span class="p">{</span> <span class="na">ip</span><span class="p">:</span> <span class="dl">'</span><span class="s1">1.2.3.4</span><span class="dl">'</span><span class="p">,</span> <span class="na">userAgent</span><span class="p">:</span> <span class="dl">'</span><span class="s1">curl/8.0</span><span class="dl">'</span> <span class="p">}</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">winstonLog</span> <span class="o">=</span> <span class="nx">winston</span><span class="p">.</span><span class="nf">createLogger</span><span class="p">({</span> <span class="na">format</span><span class="p">:</span> <span class="nx">winston</span><span class="p">.</span><span class="nx">format</span><span class="p">.</span><span class="nf">json</span><span class="p">(),</span> <span class="na">transports</span><span class="p">:</span> <span class="p">[</span><span class="k">new</span> <span class="nx">winston</span><span class="p">.</span><span class="nx">transports</span><span class="p">.</span><span class="nc">Console</span><span class="p">()]</span> <span class="p">})</span> <span class="kd">const</span> <span class="nx">pinoLog</span> <span class="o">=</span> <span class="nf">pino</span><span class="p">()</span> <span class="kd">function</span> <span class="nf">bench</span><span class="p">(</span><span class="nx">name</span><span class="p">,</span> <span class="nx">fn</span><span class="p">)</span> <span class="p">{</span> <span class="nb">global</span><span class="p">.</span><span class="nx">gc</span><span class="p">?.()</span> <span class="kd">const</span> <span class="nx">memBefore</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nf">memoryUsage</span><span class="p">().</span><span class="nx">heapUsed</span> <span class="kd">const</span> <span class="nx">start</span> <span class="o">=</span> <span class="nx">performance</span><span class="p">.</span><span class="nf">now</span><span class="p">()</span> <span class="k">for </span><span class="p">(</span><span class="kd">let</span> <span class="nx">i</span> <span class="o">=</span> <span class="mi">0</span><span class="p">;</span> <span class="nx">i</span> <span class="o">&lt;</span> <span class="nx">ITERATIONS</span><span class="p">;</span> <span class="nx">i</span><span class="o">++</span><span class="p">)</span> <span class="nf">fn</span><span class="p">()</span> <span class="kd">const</span> <span class="nx">elapsed</span> <span class="o">=</span> <span class="nx">performance</span><span class="p">.</span><span class="nf">now</span><span class="p">()</span> <span class="o">-</span> <span class="nx">start</span> <span class="kd">const</span> <span class="nx">memAfter</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nf">memoryUsage</span><span class="p">().</span><span class="nx">heapUsed</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="s2">`</span><span class="p">${</span><span class="nx">name</span><span class="p">}</span><span class="s2">: </span><span class="p">${</span><span class="nx">elapsed</span><span class="p">.</span><span class="nf">toFixed</span><span class="p">(</span><span class="mi">0</span><span class="p">)}</span><span class="s2">ms, </span><span class="p">${((</span><span class="nx">memAfter</span> <span class="o">-</span> <span class="nx">memBefore</span><span class="p">)</span> <span class="o">/</span> <span class="mi">1024</span> <span class="o">/</span> <span class="mi">1024</span><span class="p">).</span><span class="nf">toFixed</span><span class="p">(</span><span class="mi">1</span><span class="p">)}</span><span class="s2">MB`</span><span class="p">)</span> <span class="p">}</span> <span class="nf">bench</span><span class="p">(</span><span class="dl">'</span><span class="s1">winston</span><span class="dl">'</span><span class="p">,</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="nx">winstonLog</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">User login</span><span class="dl">'</span><span class="p">,</span> <span class="nx">PAYLOAD</span><span class="p">))</span> <span class="nf">bench</span><span class="p">(</span><span class="dl">'</span><span class="s1">pino</span><span class="dl">'</span><span class="p">,</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="nx">pinoLog</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="nx">PAYLOAD</span><span class="p">,</span> <span class="dl">'</span><span class="s1">User login</span><span class="dl">'</span><span class="p">))</span> </code></pre> </div> <p>Run with: <code>node --expose-gc benchmark.js &gt; /dev/null</code></p> <p>(stdout redirected because we're measuring the logger, not the terminal.)</p> <p><em>Got a strong opinion on winston vs pino? Drop a comment — genuinely curious what's driving people's choices in 2026. And if the gaps I mentioned above resonate, I'll link the follow-up post here when it's up.</em></p> node javascript typescript logging Chintan Shah Wed, 27 May 2026 04:26:06 +0000 https://dev.to/chintanshah35/logfx-v100-one-logger-for-development-and-production-4cj5 https://dev.to/chintanshah35/logfx-v100-one-logger-for-development-and-production-4cj5 <p>Today I'm shipping logfx v1.0.0. It's the first release I consider production-ready: 13 official integrations, PII redaction, retry and circuit breaker in the webhook transport, and zero dependencies. Same API in Node and browser.</p> <p>Every logger forces a choice: readable output for development, or structured JSON for production. You either configure both manually or pick one and live with it. logfx v1.0.0 removes that choice. Same logger, auto-detected format based on NODE_ENV.</p> <p>I've been maintaining logfx since v0.3.0.</p> <h2> The Problem </h2> <p>In development, you want logs you can read. Colors, emojis, clear structure. When something breaks at 2am, you need to scan output quickly.</p> <p>In production, you need structured JSON. Datadog, Elasticsearch, Splunk, and every log aggregator expect JSON. Timestamps, levels, correlation IDs. Machine-readable.</p> <p>Most loggers make you configure two setups or accept one format everywhere. logfx switches automatically.</p> <p>The other pain point: logging user data. Emails, tokens, passwords. One slip and you're leaking PII. logfx handles that with built-in redaction and custom patterns.</p> <p>The third: sending logs to a remote endpoint. Networks fail. Retries, circuit breakers, dead letter queues. You either build it or hope your logs get through. logfx ships it.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">createLogger</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">logfx</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">log</span> <span class="o">=</span> <span class="nf">createLogger</span><span class="p">()</span> <span class="nx">log</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">Server started</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">port</span><span class="p">:</span> <span class="mi">3000</span> <span class="p">})</span> </code></pre> </div> <p><strong>Development output:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>💡 INFO Server started { port: 3000 } </code></pre> </div> <p><strong>Production output</strong> (<code>NODE_ENV=production</code>):<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="nl">"timestamp"</span><span class="p">:</span><span class="s2">"2026-01-14T12:00:00.000Z"</span><span class="p">,</span><span class="nl">"level"</span><span class="p">:</span><span class="s2">"info"</span><span class="p">,</span><span class="nl">"message"</span><span class="p">:</span><span class="s2">"Server started"</span><span class="p">,</span><span class="nl">"data"</span><span class="p">:{</span><span class="nl">"port"</span><span class="p">:</span><span class="mi">3000</span><span class="p">}}</span><span class="w"> </span></code></pre> </div> <p>No format flag. No environment checks in your code. It just works.</p> <h2> What logfx Actually Does </h2> <h3> Core Logging </h3> <p>Five levels (debug, info, success, warn, error), namespaced loggers, context metadata. Errors serialize with stack traces. Lazy evaluation so you can defer expensive operations until they're actually logged. Same API whether you're in Node, Bun, Deno, or the browser.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">authLog</span> <span class="o">=</span> <span class="nf">createLogger</span><span class="p">({</span> <span class="na">namespace</span><span class="p">:</span> <span class="dl">'</span><span class="s1">auth</span><span class="dl">'</span> <span class="p">})</span> <span class="nx">authLog</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">Login attempt</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">userId</span><span class="p">:</span> <span class="mi">123</span> <span class="p">})</span> <span class="c1">// 💡 INFO [auth] Login attempt { userId: 123 }</span> </code></pre> </div> <p>Attach metadata to every log from a logger:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">log</span> <span class="o">=</span> <span class="nf">createLogger</span><span class="p">({</span> <span class="na">context</span><span class="p">:</span> <span class="p">{</span> <span class="na">service</span><span class="p">:</span> <span class="dl">'</span><span class="s1">api</span><span class="dl">'</span><span class="p">,</span> <span class="na">version</span><span class="p">:</span> <span class="dl">'</span><span class="s1">1.0.0</span><span class="dl">'</span> <span class="p">}</span> <span class="p">})</span> <span class="nx">log</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">Request received</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">path</span><span class="p">:</span> <span class="dl">'</span><span class="s1">/users</span><span class="dl">'</span> <span class="p">})</span> <span class="c1">// Every entry includes service and version</span> </code></pre> </div> <p>W3C TraceParent format is supported for correlating logs across services.</p> <h3> PII Redaction </h3> <p>Logging user data is risky. Emails, SSNs, credit cards, JWTs can leak. logfx has built-in patterns and key-based redaction:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">log</span> <span class="o">=</span> <span class="nf">createLogger</span><span class="p">({</span> <span class="na">redact</span><span class="p">:</span> <span class="p">{</span> <span class="na">keys</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">password</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">token</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">apiKey</span><span class="dl">'</span><span class="p">],</span> <span class="na">patterns</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">email</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">ssn</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">creditCard</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">phone</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">ip</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">jwt</span><span class="dl">'</span><span class="p">],</span> <span class="na">customPatterns</span><span class="p">:</span> <span class="p">[</span> <span class="p">{</span> <span class="na">name</span><span class="p">:</span> <span class="dl">'</span><span class="s1">apiKey</span><span class="dl">'</span><span class="p">,</span> <span class="na">regex</span><span class="p">:</span> <span class="sr">/sk_</span><span class="se">(</span><span class="sr">live|test</span><span class="se">)</span><span class="sr">_</span><span class="se">[</span><span class="sr">a-zA-Z0-9</span><span class="se">]</span><span class="sr">+/g</span> <span class="p">}</span> <span class="p">]</span> <span class="p">},</span> <span class="na">transports</span><span class="p">:</span> <span class="p">[</span><span class="nx">transports</span><span class="p">.</span><span class="nf">console</span><span class="p">({</span> <span class="na">format</span><span class="p">:</span> <span class="dl">'</span><span class="s1">json</span><span class="dl">'</span> <span class="p">})]</span> <span class="p">})</span> <span class="nx">log</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">User signup</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">email</span><span class="p">:</span> <span class="dl">'</span><span class="s1">user@example.com</span><span class="dl">'</span><span class="p">,</span> <span class="na">password</span><span class="p">:</span> <span class="dl">'</span><span class="s1">secret</span><span class="dl">'</span> <span class="p">})</span> <span class="c1">// {"email":"[REDACTED]","password":"[REDACTED]",...}</span> </code></pre> </div> <p>You can add custom patterns or masking functions. Useful when you need partial redaction for debugging (e.g. last 4 digits of a card).</p> <h3> Production Reliability (Webhook Transport) </h3> <p>When you send logs to a remote endpoint, networks fail. Timeouts, 5xxs, rate limits. logfx's webhook transport handles that:</p> <ul> <li> <strong>Retry</strong> - Exponential backoff with jitter. Configurable max retries and delay.</li> <li> <strong>Circuit breaker</strong> - Stops sending after N failures, reopens after a timeout.</li> <li> <strong>Dead letter queue</strong> - Failed logs go to an in-memory queue. Optionally persist to disk.</li> <li> <strong>Multi-region failover</strong> - Multiple URLs with round-robin or priority. Optional health checks.</li> </ul> <p>You get this without writing retry logic or circuit breaker code. It's built in.</p> <h3> Framework Middleware </h3> <p>Express, Fastify, and Next.js integrations give you <code>req.log</code> and request IDs:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="nx">express</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">express</span><span class="dl">'</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">expressLogger</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">logfx/middleware</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">app</span> <span class="o">=</span> <span class="nf">express</span><span class="p">()</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nf">expressLogger</span><span class="p">())</span> <span class="nx">app</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">/users</span><span class="dl">'</span><span class="p">,</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">req</span><span class="p">.</span><span class="nx">log</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">Fetching users</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">userId</span><span class="p">:</span> <span class="nx">req</span><span class="p">.</span><span class="nx">query</span><span class="p">.</span><span class="nx">id</span> <span class="p">})</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">({</span> <span class="na">users</span><span class="p">:</span> <span class="p">[]</span> <span class="p">})</span> <span class="p">})</span> </code></pre> </div> <p><strong>Output:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>💡 INFO [http] Incoming request { method: 'GET', path: '/users', requestId: 'abc123' } 💡 INFO [http] Fetching users { userId: '42' } 💡 INFO [http] Request completed { method: 'GET', path: '/users', status: 200, durationMs: 45 } </code></pre> </div> <p>Each request gets a unique ID. Status codes set log level (5xx = error, 4xx = warn). Skip health checks or customize ID extraction. The middleware works with Express, Fastify, and Next.js API routes.</p> <h3> 13 Integrations </h3> <p>Separate packages for each platform. Install only what you need:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install </span>logfx logfx-datadog <span class="c"># or logfx-elasticsearch, logfx-sentry, logfx-cloudwatch, etc.</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">createLogger</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">logfx</span><span class="dl">'</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">datadogTransport</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">logfx-datadog</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">log</span> <span class="o">=</span> <span class="nf">createLogger</span><span class="p">({</span> <span class="na">transports</span><span class="p">:</span> <span class="p">[</span> <span class="nf">datadogTransport</span><span class="p">({</span> <span class="na">apiKey</span><span class="p">:</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">DD_API_KEY</span><span class="p">,</span> <span class="na">service</span><span class="p">:</span> <span class="dl">'</span><span class="s1">my-api</span><span class="dl">'</span><span class="p">,</span> <span class="na">batchSize</span><span class="p">:</span> <span class="mi">100</span><span class="p">,</span> <span class="na">flushInterval</span><span class="p">:</span> <span class="mi">5000</span> <span class="p">})</span> <span class="p">]</span> <span class="p">})</span> </code></pre> </div> <p>Available integrations: Datadog, Elasticsearch, Sentry, OpenTelemetry, AWS CloudWatch, Google Cloud Logging, Azure Monitor, Slack, Grafana Loki, Papertrail, Splunk, Honeycomb, Logtail. Each uses the same Transport interface. Add console, file, or webhook in the same array.</p> <p>No monolith. Install only what you need. Each integration is a separate package.</p> <h3> File Transport with Rotation </h3> <p>Write to disk with size-based rotation and compression:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">transports</span><span class="p">.</span><span class="nf">file</span><span class="p">({</span> <span class="na">path</span><span class="p">:</span> <span class="dl">'</span><span class="s1">./logs/app.log</span><span class="dl">'</span><span class="p">,</span> <span class="na">rotation</span><span class="p">:</span> <span class="p">{</span> <span class="na">maxSize</span><span class="p">:</span> <span class="dl">'</span><span class="s1">10mb</span><span class="dl">'</span><span class="p">,</span> <span class="na">maxFiles</span><span class="p">:</span> <span class="mi">5</span><span class="p">,</span> <span class="na">compress</span><span class="p">:</span> <span class="kc">true</span> <span class="p">}</span> <span class="p">})</span> </code></pre> </div> <p>Creates <code>app.log.1</code>, <code>app.log.2</code>, etc. Old files are gzipped. Prevents disk from filling up.</p> <h3> Browser Support </h3> <p>Same API in Node and browser. For SPAs, the Beacon transport sends logs reliably even when the user closes the tab:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">transports</span><span class="p">.</span><span class="nf">beacon</span><span class="p">({</span> <span class="na">url</span><span class="p">:</span> <span class="dl">'</span><span class="s1">/api/logs</span><span class="dl">'</span><span class="p">,</span> <span class="na">events</span><span class="p">:</span> <span class="p">{</span> <span class="na">beforeunload</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">visibilitychange</span><span class="p">:</span> <span class="kc">true</span> <span class="p">}</span> <span class="p">})</span> </code></pre> </div> <p>Uses the Beacon API. Falls back to fetch if unavailable. Non-blocking so it doesn't delay page unload. Useful for analytics, error reporting, or session replay when the user navigates away.</p> <h3> Log Sampling </h3> <p>For high traffic, reduce volume while keeping visibility:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">log</span> <span class="o">=</span> <span class="nf">createLogger</span><span class="p">({</span> <span class="na">sampling</span><span class="p">:</span> <span class="p">{</span> <span class="na">debug</span><span class="p">:</span> <span class="mf">0.1</span><span class="p">,</span> <span class="na">info</span><span class="p">:</span> <span class="mf">0.5</span><span class="p">,</span> <span class="na">warn</span><span class="p">:</span> <span class="mf">1.0</span><span class="p">,</span> <span class="na">error</span><span class="p">:</span> <span class="mf">1.0</span> <span class="p">}</span> <span class="p">})</span> </code></pre> </div> <p>Sample 10% of debug, 50% of info. Always log warnings and errors.</p> <h2> When It Helps </h2> <ul> <li> <strong>Node.js APIs</strong> - Express/Fastify/Next.js middleware, structured JSON to Datadog/Elasticsearch, request tracing</li> <li> <strong>SPAs</strong> - Beacon transport for analytics or error reporting on page close</li> <li> <strong>Microservices</strong> - Context and request IDs for correlating logs across services</li> <li> <strong>Sensitive data</strong> - PII redaction before logs hit aggregation</li> <li> <strong>High volume</strong> - Async buffering, sampling, circuit breaker when the log sink is down</li> </ul> <h2> What's in the Box </h2> <ul> <li>Zero dependencies on the core package</li> <li>~3KB gzipped</li> <li>ESM and CJS</li> <li>Full TypeScript support</li> <li>CI: tests, typecheck, build on Node 18, 20, 22, 24</li> <li>Stress tested: 10k logs in under 1s, 1k with redaction in under 500ms</li> </ul> <h2> What It Doesn't Do </h2> <p>It's a logger, not a full observability platform. No distributed tracing (though OpenTelemetry integration injects trace IDs). No metrics. No APM. It logs. That's the scope.</p> <h2> Try It </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install </span>logfx </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">log</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">logfx</span><span class="dl">'</span> <span class="nx">log</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">Hello</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">version</span><span class="p">:</span> <span class="dl">'</span><span class="s1">1.0.0</span><span class="dl">'</span> <span class="p">})</span> <span class="nx">log</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="dl">'</span><span class="s1">Something failed</span><span class="dl">'</span><span class="p">,</span> <span class="k">new</span> <span class="nc">Error</span><span class="p">(</span><span class="dl">'</span><span class="s1">oops</span><span class="dl">'</span><span class="p">))</span> </code></pre> </div> <p><strong>Links:</strong></p> <ul> <li><a href="https://www.npmjs.com/package/logfx" rel="noopener noreferrer">npm</a></li> <li><a href="https://github.com/chintanshah35/logfx" rel="noopener noreferrer">GitHub</a></li> <li><a href="https://github.com/chintanshah35/logfx#readme" rel="noopener noreferrer">Integrations</a></li> </ul> <p>If you're on logfx 0.5.x, v1.0.0 adds integrations, PII redaction improvements, and production hardening. The core API is compatible. Upgrade and add what you need.</p> <h2> Wrapping Up </h2> <p>One logger for dev and prod. No format switching. No config. 13 integrations when you need them. PII redaction and production reliability built in.</p> <p>I also maintain <a href="https://www.npmjs.com/package/handlejson" rel="noopener noreferrer">handlejson</a> (<a href="https://github.com/chintanshah35/handlejson" rel="noopener noreferrer">GitHub</a>) for safe JSON parsing, <a href="https://www.npmjs.com/package/envconfig-kit" rel="noopener noreferrer">envconfig-kit</a> (<a href="https://github.com/chintanshah35/envconfig-kit" rel="noopener noreferrer">GitHub</a>) for env validation, and <a href="https://www.npmjs.com/package/upstatus" rel="noopener noreferrer">upstatus</a> (<a href="https://github.com/chintanshah35/upstatus" rel="noopener noreferrer">GitHub</a>) for uptime monitoring. All focused Node/TS packages.</p> <p>What logging setup are you using? Would love to hear what works (or doesn't) for you.</p> javascript node typescript logging Chintan Shah Thu, 05 Mar 2026 00:35:18 +0000 https://dev.to/chintanshah35/logfx-v100-one-logger-for-development-and-production-1l3 https://dev.to/chintanshah35/logfx-v100-one-logger-for-development-and-production-1l3 <p>Today I'm shipping logfx v1.0.0. It's the first release I consider production-ready: 13 official integrations, PII redaction, retry and circuit breaker in the webhook transport, and zero dependencies. Same API in Node and browser.</p> <p>Every logger forces a choice: readable output for development, or structured JSON for production. You either configure both manually or pick one and live with it. logfx v1.0.0 removes that choice. Same logger, auto-detected format based on NODE_ENV.</p> <p>I've been maintaining logfx since v0.3.0.</p> <h2> The Problem </h2> <p>In development, you want logs you can read. Colors, emojis, clear structure. When something breaks at 2am, you need to scan output quickly.</p> <p>In production, you need structured JSON. Datadog, Elasticsearch, Splunk, and every log aggregator expect JSON. Timestamps, levels, correlation IDs. Machine-readable.</p> <p>Most loggers make you configure two setups or accept one format everywhere. logfx switches automatically.</p> <p>The other pain point: logging user data. Emails, tokens, passwords. One slip and you're leaking PII. logfx handles that with built-in redaction and custom patterns.</p> <p>The third: sending logs to a remote endpoint. Networks fail. Retries, circuit breakers, dead letter queues. You either build it or hope your logs get through. logfx ships it.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">createLogger</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">logfx</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">log</span> <span class="o">=</span> <span class="nf">createLogger</span><span class="p">()</span> <span class="nx">log</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">Server started</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">port</span><span class="p">:</span> <span class="mi">3000</span> <span class="p">})</span> </code></pre> </div> <p><strong>Development output:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>💡 INFO Server started { port: 3000 } </code></pre> </div> <p><strong>Production output</strong> (<code>NODE_ENV=production</code>):<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="nl">"timestamp"</span><span class="p">:</span><span class="s2">"2026-01-14T12:00:00.000Z"</span><span class="p">,</span><span class="nl">"level"</span><span class="p">:</span><span class="s2">"info"</span><span class="p">,</span><span class="nl">"message"</span><span class="p">:</span><span class="s2">"Server started"</span><span class="p">,</span><span class="nl">"data"</span><span class="p">:{</span><span class="nl">"port"</span><span class="p">:</span><span class="mi">3000</span><span class="p">}}</span><span class="w"> </span></code></pre> </div> <p>No format flag. No environment checks in your code. It just works.</p> <h2> What logfx Actually Does </h2> <h3> Core Logging </h3> <p>Five levels (debug, info, success, warn, error), namespaced loggers, context metadata. Errors serialize with stack traces. Lazy evaluation so you can defer expensive operations until they're actually logged. Same API whether you're in Node, Bun, Deno, or the browser.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">authLog</span> <span class="o">=</span> <span class="nf">createLogger</span><span class="p">({</span> <span class="na">namespace</span><span class="p">:</span> <span class="dl">'</span><span class="s1">auth</span><span class="dl">'</span> <span class="p">})</span> <span class="nx">authLog</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">Login attempt</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">userId</span><span class="p">:</span> <span class="mi">123</span> <span class="p">})</span> <span class="c1">// 💡 INFO [auth] Login attempt { userId: 123 }</span> </code></pre> </div> <p>Attach metadata to every log from a logger:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">log</span> <span class="o">=</span> <span class="nf">createLogger</span><span class="p">({</span> <span class="na">context</span><span class="p">:</span> <span class="p">{</span> <span class="na">service</span><span class="p">:</span> <span class="dl">'</span><span class="s1">api</span><span class="dl">'</span><span class="p">,</span> <span class="na">version</span><span class="p">:</span> <span class="dl">'</span><span class="s1">1.0.0</span><span class="dl">'</span> <span class="p">}</span> <span class="p">})</span> <span class="nx">log</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">Request received</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">path</span><span class="p">:</span> <span class="dl">'</span><span class="s1">/users</span><span class="dl">'</span> <span class="p">})</span> <span class="c1">// Every entry includes service and version</span> </code></pre> </div> <p>W3C TraceParent format is supported for correlating logs across services.</p> <h3> PII Redaction </h3> <p>Logging user data is risky. Emails, SSNs, credit cards, JWTs can leak. logfx has built-in patterns and key-based redaction:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">log</span> <span class="o">=</span> <span class="nf">createLogger</span><span class="p">({</span> <span class="na">redact</span><span class="p">:</span> <span class="p">{</span> <span class="na">keys</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">password</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">token</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">apiKey</span><span class="dl">'</span><span class="p">],</span> <span class="na">patterns</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">email</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">ssn</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">creditCard</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">phone</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">ip</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">jwt</span><span class="dl">'</span><span class="p">],</span> <span class="na">customPatterns</span><span class="p">:</span> <span class="p">[</span> <span class="p">{</span> <span class="na">name</span><span class="p">:</span> <span class="dl">'</span><span class="s1">apiKey</span><span class="dl">'</span><span class="p">,</span> <span class="na">regex</span><span class="p">:</span> <span class="sr">/sk_</span><span class="se">(</span><span class="sr">live|test</span><span class="se">)</span><span class="sr">_</span><span class="se">[</span><span class="sr">a-zA-Z0-9</span><span class="se">]</span><span class="sr">+/g</span> <span class="p">}</span> <span class="p">]</span> <span class="p">},</span> <span class="na">transports</span><span class="p">:</span> <span class="p">[</span><span class="nx">transports</span><span class="p">.</span><span class="nf">console</span><span class="p">({</span> <span class="na">format</span><span class="p">:</span> <span class="dl">'</span><span class="s1">json</span><span class="dl">'</span> <span class="p">})]</span> <span class="p">})</span> <span class="nx">log</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">User signup</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">email</span><span class="p">:</span> <span class="dl">'</span><span class="s1">user@example.com</span><span class="dl">'</span><span class="p">,</span> <span class="na">password</span><span class="p">:</span> <span class="dl">'</span><span class="s1">secret</span><span class="dl">'</span> <span class="p">})</span> <span class="c1">// {"email":"[REDACTED]","password":"[REDACTED]",...}</span> </code></pre> </div> <p>You can add custom patterns or masking functions. Useful when you need partial redaction for debugging (e.g. last 4 digits of a card).</p> <h3> Production Reliability (Webhook Transport) </h3> <p>When you send logs to a remote endpoint, networks fail. Timeouts, 5xxs, rate limits. logfx's webhook transport handles that:</p> <ul> <li> <strong>Retry</strong> - Exponential backoff with jitter. Configurable max retries and delay.</li> <li> <strong>Circuit breaker</strong> - Stops sending after N failures, reopens after a timeout.</li> <li> <strong>Dead letter queue</strong> - Failed logs go to an in-memory queue. Optionally persist to disk.</li> <li> <strong>Multi-region failover</strong> - Multiple URLs with round-robin or priority. Optional health checks.</li> </ul> <p>You get this without writing retry logic or circuit breaker code. It's built in.</p> <h3> Framework Middleware </h3> <p>Express, Fastify, and Next.js integrations give you <code>req.log</code> and request IDs:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="nx">express</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">express</span><span class="dl">'</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">expressLogger</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">logfx/middleware</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">app</span> <span class="o">=</span> <span class="nf">express</span><span class="p">()</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nf">expressLogger</span><span class="p">())</span> <span class="nx">app</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">/users</span><span class="dl">'</span><span class="p">,</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">req</span><span class="p">.</span><span class="nx">log</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">Fetching users</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">userId</span><span class="p">:</span> <span class="nx">req</span><span class="p">.</span><span class="nx">query</span><span class="p">.</span><span class="nx">id</span> <span class="p">})</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">({</span> <span class="na">users</span><span class="p">:</span> <span class="p">[]</span> <span class="p">})</span> <span class="p">})</span> </code></pre> </div> <p><strong>Output:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>💡 INFO [http] Incoming request { method: 'GET', path: '/users', requestId: 'abc123' } 💡 INFO [http] Fetching users { userId: '42' } 💡 INFO [http] Request completed { method: 'GET', path: '/users', status: 200, durationMs: 45 } </code></pre> </div> <p>Each request gets a unique ID. Status codes set log level (5xx = error, 4xx = warn). Skip health checks or customize ID extraction. The middleware works with Express, Fastify, and Next.js API routes.</p> <h3> 13 Integrations </h3> <p>Separate packages for each platform. Install only what you need:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install </span>logfx logfx-datadog <span class="c"># or logfx-elasticsearch, logfx-sentry, logfx-cloudwatch, etc.</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">createLogger</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">logfx</span><span class="dl">'</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">datadogTransport</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">logfx-datadog</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">log</span> <span class="o">=</span> <span class="nf">createLogger</span><span class="p">({</span> <span class="na">transports</span><span class="p">:</span> <span class="p">[</span> <span class="nf">datadogTransport</span><span class="p">({</span> <span class="na">apiKey</span><span class="p">:</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">DD_API_KEY</span><span class="p">,</span> <span class="na">service</span><span class="p">:</span> <span class="dl">'</span><span class="s1">my-api</span><span class="dl">'</span><span class="p">,</span> <span class="na">batchSize</span><span class="p">:</span> <span class="mi">100</span><span class="p">,</span> <span class="na">flushInterval</span><span class="p">:</span> <span class="mi">5000</span> <span class="p">})</span> <span class="p">]</span> <span class="p">})</span> </code></pre> </div> <p><strong>Integrations by category:</strong></p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Category</th> <th>Package</th> <th>Use case</th> </tr> </thead> <tbody> <tr> <td>APM / Observability</td> <td>logfx-datadog, logfx-elasticsearch, logfx-sentry, logfx-otel</td> <td>Datadog, Elasticsearch, Sentry, OpenTelemetry</td> </tr> <tr> <td>Cloud</td> <td>logfx-cloudwatch, logfx-google-cloud, logfx-azure</td> <td>AWS, GCP, Azure logs</td> </tr> <tr> <td>Alerts / SIEM</td> <td>logfx-slack, logfx-loki, logfx-papertrail, logfx-splunk</td> <td>Slack alerts, Grafana Loki, Papertrail, Splunk</td> </tr> <tr> <td>Analytics</td> <td>logfx-honeycomb, logfx-logtail</td> <td>Honeycomb, Logtail (Better Stack)</td> </tr> </tbody> </table></div> <p>Each uses the same Transport interface. Add console, file, or webhook in the same array. No monolith. Install only what you need.</p> <h3> File Transport with Rotation </h3> <p>Write to disk with size-based rotation and compression:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">transports</span><span class="p">.</span><span class="nf">file</span><span class="p">({</span> <span class="na">path</span><span class="p">:</span> <span class="dl">'</span><span class="s1">./logs/app.log</span><span class="dl">'</span><span class="p">,</span> <span class="na">rotation</span><span class="p">:</span> <span class="p">{</span> <span class="na">maxSize</span><span class="p">:</span> <span class="dl">'</span><span class="s1">10mb</span><span class="dl">'</span><span class="p">,</span> <span class="na">maxFiles</span><span class="p">:</span> <span class="mi">5</span><span class="p">,</span> <span class="na">compress</span><span class="p">:</span> <span class="kc">true</span> <span class="p">}</span> <span class="p">})</span> </code></pre> </div> <p>Creates <code>app.log.1</code>, <code>app.log.2</code>, etc. Old files are gzipped. Prevents disk from filling up.</p> <h3> Browser Support </h3> <p>Same API in Node and browser. For SPAs, the Beacon transport sends logs reliably even when the user closes the tab:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">transports</span><span class="p">.</span><span class="nf">beacon</span><span class="p">({</span> <span class="na">url</span><span class="p">:</span> <span class="dl">'</span><span class="s1">/api/logs</span><span class="dl">'</span><span class="p">,</span> <span class="na">events</span><span class="p">:</span> <span class="p">{</span> <span class="na">beforeunload</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">visibilitychange</span><span class="p">:</span> <span class="kc">true</span> <span class="p">}</span> <span class="p">})</span> </code></pre> </div> <p>Uses the Beacon API. Falls back to fetch if unavailable. Non-blocking so it doesn't delay page unload. Useful for analytics, error reporting, or session replay when the user navigates away.</p> <h3> Log Sampling </h3> <p>For high traffic, reduce volume while keeping visibility:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">log</span> <span class="o">=</span> <span class="nf">createLogger</span><span class="p">({</span> <span class="na">sampling</span><span class="p">:</span> <span class="p">{</span> <span class="na">debug</span><span class="p">:</span> <span class="mf">0.1</span><span class="p">,</span> <span class="na">info</span><span class="p">:</span> <span class="mf">0.5</span><span class="p">,</span> <span class="na">warn</span><span class="p">:</span> <span class="mf">1.0</span><span class="p">,</span> <span class="na">error</span><span class="p">:</span> <span class="mf">1.0</span> <span class="p">}</span> <span class="p">})</span> </code></pre> </div> <p>Sample 10% of debug, 50% of info. Always log warnings and errors.</p> <h2> When It Helps </h2> <ul> <li> <strong>Node.js APIs</strong> - Express/Fastify/Next.js middleware, structured JSON to Datadog/Elasticsearch, request tracing</li> <li> <strong>SPAs</strong> - Beacon transport for analytics or error reporting on page close</li> <li> <strong>Microservices</strong> - Context and request IDs for correlating logs across services</li> <li> <strong>Sensitive data</strong> - PII redaction before logs hit aggregation</li> <li> <strong>High volume</strong> - Async buffering, sampling, circuit breaker when the log sink is down</li> </ul> <h2> What's in the Box </h2> <ul> <li>Zero dependencies on the core package</li> <li>~3KB gzipped</li> <li>ESM and CJS</li> <li>Full TypeScript support</li> <li>CI: tests, typecheck, build on Node 18, 20, 22, 24</li> <li>Stress tested: 10k logs in under 1s, 1k with redaction in under 500ms</li> </ul> <h2> What It Doesn't Do </h2> <p>It's a logger, not a full observability platform. No distributed tracing (though OpenTelemetry integration injects trace IDs). No metrics. No APM. It logs. That's the scope.</p> <h2> Try It </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install </span>logfx </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">log</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">logfx</span><span class="dl">'</span> <span class="nx">log</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">Hello</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">version</span><span class="p">:</span> <span class="dl">'</span><span class="s1">1.0.0</span><span class="dl">'</span> <span class="p">})</span> <span class="nx">log</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="dl">'</span><span class="s1">Something failed</span><span class="dl">'</span><span class="p">,</span> <span class="k">new</span> <span class="nc">Error</span><span class="p">(</span><span class="dl">'</span><span class="s1">oops</span><span class="dl">'</span><span class="p">))</span> </code></pre> </div> <p><strong>Links:</strong></p> <ul> <li><a href="https://www.npmjs.com/package/logfx" rel="noopener noreferrer">npm</a></li> <li><a href="https://github.com/chintanshah35/logfx" rel="noopener noreferrer">GitHub</a></li> <li><a href="https://github.com/chintanshah35/logfx#readme" rel="noopener noreferrer">Integrations</a></li> </ul> <p>If you're on logfx 0.5.x, v1.0.0 adds integrations, PII redaction improvements, and production hardening. The core API is compatible. Upgrade and add what you need.</p> <h2> Wrapping Up </h2> <p>One logger for dev and prod. No format switching. No config. 13 integrations when you need them. PII redaction and production reliability built in.</p> <p>I also maintain <a href="https://www.npmjs.com/package/handlejson" rel="noopener noreferrer">handlejson</a> (<a href="https://github.com/chintanshah35/handlejson" rel="noopener noreferrer">GitHub</a>) for safe JSON parsing, <a href="https://www.npmjs.com/package/envconfig-kit" rel="noopener noreferrer">envconfig-kit</a> (<a href="https://github.com/chintanshah35/envconfig-kit" rel="noopener noreferrer">GitHub</a>) for env validation, and <a href="https://www.npmjs.com/package/upstatus" rel="noopener noreferrer">upstatus</a> (<a href="https://github.com/chintanshah35/upstatus" rel="noopener noreferrer">GitHub</a>) for uptime monitoring. All focused Node/TS packages.</p> <p>What logging setup are you using? Would love to hear what works (or doesn't) for you.</p> node typescript logging javascript Chintan Shah Fri, 30 Jan 2026 06:11:04 +0000 https://dev.to/chintanshah35/stop-writing-try-catch-blocks-for-jsonparse-handlejson-v100-is-production-ready-1j0i https://dev.to/chintanshah35/stop-writing-try-catch-blocks-for-jsonparse-handlejson-v100-is-production-ready-1j0i <p><code>JSON.parse</code> throws on invalid input. That is by design. The problem is not parsing itself. It is copying the same try/catch block across every API response, config file, cache read, and user input handler in your codebase.</p> <p>This guide covers practical patterns for <strong>safe JSON parsing in Node.js</strong> without try/catch spam: a small DIY wrapper, default-value parsing, security hardening for untrusted input, and when you should still let errors throw.</p> <h2> TL;DR </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Situation</th> <th>Approach</th> </tr> </thead> <tbody> <tr> <td>Quick null fallback</td> <td>DIY <code>safeParse</code> or <code>parse(str)</code> </td> </tr> <tr> <td>Always need an object/array</td> <td><code>parse(str, { default: {} })</code></td> </tr> <tr> <td>Untrusted user/API input</td> <td> <code>maxSize</code>, <code>maxDepth</code>, <code>safeKeys</code> </td> </tr> <tr> <td>Debugging malformed JSON</td> <td> <code>parseWithDetails</code> or <code>tryParse</code> </td> </tr> <tr> <td>Large files (&gt;100MB)</td> <td>Stream parsing</td> </tr> <tr> <td>You need the exact <code>SyntaxError</code> </td> <td>Keep try/catch</td> </tr> </tbody> </table></div> <h2> The problem with JSON.parse </h2> <p>Every Node.js developer has written this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">let</span> <span class="nx">data</span> <span class="k">try</span> <span class="p">{</span> <span class="nx">data</span> <span class="o">=</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">parse</span><span class="p">(</span><span class="nx">str</span><span class="p">)</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">{</span> <span class="nx">data</span> <span class="o">=</span> <span class="kc">null</span> <span class="p">}</span> </code></pre> </div> <p>It works. It is also repetitive. API handlers, Redis cache reads, <code>localStorage</code> wrappers, webhook parsers, and config loaders all end up with the same five lines.</p> <p><code>JSON.parse</code> also returns <code>any</code> unless you add your own typing. Invalid JSON throws. Valid JSON with dangerous keys (<code>__proto__</code>) can still cause prototype pollution if you merge objects blindly.</p> <h2> Pattern 1: Minimal safe parse (DIY) </h2> <p>For a one-off script, a tiny helper is enough:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">function</span> <span class="nf">safeParse</span><span class="o">&lt;</span><span class="nx">T</span> <span class="o">=</span> <span class="nx">unknown</span><span class="o">&gt;</span><span class="p">(</span><span class="nx">input</span><span class="p">:</span> <span class="kr">string</span><span class="p">):</span> <span class="nx">T</span> <span class="o">|</span> <span class="kc">null</span> <span class="p">{</span> <span class="k">try</span> <span class="p">{</span> <span class="k">return</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">parse</span><span class="p">(</span><span class="nx">input</span><span class="p">)</span> <span class="k">as</span> <span class="nx">T</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">{</span> <span class="k">return</span> <span class="kc">null</span> <span class="p">}</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="nx">safeParse</span><span class="o">&lt;</span><span class="p">{</span> <span class="na">name</span><span class="p">:</span> <span class="kr">string</span> <span class="p">}</span><span class="o">&gt;</span><span class="p">(</span><span class="nx">responseText</span><span class="p">)</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">user</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// handle invalid JSON</span> <span class="p">}</span> </code></pre> </div> <p><strong>Pros:</strong> Zero dependencies, obvious behavior<br><br> <strong>Cons:</strong> No size limits, no prototype pollution guard, no error position, copy-paste across files</p> <p>This pattern is fine for internal tools. It gets painful in production codebases with dozens of parse sites.</p> <h2> Pattern 2: Parse with defaults </h2> <p>When invalid JSON should not crash the flow but you still need a concrete fallback:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">parse</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">handlejson</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">config</span> <span class="o">=</span> <span class="nf">parse</span><span class="p">(</span><span class="nx">fileContents</span><span class="p">,</span> <span class="p">{</span> <span class="na">default</span><span class="p">:</span> <span class="p">{}</span> <span class="p">})</span> <span class="c1">// {} if invalid — never throws</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="nf">parse</span><span class="p">(</span><span class="nx">apiBody</span><span class="p">,</span> <span class="p">{</span> <span class="na">default</span><span class="p">:</span> <span class="kc">null</span> <span class="p">})</span> <span class="c1">// null if invalid</span> </code></pre> </div> <p>Same idea as the DIY wrapper, but consistent API across the project and TypeScript inference:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">type</span> <span class="nx">User</span> <span class="o">=</span> <span class="p">{</span> <span class="na">name</span><span class="p">:</span> <span class="kr">string</span><span class="p">;</span> <span class="nl">age</span><span class="p">:</span> <span class="kr">number</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="nx">parse</span><span class="o">&lt;</span><span class="nx">User</span><span class="o">&gt;</span><span class="p">(</span><span class="nx">raw</span><span class="p">)</span> <span class="c1">// User | null</span> </code></pre> </div> <h2> Pattern 3: Untrusted input (security) </h2> <p>Parsing JSON from users, webhooks, or third-party APIs needs more than null fallbacks.</p> <p>Three real attack vectors:</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Option</th> <th>Blocks</th> </tr> </thead> <tbody> <tr> <td><code>maxSize</code></td> <td>Huge payloads that exhaust memory</td> </tr> <tr> <td><code>maxDepth</code></td> <td>Deeply nested JSON that blows the stack</td> </tr> <tr> <td><code>safeKeys</code></td> <td>Prototype pollution via <code>__proto__</code>, <code>constructor</code>, <code>prototype</code> </td> </tr> </tbody> </table></div> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">parse</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">handlejson</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">userData</span> <span class="o">=</span> <span class="nf">parse</span><span class="p">(</span><span class="nx">untrustedInput</span><span class="p">,</span> <span class="p">{</span> <span class="na">maxSize</span><span class="p">:</span> <span class="mi">10</span> <span class="o">*</span> <span class="mi">1024</span> <span class="o">*</span> <span class="mi">1024</span><span class="p">,</span> <span class="na">maxDepth</span><span class="p">:</span> <span class="mi">100</span><span class="p">,</span> <span class="na">safeKeys</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">})</span> </code></pre> </div> <p>Native <code>JSON.parse</code> does none of this. You can build it yourself, but most teams skip it until security review asks why it is missing.</p> <h2> Pattern 4: Know where parsing failed </h2> <p><code>null</code> on error is clean for production paths. Debugging is easier with position and context:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">parseWithDetails</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">handlejson</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="nf">parseWithDetails</span><span class="p">(</span><span class="dl">'</span><span class="s1">{"name":"John", invalid}</span><span class="dl">'</span><span class="p">)</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">result</span><span class="p">.</span><span class="nx">success</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">result</span><span class="p">.</span><span class="nx">position</span><span class="p">)</span> <span class="c1">// 18</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">result</span><span class="p">.</span><span class="nx">context</span><span class="p">)</span> <span class="c1">// surrounding text</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">result</span><span class="p">.</span><span class="nx">error</span><span class="p">)</span> <span class="c1">// detailed message</span> <span class="p">}</span> </code></pre> </div> <p>Tuple style if you prefer Go-like errors:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">tryParse</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">handlejson</span><span class="dl">'</span> <span class="kd">const</span> <span class="p">[</span><span class="nx">data</span><span class="p">,</span> <span class="nx">error</span><span class="p">]</span> <span class="o">=</span> <span class="nf">tryParse</span><span class="p">(</span><span class="nx">raw</span><span class="p">)</span> <span class="k">if </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">error</span><span class="p">.</span><span class="nx">message</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p>Use this in development, admin tools, or import pipelines where someone needs to fix the file.</p> <h2> Pattern 5: Validate shape without Zod </h2> <p>When you need basic type checks but do not want a 300KB schema library:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">parse</span><span class="p">,</span> <span class="nx">tryValidate</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">handlejson</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">schema</span> <span class="o">=</span> <span class="p">{</span> <span class="na">name</span><span class="p">:</span> <span class="dl">'</span><span class="s1">string</span><span class="dl">'</span><span class="p">,</span> <span class="na">age</span><span class="p">:</span> <span class="dl">'</span><span class="s1">?number</span><span class="dl">'</span><span class="p">,</span> <span class="na">email</span><span class="p">:</span> <span class="dl">'</span><span class="s1">?string</span><span class="dl">'</span><span class="p">,</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">data</span> <span class="o">=</span> <span class="nf">parse</span><span class="p">(</span><span class="nx">apiResponse</span><span class="p">,</span> <span class="p">{</span> <span class="nx">schema</span> <span class="p">})</span> <span class="c1">// null if JSON is invalid OR schema fails</span> <span class="kd">const</span> <span class="p">[</span><span class="nx">valid</span><span class="p">,</span> <span class="nx">error</span><span class="p">]</span> <span class="o">=</span> <span class="nf">tryValidate</span><span class="p">(</span><span class="nx">parsed</span><span class="p">,</span> <span class="nx">schema</span><span class="p">)</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">valid</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">error</span><span class="p">.</span><span class="nx">path</span><span class="p">)</span> <span class="c1">// 'age'</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">error</span><span class="p">.</span><span class="nx">expected</span><span class="p">)</span> <span class="c1">// 'number'</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">error</span><span class="p">.</span><span class="nx">actual</span><span class="p">)</span> <span class="c1">// 'string'</span> <span class="p">}</span> </code></pre> </div> <p>Good for API response guards and config files. Not a replacement for Zod when you need complex refinements.</p> <h2> Pattern 6: Large JSON files </h2> <p><code>JSON.parse</code> loads the entire string into memory. For large exports or log dumps, stream in chunks:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">createReadStream</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">fs</span><span class="dl">'</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">parseStream</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">handlejson</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">stream</span> <span class="o">=</span> <span class="nf">createReadStream</span><span class="p">(</span><span class="dl">'</span><span class="s1">./large-export.json</span><span class="dl">'</span><span class="p">)</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">parseStream</span><span class="p">(</span><span class="nx">stream</span><span class="p">,</span> <span class="p">{</span> <span class="na">onProgress</span><span class="p">:</span> <span class="p">(</span><span class="nx">parsed</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">'</span><span class="s1">chunk parsed</span><span class="dl">'</span><span class="p">),</span> <span class="p">})</span> </code></pre> </div> <p>If the file is under ~50MB and memory is not tight, plain <code>parse</code> is simpler.</p> <h2> Real-world examples </h2> <p><strong>Fetch API response:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">response</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">fetch</span><span class="p">(</span><span class="dl">'</span><span class="s1">/api/user</span><span class="dl">'</span><span class="p">)</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="nf">parse</span><span class="p">(</span><span class="k">await</span> <span class="nx">response</span><span class="p">.</span><span class="nf">text</span><span class="p">(),</span> <span class="p">{</span> <span class="na">default</span><span class="p">:</span> <span class="p">{}</span> <span class="p">})</span> </code></pre> </div> <p><strong>Browser localStorage:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">saved</span> <span class="o">=</span> <span class="nf">parse</span><span class="p">(</span><span class="nx">localStorage</span><span class="p">.</span><span class="nf">getItem</span><span class="p">(</span><span class="dl">'</span><span class="s1">prefs</span><span class="dl">'</span><span class="p">),</span> <span class="p">{</span> <span class="na">default</span><span class="p">:</span> <span class="kc">null</span> <span class="p">})</span> </code></pre> </div> <p><strong>Webhook with security limits:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">event</span> <span class="o">=</span> <span class="nf">parse</span><span class="p">(</span><span class="nx">req</span><span class="p">.</span><span class="nx">body</span><span class="p">,</span> <span class="p">{</span> <span class="na">maxSize</span><span class="p">:</span> <span class="mi">1024</span> <span class="o">*</span> <span class="mi">1024</span><span class="p">,</span> <span class="na">maxDepth</span><span class="p">:</span> <span class="mi">50</span><span class="p">,</span> <span class="na">safeKeys</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">default</span><span class="p">:</span> <span class="kc">null</span><span class="p">,</span> <span class="p">})</span> </code></pre> </div> <h2> When try/catch is still the right choice </h2> <p>Do not eliminate throwing everywhere.</p> <ul> <li>You need the native <code>SyntaxError</code> type for a library API</li> <li>Invalid JSON is exceptional and should halt a batch job immediately</li> <li>You are writing a JSON linter or code editor and must surface exact token errors to users</li> <li>A framework expects thrown errors from parsers</li> </ul> <p>For application glue code (APIs, config, cache), null-or-default parsing is usually clearer.</p> <h2> Performance </h2> <p>handlejson adds a thin wrapper over native parse. Rough numbers on small JSON (&lt;1KB):</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Approach</th> <th>Throughput</th> </tr> </thead> <tbody> <tr> <td>Native <code>JSON.parse</code> </td> <td>~6M ops/s</td> </tr> <tr> <td>handlejson <code>parse</code> </td> <td>~5.2M ops/s</td> </tr> <tr> <td>With security options</td> <td>~3.4M ops/s</td> </tr> </tbody> </table></div> <p>For most HTTP APIs and background jobs, that gap is invisible. Profile before optimizing.</p> <h2> Comparison at a glance </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Approach</th> <th>Deps</th> <th>Throws</th> <th>Security opts</th> <th>Error position</th> </tr> </thead> <tbody> <tr> <td>Native <code>JSON.parse</code> </td> <td>0</td> <td>Yes</td> <td>No</td> <td>Vague</td> </tr> <tr> <td>DIY <code>safeParse</code> </td> <td>0</td> <td>No</td> <td>No</td> <td>No</td> </tr> <tr> <td>handlejson</td> <td>0</td> <td>No</td> <td>Yes</td> <td>Yes</td> </tr> <tr> <td>Zod + parse</td> <td>1+</td> <td>On schema fail</td> <td>Via custom code</td> <td>Via Zod</td> </tr> </tbody> </table></div> <h2> FAQ </h2> <h3> How do I parse JSON safely in Node.js without try/catch? </h3> <p>Wrap <code>JSON.parse</code> in a helper that returns <code>null</code> on failure, or use a library like handlejson that does this with <code>parse(str)</code> and optional <code>{ default: value }</code>.</p> <h3> What is prototype pollution in JSON.parse? </h3> <p>If parsed JSON contains keys like <code>__proto__</code> and you merge objects unsafely, attacker-controlled data can pollute <code>Object.prototype</code>. Use <code>safeKeys: true</code> or sanitize keys before merge.</p> <h3> Is JSON.parse slow? </h3> <p>No. It is among the fastest options. Wrappers add small overhead. Security checks add more. The tradeoff is safety and ergonomics, not raw speed.</p> <h3> Should I use Zod or a safe parse wrapper? </h3> <p>Different jobs. Safe parse handles invalid JSON strings. Zod validates shape after parsing. Many teams use both: safe parse first, Zod for complex schemas.</p> <h2> handlejson (zero-dependency option) </h2> <p>If you want the patterns above in one package:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install </span>handlejson </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">parse</span><span class="p">,</span> <span class="nx">stringify</span><span class="p">,</span> <span class="nx">parseWithDetails</span><span class="p">,</span> <span class="nx">tryValidate</span><span class="p">,</span> <span class="nx">parseStream</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">handlejson</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">data</span> <span class="o">=</span> <span class="nf">parse</span><span class="p">(</span><span class="dl">'</span><span class="s1">{"name":"John"}</span><span class="dl">'</span><span class="p">)</span> <span class="kd">const</span> <span class="nx">json</span> <span class="o">=</span> <span class="nf">stringify</span><span class="p">({</span> <span class="na">name</span><span class="p">:</span> <span class="dl">'</span><span class="s1">John</span><span class="dl">'</span> <span class="p">})</span> </code></pre> </div> <ul> <li>Zero dependencies, ~1.5KB gzipped</li> <li>TypeScript-first</li> <li> <a href="https://www.npmjs.com/package/handlejson" rel="noopener noreferrer">npm</a> | <a href="https://github.com/chintanshah35/handlejson" rel="noopener noreferrer">GitHub</a> | <a href="https://github.com/chintanshah35/handlejson#readme" rel="noopener noreferrer">Docs</a> </li> </ul> <h2> Checklist </h2> <ul> <li>[ ] Replace repeated try/catch blocks with one shared parse helper</li> <li>[ ] Add <code>default</code> fallbacks for non-critical paths (cache, optional config)</li> <li>[ ] Enable <code>safeKeys</code> + <code>maxSize</code> for external input</li> <li>[ ] Use <code>parseWithDetails</code> only in debug/admin paths</li> <li>[ ] Keep native <code>JSON.parse</code> where throwing is the correct API contract</li> </ul> <p>If you have a pattern that worked well in a high-traffic API, share it in the comments.</p> <h2> About handlejson (project background) </h2> <p>I built handlejson after one too many projects where every API response, <code>localStorage</code> read, and config file needed the same try/catch around <code>JSON.parse</code>. Existing options were either heavy, missing security features, or pulled in dependencies I did not want.</p> <p><strong>v1.0.0</strong> (January 2026) is production-ready: 244 tests, zero dependencies, ~1.5KB gzipped, CI on Node 18/20/22.</p> <p><strong>Since v0.2.0:</strong></p> <ul> <li> <code>tryValidate()</code> with path, expected, and actual on failure</li> <li>Optional schema fields (<code>'?number'</code>)</li> <li>Array item validation</li> <li>Stream parsing for large files</li> <li>Faster <code>sanitizeKeys</code> (only copies objects when dangerous keys exist)</li> <li>~5.2M ops/s on small JSON (vs ~6M native)</li> </ul> <p>Full launch write-up archived in the repo: <code>seo-content/handlejson/post-1-original-v1-launch-archive.md</code></p> <p>Earlier background: <a href="https://dev.to/chintanshah35/introducing-handlejson-safe-json-parsing-without-the-try-catch-spam-1oh3">introducing handlejson (v0.2.0)</a></p> typescript javascript node json Chintan Shah Mon, 26 Jan 2026 05:24:20 +0000 https://dev.to/chintanshah35/stop-writing-database-configs-from-scratch-envconfig-kit-v020-gi9 https://dev.to/chintanshah35/stop-writing-database-configs-from-scratch-envconfig-kit-v020-gi9 <p><code>process.env</code> values are always strings. <code>PORT</code> is <code>"3000"</code>, not <code>3000</code>. <code>DEBUG=false</code> is the string <code>"false"</code>, which is truthy in JavaScript. A missing <code>DATABASE_URL</code> does not stop your app from starting. It fails three hours later when a user hits the broken code path.</p> <p><strong>Validating environment variables at startup</strong> is the fix. Your app should refuse to boot with bad config, not limp into production and crash at 2am.</p> <p>Here are the five main approaches teams use in 2026, with code you can copy today.</p> <h2> TL;DR </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Approach</th> <th>Best for</th> </tr> </thead> <tbody> <tr> <td>1. Manual checks</td> <td>Scripts, prototypes</td> </tr> <tr> <td>2. dotenv + manual casting</td> <td>Small apps already on dotenv</td> </tr> <tr> <td>3. Zod schema</td> <td>Apps already using Zod everywhere</td> </tr> <tr> <td>4. t3-env</td> <td>T3 / Next.js stacks</td> </tr> <tr> <td>5. envconfig-kit</td> <td>Zero-dep, built-in <code>.env</code>, actionable errors</td> </tr> </tbody> </table></div> <h2> Why validate at startup? </h2> <p>Common production failures:</p> <ul> <li> <code>ALLOWED_ORIGINS</code> unset → CORS crash on first real request</li> <li> <code>STRIPE_SECRET_KEY</code> with trailing whitespace → auth errors for hours</li> <li> <code>ENABLE_CACHING=false</code> as a string → <code>if (config.ENABLE_CACHING)</code> is truthy</li> </ul> <p>Health checks pass. Deploy succeeds. Users hit the bug later.</p> <p><strong>Fail fast:</strong> validate once when the process boots. Crash with a clear message during deploy, not during peak traffic.</p> <p>For the story behind this, see <a href="https://dev.to/chintanshah35/make-your-app-crash-at-startup-not-in-production-45je">Make your app crash at startup, not in production</a>.</p> <h2> Way 1: Manual validation </h2> <p>The baseline. No dependencies. Works everywhere.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">function</span> <span class="nf">loadConfig</span><span class="p">()</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">port</span> <span class="o">=</span> <span class="nc">Number</span><span class="p">(</span><span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">PORT</span> <span class="o">??</span> <span class="dl">'</span><span class="s1">3000</span><span class="dl">'</span><span class="p">)</span> <span class="k">if </span><span class="p">(</span><span class="nb">Number</span><span class="p">.</span><span class="nf">isNaN</span><span class="p">(</span><span class="nx">port</span><span class="p">))</span> <span class="p">{</span> <span class="k">throw</span> <span class="k">new</span> <span class="nc">Error</span><span class="p">(</span><span class="dl">'</span><span class="s1">PORT must be a number</span><span class="dl">'</span><span class="p">)</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">databaseUrl</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">DATABASE_URL</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">databaseUrl</span><span class="p">)</span> <span class="p">{</span> <span class="k">throw</span> <span class="k">new</span> <span class="nc">Error</span><span class="p">(</span><span class="dl">'</span><span class="s1">DATABASE_URL is required</span><span class="dl">'</span><span class="p">)</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">debug</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">DEBUG</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">true</span><span class="dl">'</span> <span class="k">return</span> <span class="p">{</span> <span class="nx">port</span><span class="p">,</span> <span class="nx">databaseUrl</span><span class="p">,</span> <span class="nx">debug</span> <span class="p">}</span> <span class="p">}</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">config</span> <span class="o">=</span> <span class="nf">loadConfig</span><span class="p">()</span> </code></pre> </div> <p><strong>Pros:</strong> Obvious, zero deps, full control<br><br> <strong>Cons:</strong> Grows messy at 15+ variables, no shared types, easy to forget new vars, boolean parsing bugs repeat everywhere</p> <p>Fine for CLIs and throwaway services. Painful in APIs with dozens of env vars.</p> <h2> Way 2: dotenv + manual casting </h2> <p>Add <a href="https://www.npmjs.com/package/dotenv" rel="noopener noreferrer">dotenv</a> to load <code>.env</code> in development:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="dl">'</span><span class="s1">dotenv/config</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">port</span> <span class="o">=</span> <span class="nf">parseInt</span><span class="p">(</span><span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">PORT</span> <span class="o">??</span> <span class="dl">'</span><span class="s1">3000</span><span class="dl">'</span><span class="p">,</span> <span class="mi">10</span><span class="p">)</span> <span class="kd">const</span> <span class="nx">apiKey</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">API_KEY</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">apiKey</span><span class="p">)</span> <span class="k">throw</span> <span class="k">new</span> <span class="nc">Error</span><span class="p">(</span><span class="dl">'</span><span class="s1">Missing API_KEY</span><span class="dl">'</span><span class="p">)</span> <span class="kd">const</span> <span class="nx">enableCache</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">ENABLE_CACHING</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">true</span><span class="dl">'</span> </code></pre> </div> <p><strong>Pros:</strong> Standard <code>.env</code> workflow, tiny dependency<br><br> <strong>Cons:</strong> Still manual validation per variable, no URL/email/port validators, secrets can leak into error logs, TypeScript types are manual</p> <p>Most Node tutorials stop here. Most production incidents start here too.</p> <h2> Way 3: Zod + dotenv </h2> <p>If Zod is already in your stack for API validation, extend it to env:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">z</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">zod</span><span class="dl">'</span> <span class="k">import</span> <span class="dl">'</span><span class="s1">dotenv/config</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">envSchema</span> <span class="o">=</span> <span class="nx">z</span><span class="p">.</span><span class="nf">object</span><span class="p">({</span> <span class="na">PORT</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nx">coerce</span><span class="p">.</span><span class="nf">number</span><span class="p">().</span><span class="k">default</span><span class="p">(</span><span class="mi">3000</span><span class="p">),</span> <span class="na">NODE_ENV</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">enum</span><span class="p">([</span><span class="dl">'</span><span class="s1">development</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">test</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">production</span><span class="dl">'</span><span class="p">]).</span><span class="k">default</span><span class="p">(</span><span class="dl">'</span><span class="s1">development</span><span class="dl">'</span><span class="p">),</span> <span class="na">DATABASE_URL</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">().</span><span class="nf">url</span><span class="p">(),</span> <span class="na">API_KEY</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">().</span><span class="nf">min</span><span class="p">(</span><span class="mi">1</span><span class="p">),</span> <span class="na">DEBUG</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nx">coerce</span><span class="p">.</span><span class="nf">boolean</span><span class="p">().</span><span class="k">default</span><span class="p">(</span><span class="kc">false</span><span class="p">),</span> <span class="p">})</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">config</span> <span class="o">=</span> <span class="nx">envSchema</span><span class="p">.</span><span class="nf">parse</span><span class="p">(</span><span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">)</span> </code></pre> </div> <p><strong>Pros:</strong> Powerful refinements, great TypeScript inference, familiar if you use Zod for requests<br><br> <strong>Cons:</strong> Zod adds bundle weight (~50KB+ minified depending on usage), separate dotenv setup, error messages aimed at developers not ops, no built-in secret masking in errors</p> <p><strong>Also consider:</strong> <a href="https://www.npmjs.com/package/envalid" rel="noopener noreferrer">envalid</a> if you want env-specific validators (<code>port()</code>, <code>url()</code>) without writing Zod coercions yourself:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">cleanEnv</span><span class="p">,</span> <span class="nx">str</span><span class="p">,</span> <span class="nx">port</span><span class="p">,</span> <span class="nx">bool</span><span class="p">,</span> <span class="nx">url</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">envalid</span><span class="dl">'</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">config</span> <span class="o">=</span> <span class="nf">cleanEnv</span><span class="p">(</span><span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">,</span> <span class="p">{</span> <span class="na">PORT</span><span class="p">:</span> <span class="nf">port</span><span class="p">({</span> <span class="na">default</span><span class="p">:</span> <span class="mi">3000</span> <span class="p">}),</span> <span class="na">DATABASE_URL</span><span class="p">:</span> <span class="nf">url</span><span class="p">(),</span> <span class="na">API_KEY</span><span class="p">:</span> <span class="nf">str</span><span class="p">(),</span> <span class="na">DEBUG</span><span class="p">:</span> <span class="nf">bool</span><span class="p">({</span> <span class="na">default</span><span class="p">:</span> <span class="kc">false</span> <span class="p">}),</span> <span class="p">})</span> </code></pre> </div> <h2> Way 4: t3-env </h2> <p>Popular in Next.js / T3 stacks. Splits server and client env with compile-time safety:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">createEnv</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@t3-oss/env-nextjs</span><span class="dl">'</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">z</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">zod</span><span class="dl">'</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">env</span> <span class="o">=</span> <span class="nf">createEnv</span><span class="p">({</span> <span class="na">server</span><span class="p">:</span> <span class="p">{</span> <span class="na">DATABASE_URL</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">().</span><span class="nf">url</span><span class="p">(),</span> <span class="na">API_KEY</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">().</span><span class="nf">min</span><span class="p">(</span><span class="mi">1</span><span class="p">),</span> <span class="p">},</span> <span class="na">client</span><span class="p">:</span> <span class="p">{</span> <span class="na">NEXT_PUBLIC_APP_URL</span><span class="p">:</span> <span class="nx">z</span><span class="p">.</span><span class="nf">string</span><span class="p">().</span><span class="nf">url</span><span class="p">(),</span> <span class="p">},</span> <span class="na">runtimeEnv</span><span class="p">:</span> <span class="p">{</span> <span class="na">DATABASE_URL</span><span class="p">:</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">DATABASE_URL</span><span class="p">,</span> <span class="na">API_KEY</span><span class="p">:</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">API_KEY</span><span class="p">,</span> <span class="na">NEXT_PUBLIC_APP_URL</span><span class="p">:</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">NEXT_PUBLIC_APP_URL</span><span class="p">,</span> <span class="p">},</span> <span class="p">})</span> </code></pre> </div> <p><strong>Pros:</strong> Client/server split prevents leaking secrets to the browser, well documented in T3 community<br><br> <strong>Cons:</strong> Requires Zod or Valibot, framework-oriented, <code>runtimeEnv</code> boilerplate, overkill for a plain Express API</p> <p>Pick this if you are already on the T3 stack. Skip it for a standalone Node service.</p> <h2> Way 5: envconfig-kit </h2> <p>Zero-dependency validation with built-in <code>.env</code> loading and startup errors that tell you how to fix the problem:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">env</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">envconfig-kit</span><span class="dl">'</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">config</span> <span class="o">=</span> <span class="nf">env</span><span class="p">({</span> <span class="na">PORT</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">port</span><span class="dl">'</span><span class="p">,</span> <span class="na">default</span><span class="p">:</span> <span class="mi">3000</span> <span class="p">},</span> <span class="na">NODE_ENV</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">enum</span><span class="dl">'</span><span class="p">,</span> <span class="na">values</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">development</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">staging</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">production</span><span class="dl">'</span><span class="p">]</span> <span class="k">as</span> <span class="kd">const</span><span class="p">,</span> <span class="na">default</span><span class="p">:</span> <span class="dl">'</span><span class="s1">development</span><span class="dl">'</span><span class="p">,</span> <span class="p">},</span> <span class="na">DATABASE_URL</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">url</span><span class="dl">'</span> <span class="p">},</span> <span class="na">API_KEY</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">string</span><span class="dl">'</span><span class="p">,</span> <span class="na">secret</span><span class="p">:</span> <span class="kc">true</span> <span class="p">},</span> <span class="na">DEBUG</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">boolean</span><span class="dl">'</span><span class="p">,</span> <span class="na">default</span><span class="p">:</span> <span class="kc">false</span> <span class="p">},</span> <span class="na">ALLOWED_HOSTS</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">array</span><span class="dl">'</span> <span class="p">},</span> <span class="na">FEATURE_FLAGS</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">json</span><span class="dl">'</span> <span class="p">},</span> <span class="na">ADMIN_EMAIL</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">email</span><span class="dl">'</span><span class="p">,</span> <span class="na">optional</span><span class="p">:</span> <span class="kc">true</span> <span class="p">},</span> <span class="p">})</span> </code></pre> </div> <p>No <code>dotenv</code> import. Loads <code>.env</code>, <code>.env.local</code>, and <code>.env.${NODE_ENV}</code> automatically. Priority: <code>process.env</code> → <code>.env.local</code> → <code>.env.${NODE_ENV}</code> → <code>.env</code>.</p> <p>On failure:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>❌ Environment validation failed: API_KEY: Missing required environment variable ➜ Fix: Add to .env file Example: API_KEY=your-value-here STRIPE_SECRET_KEY: Value contains leading/trailing whitespace ➜ Fix: Remove extra spaces </code></pre> </div> <p><strong>Pros:</strong> ~3KB gzipped, zero dependencies, secret masking (<code>secret: true</code> → <code>****</code> in errors), presets for database/redis/auth, CLI (<code>check</code>, <code>generate</code>, <code>doctor</code>)<br><br> <strong>Cons:</strong> Smaller ecosystem than Zod, not tied to React/Next client env split</p> <p><strong>Real-world API config with presets:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">env</span><span class="p">,</span> <span class="nx">presets</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">envconfig-kit</span><span class="dl">'</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">config</span> <span class="o">=</span> <span class="nf">env</span><span class="p">({</span> <span class="p">...</span><span class="nx">presets</span><span class="p">.</span><span class="nf">server</span><span class="p">(),</span> <span class="p">...</span><span class="nx">presets</span><span class="p">.</span><span class="nf">database</span><span class="p">(),</span> <span class="p">...</span><span class="nx">presets</span><span class="p">.</span><span class="nf">redis</span><span class="p">(),</span> <span class="p">...</span><span class="nx">presets</span><span class="p">.</span><span class="nf">auth</span><span class="p">(),</span> <span class="p">...</span><span class="nx">presets</span><span class="p">.</span><span class="nf">cors</span><span class="p">(),</span> <span class="p">...</span><span class="nx">presets</span><span class="p">.</span><span class="nf">aws</span><span class="p">(),</span> <span class="p">...</span><span class="nx">presets</span><span class="p">.</span><span class="nf">smtp</span><span class="p">(),</span> <span class="na">STRIPE_KEY</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">string</span><span class="dl">'</span><span class="p">,</span> <span class="na">secret</span><span class="p">:</span> <span class="kc">true</span> <span class="p">},</span> <span class="na">FEATURE_MODE</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">enum</span><span class="dl">'</span><span class="p">,</span> <span class="na">values</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">basic</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">premium</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">enterprise</span><span class="dl">'</span><span class="p">]</span> <span class="k">as</span> <span class="kd">const</span><span class="p">,</span> <span class="na">default</span><span class="p">:</span> <span class="dl">'</span><span class="s1">basic</span><span class="dl">'</span><span class="p">,</span> <span class="p">},</span> <span class="na">MAX_CONNECTIONS</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">integer</span><span class="dl">'</span><span class="p">,</span> <span class="na">validate</span><span class="p">:</span> <span class="p">(</span><span class="nx">value</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nx">value</span> <span class="o">&gt;</span> <span class="mi">0</span> <span class="o">&amp;&amp;</span> <span class="nx">value</span> <span class="o">&lt;=</span> <span class="mi">1000</span><span class="p">,</span> <span class="na">default</span><span class="p">:</span> <span class="mi">100</span><span class="p">,</span> <span class="p">},</span> <span class="p">})</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install </span>envconfig-kit </code></pre> </div> <p>Full API (transforms, schema export, all types): <a href="https://github.com/chintanshah35/envconfig-kit#readme" rel="noopener noreferrer">README</a></p> <p><a href="https://www.npmjs.com/package/envconfig-kit" rel="noopener noreferrer">npm</a> | <a href="https://github.com/chintanshah35/envconfig-kit" rel="noopener noreferrer">GitHub</a></p> <h2> Comparison table </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Approach</th> <th>Dependencies</th> <th>Bundle (approx)</th> <th>Built-in <code>.env</code> </th> <th>Secret masking in errors</th> <th>TypeScript inference</th> </tr> </thead> <tbody> <tr> <td>Manual</td> <td>0</td> <td>0</td> <td>No</td> <td>No</td> <td>Manual</td> </tr> <tr> <td>dotenv + manual</td> <td>1</td> <td>~2KB</td> <td>Yes</td> <td>No</td> <td>Manual</td> </tr> <tr> <td>Zod + dotenv</td> <td>2</td> <td>~50KB+</td> <td>Manual</td> <td>No</td> <td>Strong</td> </tr> <tr> <td>envalid</td> <td>1</td> <td>~20KB</td> <td>No</td> <td>No</td> <td>Good</td> </tr> <tr> <td>t3-env</td> <td>2+</td> <td>Medium</td> <td>Manual</td> <td>No</td> <td>Strong</td> </tr> <tr> <td>envconfig-kit</td> <td>0</td> <td>~3KB</td> <td>Yes</td> <td>Yes</td> <td>Strong</td> </tr> </tbody> </table></div> <h2> Which should you pick? </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Situation</th> <th>Pick</th> </tr> </thead> <tbody> <tr> <td>5 env vars, internal tool</td> <td>Manual or dotenv + manual</td> </tr> <tr> <td>Already standardized on Zod</td> <td>Zod schema (or t3-env for Next.js)</td> </tr> <tr> <td>Next.js / T3 App Router</td> <td>t3-env</td> </tr> <tr> <td>Express/Fastify API, want zero deps</td> <td>envconfig-kit</td> </tr> <tr> <td>Need <code>port()</code>, <code>url()</code> helpers without Zod</td> <td>envalid</td> </tr> <tr> <td>Regulated / secret-heavy config</td> <td>Anything with masking; envconfig-kit has it built in</td> </tr> </tbody> </table></div> <p>Honest take: there is no wrong choice among 3–5 if you validate at startup. The wrong choice is skipping validation entirely.</p> <h2> What to validate </h2> <p>Minimum checklist for a typical API:</p> <ul> <li> <strong>URLs:</strong> <code>DATABASE_URL</code>, <code>REDIS_URL</code>, webhook endpoints</li> <li> <strong>Secrets:</strong> API keys, JWT secrets (<code>secret: true</code> or never log config)</li> <li> <strong>Ports and numeric limits:</strong> <code>PORT</code>, pool sizes, timeouts</li> <li> <strong>Enums:</strong> <code>NODE_ENV</code>, feature modes, log levels</li> <li> <strong>Booleans:</strong> parsed explicitly, never <code>if (process.env.FLAG)</code> </li> <li> <strong>Arrays:</strong> <code>CORS_ORIGINS</code>, <code>ALLOWED_HOSTS</code> (comma-separated)</li> </ul> <h2> CLI validation in CI </h2> <p>Validate before deploy, not only at runtime:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npx envconfig-kit check npx envconfig-kit generate <span class="c"># .env.example from schema</span> npx envconfig-kit doctor <span class="c"># health check</span> </code></pre> </div> <p>For Zod-based setups, parse in a small <code>validate-env.ts</code> script in your CI pipeline.</p> <h2> FAQ </h2> <h3> How do I validate environment variables in Node.js? </h3> <p>Define a schema at startup and throw (or <code>process.exit(1)</code>) if validation fails. Use manual checks, Zod, envalid, t3-env, or envconfig-kit depending on your stack.</p> <h3> Should I use dotenv in production? </h3> <p>Usually no. Load secrets from your host (Kubernetes, Railway, AWS). Use <code>.env</code> files locally. envconfig-kit and dotenv both respect <code>process.env</code> taking precedence.</p> <h3> Zod or envconfig-kit for env only? </h3> <p>If Zod is everywhere already, use Zod. If you want env-only validation with zero dependencies and built-in <code>.env</code> loading, envconfig-kit is simpler.</p> <h3> What is fail-fast startup validation? </h3> <p>The process exits immediately when config is invalid, so deploy fails before users are affected. Prefer this over runtime <code>undefined</code> errors.</p> <h2> envconfig-kit v0.2.0 highlights </h2> <p>If you use envconfig-kit (Way 5), v0.2.0 adds:</p> <ul> <li>Framework presets (<code>server</code>, <code>database</code>, <code>redis</code>, <code>auth</code>, <code>aws</code>, <code>smtp</code>, <code>cors</code>)</li> <li>Validators: <code>enum</code>, <code>array</code>, <code>json</code>, <code>regex</code>, <code>integer</code> </li> <li>Secret masking in error output</li> <li>Custom <code>validate()</code> hooks per field</li> <li>Custom preset prefixes (<code>presets.database('DB_')</code>)</li> </ul> <p>Full v0.2.0 launch notes archived in <code>seo-content/envconfig-kit/post-v0.2.0-launch-archive.md</code>.</p> <h2> Checklist </h2> <ul> <li>[ ] Centralize config in one module, not scattered <code>process.env</code> reads</li> <li>[ ] Validate every required var before the server listens</li> <li>[ ] Parse booleans and numbers explicitly</li> <li>[ ] Never log raw secrets on validation failure</li> <li>[ ] Commit <code>.env.example</code>, never <code>.env</code> </li> <li>[ ] Run env check in CI before deploy</li> </ul> <p>What approach does your team use? Curious if anyone still runs manual-only validation in production APIs.</p> node webdev typescript devops Chintan Shah Fri, 23 Jan 2026 18:19:12 +0000 https://dev.to/chintanshah35/dead-simple-cli-uptime-monitor-no-saas-post-support-cicd-ready-open-source-1f8h https://dev.to/chintanshah35/dead-simple-cli-uptime-monitor-no-saas-post-support-cicd-ready-open-source-1f8h <p>You deployed at 11pm. The pipeline is green. Health checks pass. Twenty minutes later a user reports 500s on <code>/api/orders</code>.</p> <p><strong>Monitoring API uptime from the command line</strong> is the fastest way to watch an endpoint during a rollout, debug a flaky dependency, or confirm a fix without opening another browser tab or paying for a dashboard you use twice a year.</p> <p>This guide covers when a <code>curl</code> loop is enough, when you want something better, and how to set up <strong><a href="https://www.npmjs.com/package/upstatus" rel="noopener noreferrer">upstatus</a></strong> for live terminal monitoring with POST support, degraded detection, and CI-friendly output.</p> <h2> TL;DR </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Goal</th> <th>What to use</th> </tr> </thead> <tbody> <tr> <td>One request, exit immediately</td> <td><code>curl -sf https://api.example.com/health</code></td> </tr> <tr> <td>Watch endpoints live during a deploy</td> <td><code>upstatus https://api.example.com</code></td> </tr> <tr> <td>POST health check with a JSON body</td> <td><code>upstatus https://api.example.com/health -m POST -b '{"probe":"full"}'</code></td> </tr> <tr> <td>Flag slow but alive APIs</td> <td><code>upstatus https://api.example.com -d 1000</code></td> </tr> <tr> <td>Logs/CI without terminal clearing</td> <td><code>upstatus https://api.example.com --no-clear</code></td> </tr> <tr> <td>Export stats when you stop (Ctrl+C)</td> <td><code>upstatus https://api.example.com --export json -o report.json</code></td> </tr> <tr> <td>Single smoke test in GitHub Actions</td> <td>Programmatic <code>Monitor.check()</code> (see below)</td> </tr> </tbody> </table></div> <h2> Why monitor from the terminal? </h2> <p>SaaS uptime tools (UptimeRobot, Better Stack, Pingdom) are great for 24/7 alerting. You should use them for production.</p> <p>But they are slow for <strong>right now</strong> problems:</p> <ul> <li>You just deployed and want to watch response times tick up in real time</li> <li>A third-party API is flaky and you need to see failure patterns over 10 minutes</li> <li>You are on a VPN or SSH session without dashboard access</li> <li>You want zero accounts, zero config files, zero monthly bill</li> </ul> <p>A CLI monitor runs locally. No signup. No agent. No webhook setup. Install, paste URLs, watch.</p> <h2> Option 1: curl (the baseline) </h2> <p>For a single check that exits immediately, <code>curl</code> wins:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>curl <span class="nt">-sf</span> <span class="nt">-o</span> /dev/null <span class="nt">-w</span> <span class="s2">"%{http_code} %{time_total}s</span><span class="se">\n</span><span class="s2">"</span> https://api.example.com/health </code></pre> </div> <p><code>-s</code> silences progress. <code>-f</code> fails on HTTP 4xx/5xx. <code>-w</code> prints status and timing.</p> <p>A bash loop for repeated checks:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="k">while </span><span class="nb">true</span><span class="p">;</span> <span class="k">do </span>curl <span class="nt">-sf</span> <span class="nt">-o</span> /dev/null <span class="nt">-w</span> <span class="s2">"</span><span class="si">$(</span><span class="nb">date</span> +%H:%M:%S<span class="si">)</span><span class="s2"> %{http_code} %{time_total}s</span><span class="se">\n</span><span class="s2">"</span> <span class="se">\</span> https://api.example.com/health <span class="o">||</span> <span class="nb">echo</span> <span class="s2">"</span><span class="si">$(</span><span class="nb">date</span> +%H:%M:%S<span class="si">)</span><span class="s2"> FAILED"</span> <span class="nb">sleep </span>30 <span class="k">done</span> </code></pre> </div> <p>This works. It also gets messy fast:</p> <ul> <li>No uptime percentage across checks</li> <li>No "degraded" state when the API is slow but returning 200</li> <li>No POST body support without more flags</li> <li>No structured export when you stop</li> <li>Hard to monitor three URLs in one readable view</li> </ul> <p>When you outgrow the loop, reach for a small CLI tool.</p> <h2> Option 2: upstatus (live multi-URL monitoring) </h2> <p><a href="https://github.com/chintanshah35/upstatus" rel="noopener noreferrer">upstatus</a> is a Node.js CLI for watching HTTP endpoints from your terminal. It tracks response times, calculates uptime percentage, and labels each URL as <strong>up</strong>, <strong>degraded</strong>, or <strong>down</strong>.</p> <h3> Install </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install</span> <span class="nt">-g</span> upstatus </code></pre> </div> <p>No install? Use npx:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npx upstatus https://api.github.com </code></pre> </div> <h3> Monitor one or more URLs </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>upstatus https://api.example.com </code></pre> </div> <p>Multiple endpoints, default 30-second interval:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>upstatus https://api.example.com https://status.example.com https://api.github.com </code></pre> </div> <p>Custom interval (60 seconds):<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>upstatus https://api.example.com <span class="nt">-i</span> 60 </code></pre> </div> <h3> What you see </h3> <p>The terminal refreshes with live stats (powered by <a href="https://github.com/chintanshah35/logfx" rel="noopener noreferrer">logfx</a>):<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight console"><code><span class="go">✅ https://api.example.com ........ 187ms (99.8% uptime) ⚠️ https://slow-api.com ......... 1450ms (98.7% uptime) [degraded] 🔴 https://down.example.com ..... DOWN (last check failed) </span></code></pre> </div> <p>Press <strong>Ctrl+C</strong> to stop. upstatus prints a final summary and can export results (see below).</p> <h2> POST health checks </h2> <p>Many APIs expose <code>GET /health</code> that always returns 200 even when the database is down. Real probes use <strong>POST</strong> with a body.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>upstatus https://api.example.com/health <span class="se">\</span> <span class="nt">-m</span> POST <span class="se">\</span> <span class="nt">-b</span> <span class="s1">'{"check":"deep"}'</span> </code></pre> </div> <p>Supported methods: <code>GET</code>, <code>POST</code>, <code>PUT</code>, <code>PATCH</code>, <code>DELETE</code>.</p> <p>For auth headers or advanced config, use the programmatic API (see CI section).</p> <h2> Degraded vs down </h2> <p><strong>Down</strong> means the request failed, timed out, or returned an unexpected status code.</p> <p><strong>Degraded</strong> means the API responded with the expected status, but slower than your threshold. Default threshold is 2000ms.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Mark as degraded if response exceeds 1000ms</span> upstatus https://api.example.com <span class="nt">-d</span> 1000 </code></pre> </div> <p>This matters during rollouts. A service can be "up" while latency spikes. Catching degraded early is often the difference between a rollback and an outage.</p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th>Status</th> <th>Meaning</th> </tr> </thead> <tbody> <tr> <td><code>up</code></td> <td>Expected status code, under threshold</td> </tr> <tr> <td><code>degraded</code></td> <td>Expected status code, over threshold</td> </tr> <tr> <td><code>down</code></td> <td>Error, timeout, or wrong status code</td> </tr> </tbody> </table></div> <h2> Export results on exit </h2> <p>When you stop monitoring, export stats for an incident report or Slack update:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>upstatus https://api.example.com <span class="nt">--export</span> json <span class="nt">-o</span> uptime-report.json </code></pre> </div> <p>CSV works too:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>upstatus https://api.example.com <span class="nt">--export</span> csv <span class="nt">-o</span> uptime-report.csv </code></pre> </div> <p>Exports run on Ctrl+C. Handy after a 20-minute deploy watch when you need numbers, not screenshots.</p> <h2> JSON mode and <code>--no-clear</code> for logs and CI </h2> <h3> <code>--no-clear</code> </h3> <p>By default, upstatus clears the terminal on each refresh (nice locally, bad in CI logs). Disable it:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>upstatus https://api.example.com <span class="nt">--no-clear</span> </code></pre> </div> <p>Use this in GitHub Actions log output, Docker containers, or any non-TTY environment.</p> <h3> <code>--json</code> </h3> <p>JSON mode prints stats as JSON every 5 check cycles:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>upstatus https://api.example.com <span class="nt">--json</span> <span class="nt">--no-clear</span> </code></pre> </div> <p>Example output shape:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">[</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"url"</span><span class="p">:</span><span class="w"> </span><span class="s2">"https://api.example.com"</span><span class="p">,</span><span class="w"> </span><span class="nl">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"api.example.com"</span><span class="p">,</span><span class="w"> </span><span class="nl">"checks"</span><span class="p">:</span><span class="w"> </span><span class="mi">5</span><span class="p">,</span><span class="w"> </span><span class="nl">"uptime"</span><span class="p">:</span><span class="w"> </span><span class="mi">100</span><span class="p">,</span><span class="w"> </span><span class="nl">"avgResponseTime"</span><span class="p">:</span><span class="w"> </span><span class="mi">214</span><span class="p">,</span><span class="w"> </span><span class="nl">"lastCheck"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"status"</span><span class="p">:</span><span class="w"> </span><span class="s2">"up"</span><span class="p">,</span><span class="w"> </span><span class="nl">"statusCode"</span><span class="p">:</span><span class="w"> </span><span class="mi">200</span><span class="p">,</span><span class="w"> </span><span class="nl">"responseTime"</span><span class="p">:</span><span class="w"> </span><span class="mi">198</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">]</span><span class="w"> </span></code></pre> </div> <p><strong>Note:</strong> The CLI is designed for <strong>continuous monitoring</strong>, not one-shot exits. For deploy smoke tests that must pass or fail in under 5 seconds, use <code>curl</code> or the programmatic API below.</p> <h2> CI/CD: smoke test after deploy </h2> <h3> Quick smoke test (curl) </h3> <p>Still the right default for "did deploy work?":<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>curl <span class="nt">-sf</span> https://api.example.com/health </code></pre> </div> <p>Add to GitHub Actions:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Smoke test API</span> <span class="na">run</span><span class="pi">:</span> <span class="s">curl -sf https://api.example.com/health</span> </code></pre> </div> <h3> Smoke test with POST + retries (upstatus API) </h3> <p>When you need POST bodies, custom expected status codes, or retry logic, use <code>Monitor.check()</code> from the library. One request, explicit exit code.</p> <p>Create <code>scripts/smoke-check.mjs</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">Monitor</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">upstatus</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">url</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">API_URL</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">url</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="dl">'</span><span class="s1">Set API_URL environment variable</span><span class="dl">'</span><span class="p">)</span> <span class="nx">process</span><span class="p">.</span><span class="nf">exit</span><span class="p">(</span><span class="mi">1</span><span class="p">)</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">monitor</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">Monitor</span><span class="p">({</span> <span class="nx">url</span><span class="p">,</span> <span class="na">method</span><span class="p">:</span> <span class="dl">'</span><span class="s1">POST</span><span class="dl">'</span><span class="p">,</span> <span class="na">body</span><span class="p">:</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">({</span> <span class="na">check</span><span class="p">:</span> <span class="dl">'</span><span class="s1">deep</span><span class="dl">'</span> <span class="p">}),</span> <span class="na">expectedStatus</span><span class="p">:</span> <span class="p">[</span><span class="mi">200</span><span class="p">,</span> <span class="mi">201</span><span class="p">],</span> <span class="na">maxRetries</span><span class="p">:</span> <span class="mi">2</span><span class="p">,</span> <span class="na">timeout</span><span class="p">:</span> <span class="mi">10000</span><span class="p">,</span> <span class="p">})</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">monitor</span><span class="p">.</span><span class="nf">check</span><span class="p">()</span> <span class="k">if </span><span class="p">(</span><span class="nx">result</span><span class="p">.</span><span class="nx">status</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">down</span><span class="dl">'</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="s2">`Smoke check failed: </span><span class="p">${</span><span class="nx">result</span><span class="p">.</span><span class="nx">error</span> <span class="o">??</span> <span class="nx">result</span><span class="p">.</span><span class="nx">statusCode</span><span class="p">}</span><span class="s2">`</span><span class="p">)</span> <span class="nx">process</span><span class="p">.</span><span class="nf">exit</span><span class="p">(</span><span class="mi">1</span><span class="p">)</span> <span class="p">}</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="s2">`Smoke check </span><span class="p">${</span><span class="nx">result</span><span class="p">.</span><span class="nx">status</span><span class="p">}</span><span class="s2">: </span><span class="p">${</span><span class="nx">result</span><span class="p">.</span><span class="nx">responseTime</span><span class="p">}</span><span class="s2">ms`</span><span class="p">)</span> </code></pre> </div> <p>GitHub Actions workflow:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">name</span><span class="pi">:</span> <span class="s">Post-deploy smoke test</span> <span class="na">on</span><span class="pi">:</span> <span class="na">workflow_dispatch</span><span class="pi">:</span> <span class="na">push</span><span class="pi">:</span> <span class="na">branches</span><span class="pi">:</span> <span class="pi">[</span><span class="nv">main</span><span class="pi">]</span> <span class="na">jobs</span><span class="pi">:</span> <span class="na">smoke</span><span class="pi">:</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v4</span> <span class="pi">-</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/setup-node@v4</span> <span class="na">with</span><span class="pi">:</span> <span class="na">node-version</span><span class="pi">:</span> <span class="m">22</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Install upstatus</span> <span class="na">run</span><span class="pi">:</span> <span class="s">npm install upstatus</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Smoke check production API</span> <span class="na">run</span><span class="pi">:</span> <span class="s">node scripts/smoke-check.mjs</span> <span class="na">env</span><span class="pi">:</span> <span class="na">API_URL</span><span class="pi">:</span> <span class="s">${{ secrets.PROD_API_URL }}</span> </code></pre> </div> <p>For headers (Bearer tokens, API keys), pass <code>headers</code> in the <code>Monitor</code> config:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">monitor</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">Monitor</span><span class="p">({</span> <span class="na">url</span><span class="p">:</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">API_URL</span><span class="p">,</span> <span class="na">headers</span><span class="p">:</span> <span class="p">{</span> <span class="na">Authorization</span><span class="p">:</span> <span class="s2">`Bearer </span><span class="p">${</span><span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">API_TOKEN</span><span class="p">}</span><span class="s2">`</span> <span class="p">},</span> <span class="na">maxRetries</span><span class="p">:</span> <span class="mi">2</span><span class="p">,</span> <span class="p">})</span> </code></pre> </div> <p>Store tokens in GitHub Actions secrets, not in the workflow file.</p> <h3> Watch during a long deploy (optional) </h3> <p>For a manual or scheduled job that watches an endpoint for several minutes:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Watch API for 3 minutes after deploy</span> <span class="na">run</span><span class="pi">:</span> <span class="s">timeout 180 npx upstatus ${{ secrets.PROD_API_URL }} --no-clear --json || </span><span class="kc">true</span> </code></pre> </div> <p><code>timeout</code> sends SIGTERM; upstatus exports on shutdown if <code>--export</code> is set. This is optional. Most teams use SaaS alerting for 24/7 coverage and CLI tools during incidents.</p> <h2> curl vs upstatus vs SaaS (comparison) </h2> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th></th> <th>curl loop</th> <th>upstatus CLI</th> <th>UptimeRobot / Better Stack</th> </tr> </thead> <tbody> <tr> <td>Setup time</td> <td>0 min</td> <td>30 sec</td> <td>10-15 min</td> </tr> <tr> <td>Cost</td> <td>Free</td> <td>Free</td> <td>Free tier, then paid</td> </tr> <tr> <td>Multi-URL dashboard in terminal</td> <td>Manual</td> <td>Built-in</td> <td>Web UI</td> </tr> <tr> <td>Uptime % over session</td> <td>DIY</td> <td>Built-in</td> <td>Built-in</td> </tr> <tr> <td>Degraded (slow) detection</td> <td>DIY</td> <td> <code>-d</code> flag</td> <td>Varies by plan</td> </tr> <tr> <td>POST health checks</td> <td>Verbose flags</td> <td><code>-m POST -b</code></td> <td>Supported</td> </tr> <tr> <td>24/7 alerting + history</td> <td>No</td> <td>No</td> <td>Yes</td> </tr> <tr> <td>Best for</td> <td>One-off checks</td> <td>Deploy watch, debugging</td> <td>Production monitoring</td> </tr> </tbody> </table></div> <p><strong>Practical split:</strong> SaaS for always-on alerts. Terminal CLI for deploy night and incident debugging. <code>curl</code> for the fastest single-request smoke test.</p> <h2> Programmatic usage in Node.js </h2> <p>Embed monitoring in scripts, cron jobs, or custom tooling:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">MonitorManager</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">upstatus</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">manager</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">MonitorManager</span><span class="p">()</span> <span class="nx">manager</span><span class="p">.</span><span class="nf">add</span><span class="p">({</span> <span class="na">url</span><span class="p">:</span> <span class="dl">'</span><span class="s1">https://api.example.com</span><span class="dl">'</span><span class="p">,</span> <span class="na">interval</span><span class="p">:</span> <span class="mi">30</span><span class="p">,</span> <span class="na">method</span><span class="p">:</span> <span class="dl">'</span><span class="s1">POST</span><span class="dl">'</span><span class="p">,</span> <span class="na">body</span><span class="p">:</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">stringify</span><span class="p">({</span> <span class="na">check</span><span class="p">:</span> <span class="dl">'</span><span class="s1">deep</span><span class="dl">'</span> <span class="p">}),</span> <span class="na">headers</span><span class="p">:</span> <span class="p">{</span> <span class="na">Authorization</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Bearer token</span><span class="dl">'</span> <span class="p">},</span> <span class="na">degradedThreshold</span><span class="p">:</span> <span class="mi">1500</span><span class="p">,</span> <span class="na">expectedStatus</span><span class="p">:</span> <span class="p">[</span><span class="mi">200</span><span class="p">,</span> <span class="mi">201</span><span class="p">],</span> <span class="na">timeout</span><span class="p">:</span> <span class="mi">10000</span><span class="p">,</span> <span class="na">maxRetries</span><span class="p">:</span> <span class="mi">2</span><span class="p">,</span> <span class="p">})</span> <span class="nx">manager</span><span class="p">.</span><span class="nf">startAll</span><span class="p">()</span> <span class="kd">const</span> <span class="nx">stats</span> <span class="o">=</span> <span class="nx">manager</span><span class="p">.</span><span class="nf">getMonitor</span><span class="p">(</span><span class="dl">'</span><span class="s1">api.example.com</span><span class="dl">'</span><span class="p">)?.</span><span class="nf">getStats</span><span class="p">()</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="nx">stats</span><span class="p">)</span> <span class="nx">manager</span><span class="p">.</span><span class="nf">stopAll</span><span class="p">()</span> </code></pre> </div> <p>Export utilities for reports:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">exportToJson</span><span class="p">,</span> <span class="nx">exportToCsv</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">upstatus</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">stats</span> <span class="o">=</span> <span class="p">[...</span><span class="nx">manager</span><span class="p">.</span><span class="nx">monitors</span><span class="p">.</span><span class="nf">values</span><span class="p">()].</span><span class="nf">map</span><span class="p">((</span><span class="nx">monitor</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nx">monitor</span><span class="p">.</span><span class="nf">getStats</span><span class="p">())</span> <span class="kd">const</span> <span class="nx">json</span> <span class="o">=</span> <span class="nf">exportToJson</span><span class="p">(</span><span class="nx">stats</span><span class="p">)</span> </code></pre> </div> <p>Full config options: <a href="https://github.com/chintanshah35/upstatus#monitor-configuration" rel="noopener noreferrer">upstatus README</a>.</p> <h2> FAQ </h2> <h3> How is this different from Uptime Kuma? </h3> <p><a href="https://github.com/louislam/uptime-kuma" rel="noopener noreferrer">Uptime Kuma</a> is a self-hosted <strong>dashboard</strong> with alerting, status pages, and history. upstatus is a <strong>terminal CLI</strong> with no UI to maintain. Use Kuma for team-wide 24/7 monitoring. Use upstatus when you want to watch endpoints from a shell session in 30 seconds.</p> <h3> Can upstatus replace UptimeRobot? </h3> <p>No. upstatus does not send email/SMS alerts or store months of history. It fills the gap when you need local, immediate visibility without creating another account.</p> <h3> Does it work on Windows? </h3> <p>Yes. Node.js 18+ on Windows, macOS, and Linux. Global install: <code>npm install -g upstatus</code>.</p> <h3> What Node version do I need? </h3> <p>Node 18 or later (uses native <code>fetch</code>).</p> <h3> How do I monitor an endpoint that requires authentication? </h3> <p>Use the programmatic API with <code>headers: { Authorization: 'Bearer ...' }</code>. Do not pass secrets on the CLI in shared screen recordings or shell history. Use environment variables in scripts.</p> <h3> Why does <code>--json</code> not exit after one check? </h3> <p>The CLI runs until you stop it. That is intentional for live monitoring. For CI smoke tests, call <code>Monitor.check()</code> once and <code>process.exit(1)</code> on failure.</p> <h3> What is the default check interval? </h3> <p>30 seconds. Override with <code>-i 60</code> for 60 seconds.</p> <h2> Try it </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npx upstatus https://api.github.com </code></pre> </div> <ul> <li>GitHub: <a href="https://github.com/chintanshah35/upstatus" rel="noopener noreferrer">github.com/chintanshah35/upstatus</a> </li> <li>npm: <a href="https://www.npmjs.com/package/upstatus" rel="noopener noreferrer">npmjs.com/package/upstatus</a> </li> </ul> <p>If you maintain a side project API and only need to know "is it up right now?", a terminal monitor beats opening three browser tabs.</p> <h2> About upstatus </h2> <p><strong>upstatus</strong> is an open-source CLI uptime monitor (~15KB gzipped). POST/PUT/PATCH support, degraded thresholds, retry with exponential backoff, JSON/CSV export, and a programmatic API for Node.js and TypeScript.</p> <p>MIT licensed. Built with TypeScript and <a href="https://github.com/chintanshah35/logfx" rel="noopener noreferrer">logfx</a> for terminal output.</p> <p>Full feature list and CLI reference: <a href="https://github.com/chintanshah35/upstatus" rel="noopener noreferrer">upstatus README</a>.</p> node monitoring cli devops Chintan Shah Tue, 20 Jan 2026 02:52:46 +0000 https://dev.to/chintanshah35/logfx-v050-from-dev-tool-to-production-logger-55nl https://dev.to/chintanshah35/logfx-v050-from-dev-tool-to-production-logger-55nl <p>Last month, I shared <a href="https://dev.to/chintanshah35/your-consolelog-deserves-better-4ack">logfx</a>. Since then, I've been using it in my projects and kept adding features I needed. v0.5.0 is the result - 15+ new features that make it production-ready.</p> <h2> Express Middleware </h2> <p>This was the most requested feature. Automatic request logging with timing and request IDs:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="nx">express</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">express</span><span class="dl">'</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">expressLogger</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">logfx</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">app</span> <span class="o">=</span> <span class="nf">express</span><span class="p">()</span> <span class="nx">app</span><span class="p">.</span><span class="nf">use</span><span class="p">(</span><span class="nf">expressLogger</span><span class="p">())</span> <span class="nx">app</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">/users</span><span class="dl">'</span><span class="p">,</span> <span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">req</span><span class="p">.</span><span class="nx">log</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">Fetching users</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">userId</span><span class="p">:</span> <span class="nx">req</span><span class="p">.</span><span class="nx">query</span><span class="p">.</span><span class="nx">id</span> <span class="p">})</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">({</span> <span class="na">users</span><span class="p">:</span> <span class="p">[]</span> <span class="p">})</span> <span class="p">})</span> </code></pre> </div> <p><strong>Output:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>💡 INFO [http] Incoming request { method: 'GET', path: '/users', requestId: 'abc123' } 💡 INFO [http] Fetching users { userId: '42' } 💡 INFO [http] Request completed { method: 'GET', path: '/users', status: 200, durationMs: 45 } </code></pre> </div> <p>You get <code>req.log</code> scoped to each request, automatic timing, and request IDs for tracing. Status codes automatically set the log level (5xx = error, 4xx = warn).</p> <p>Options:</p> <ul> <li>Skip routes (health checks)</li> <li>Custom request ID extraction</li> <li>Configurable headers</li> </ul> <h2> Fastify and Next.js Too </h2> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// Fastify</span> <span class="k">import</span> <span class="nx">Fastify</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">fastify</span><span class="dl">'</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">fastifyLogger</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">logfx</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">app</span> <span class="o">=</span> <span class="nc">Fastify</span><span class="p">()</span> <span class="nx">app</span><span class="p">.</span><span class="nf">register</span><span class="p">(</span><span class="nf">fastifyLogger</span><span class="p">())</span> <span class="nx">app</span><span class="p">.</span><span class="nf">get</span><span class="p">(</span><span class="dl">'</span><span class="s1">/api/data</span><span class="dl">'</span><span class="p">,</span> <span class="k">async </span><span class="p">(</span><span class="nx">request</span><span class="p">,</span> <span class="nx">reply</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">request</span><span class="p">.</span><span class="nx">log</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">Processing</span><span class="dl">'</span><span class="p">)</span> <span class="k">return</span> <span class="p">{</span> <span class="na">ok</span><span class="p">:</span> <span class="kc">true</span> <span class="p">}</span> <span class="p">})</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// Next.js</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">withLogging</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">logfx</span><span class="dl">'</span> <span class="k">export</span> <span class="k">default</span> <span class="nf">withLogging</span><span class="p">(</span><span class="k">async </span><span class="p">(</span><span class="nx">req</span><span class="p">,</span> <span class="nx">res</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">req</span><span class="p">.</span><span class="nx">log</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">API called</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">path</span><span class="p">:</span> <span class="nx">req</span><span class="p">.</span><span class="nx">url</span> <span class="p">})</span> <span class="nx">res</span><span class="p">.</span><span class="nf">json</span><span class="p">({</span> <span class="na">ok</span><span class="p">:</span> <span class="kc">true</span> <span class="p">})</span> <span class="p">})</span> </code></pre> </div> <h2> Color Themes </h2> <p>Added dracula and monokai themes because the default colors weren't great on every terminal:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">createLogger</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">logfx</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">log</span> <span class="o">=</span> <span class="nf">createLogger</span><span class="p">({</span> <span class="na">theme</span><span class="p">:</span> <span class="dl">'</span><span class="s1">dracula</span><span class="dl">'</span> <span class="p">})</span> <span class="c1">// or 'monokai', 'default'</span> <span class="nx">log</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">Themed output</span><span class="dl">'</span><span class="p">)</span> <span class="nx">log</span><span class="p">.</span><span class="nf">success</span><span class="p">(</span><span class="dl">'</span><span class="s1">Looks great</span><span class="dl">'</span><span class="p">)</span> <span class="nx">log</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="dl">'</span><span class="s1">Easy to spot</span><span class="dl">'</span><span class="p">)</span> </code></pre> </div> <p>Makes logs easier to scan when you're debugging at 2am.</p> <h2> File Rotation </h2> <p>Logs now rotate automatically when they hit a size limit:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">createLogger</span><span class="p">,</span> <span class="nx">transports</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">logfx</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">log</span> <span class="o">=</span> <span class="nf">createLogger</span><span class="p">({</span> <span class="na">transports</span><span class="p">:</span> <span class="p">[</span> <span class="nx">transports</span><span class="p">.</span><span class="nf">file</span><span class="p">({</span> <span class="na">path</span><span class="p">:</span> <span class="dl">'</span><span class="s1">./logs/app.log</span><span class="dl">'</span><span class="p">,</span> <span class="na">rotation</span><span class="p">:</span> <span class="p">{</span> <span class="na">maxSize</span><span class="p">:</span> <span class="dl">'</span><span class="s1">10mb</span><span class="dl">'</span><span class="p">,</span> <span class="na">maxFiles</span><span class="p">:</span> <span class="mi">5</span><span class="p">,</span> <span class="na">compress</span><span class="p">:</span> <span class="kc">true</span> <span class="c1">// gzip old files</span> <span class="p">}</span> <span class="p">})</span> <span class="p">]</span> <span class="p">})</span> </code></pre> </div> <p>Creates <code>app.log.1</code>, <code>app.log.2</code>, etc. Old files get gzipped. No more disk space issues.</p> <h2> Issue Detection </h2> <p>This catches mistakes I kept making:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">log</span> <span class="o">=</span> <span class="nf">createLogger</span><span class="p">({</span> <span class="na">detectIssues</span><span class="p">:</span> <span class="kc">true</span> <span class="p">})</span> <span class="nx">log</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">User data</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">data</span><span class="p">:</span> <span class="kc">undefined</span> <span class="p">})</span> <span class="c1">// ⚠️ Warning: undefined value in log data</span> <span class="nx">log</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">Auth</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">password</span><span class="p">:</span> <span class="dl">'</span><span class="s1">secret123</span><span class="dl">'</span> <span class="p">})</span> <span class="c1">// ⚠️ Warning: potential password in log data</span> </code></pre> </div> <p>Only runs in development. Saved me from logging passwords to production a few times already.</p> <h2> Format Auto-Detection </h2> <p>Pretty output in dev, JSON in production. No config needed:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// Development (NODE_ENV=development)</span> <span class="nx">log</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">Server started</span><span class="dl">'</span><span class="p">)</span> <span class="c1">// 💡 INFO Server started (pretty, colored)</span> <span class="c1">// Production (NODE_ENV=production)</span> <span class="nx">log</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">Server started</span><span class="dl">'</span><span class="p">)</span> <span class="c1">// {"timestamp":"2026-01-19T...","level":"info","message":"Server started"}</span> </code></pre> </div> <h2> Request ID Tracking </h2> <p>Built-in for tracing requests across your logs:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">log</span> <span class="o">=</span> <span class="nf">createLogger</span><span class="p">({</span> <span class="na">requestId</span><span class="p">:</span> <span class="dl">'</span><span class="s1">req-123</span><span class="dl">'</span> <span class="p">})</span> <span class="nx">log</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">Processing payment</span><span class="dl">'</span><span class="p">)</span> <span class="c1">// Includes requestId in output for correlation</span> </code></pre> </div> <p>Great for debugging issues across microservices.</p> <h2> Better Error Serialization </h2> <p>Stack traces are readable in dev, structured in prod:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">try</span> <span class="p">{</span> <span class="k">await</span> <span class="nf">connectDatabase</span><span class="p">()</span> <span class="p">}</span> <span class="k">catch </span><span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="nx">log</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="dl">'</span><span class="s1">Connection failed</span><span class="dl">'</span><span class="p">,</span> <span class="nx">error</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p><strong>Development output:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>🔴 ERROR Connection failed Error: Timeout at Database.connect (/app/db.js:45:11) at Server.start (/app/server.js:12:5) </code></pre> </div> <p><strong>Production output:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"timestamp"</span><span class="p">:</span><span class="w"> </span><span class="s2">"2026-01-19T13:45:00.000Z"</span><span class="p">,</span><span class="w"> </span><span class="nl">"level"</span><span class="p">:</span><span class="w"> </span><span class="s2">"error"</span><span class="p">,</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Connection failed"</span><span class="p">,</span><span class="w"> </span><span class="nl">"error"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"message"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Timeout"</span><span class="p">,</span><span class="w"> </span><span class="nl">"stack"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Error: Timeout</span><span class="se">\n</span><span class="s2"> at Database.connect..."</span><span class="p">,</span><span class="w"> </span><span class="nl">"code"</span><span class="p">:</span><span class="w"> </span><span class="s2">"ETIMEDOUT"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h2> Service Context </h2> <p>Automatically reads service metadata from environment:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// Reads SERVICE_NAME, SERVICE_VERSION, NODE_ENV</span> <span class="kd">const</span> <span class="nx">log</span> <span class="o">=</span> <span class="nf">createLogger</span><span class="p">()</span> <span class="nx">log</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">Started</span><span class="dl">'</span><span class="p">)</span> <span class="c1">// Output includes:</span> <span class="c1">// {"service":"my-api","version":"1.0.0","environment":"production",...}</span> </code></pre> </div> <h2> Structured JSON Output </h2> <p>Production-ready JSON format for log aggregation tools:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">log</span> <span class="o">=</span> <span class="nf">createLogger</span><span class="p">({</span> <span class="na">format</span><span class="p">:</span> <span class="dl">'</span><span class="s1">json</span><span class="dl">'</span> <span class="p">})</span> <span class="nx">log</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">User login</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">userId</span><span class="p">:</span> <span class="mi">123</span> <span class="p">})</span> <span class="c1">// {"timestamp":"2026-01-19T...","level":"info","message":"User login","data":{"userId":123}}</span> </code></pre> </div> <p>Works with Datadog, Splunk, ELK stack, and other log aggregation tools.</p> <h2> Field Redaction </h2> <p>Hide sensitive data automatically:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">log</span> <span class="o">=</span> <span class="nf">createLogger</span><span class="p">({</span> <span class="na">redact</span><span class="p">:</span> <span class="p">{</span> <span class="na">fields</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">password</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">token</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">apiKey</span><span class="dl">'</span><span class="p">],</span> <span class="na">replacement</span><span class="p">:</span> <span class="dl">'</span><span class="s1">***REDACTED***</span><span class="dl">'</span> <span class="p">}</span> <span class="p">})</span> <span class="nx">log</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">User login</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">username</span><span class="p">:</span> <span class="dl">'</span><span class="s1">john</span><span class="dl">'</span><span class="p">,</span> <span class="na">password</span><span class="p">:</span> <span class="dl">'</span><span class="s1">secret123</span><span class="dl">'</span> <span class="p">})</span> <span class="c1">// Output: { username: 'john', password: '***REDACTED***' }</span> </code></pre> </div> <h2> Log Sampling </h2> <p>Reduce log volume in high-traffic scenarios:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">log</span> <span class="o">=</span> <span class="nf">createLogger</span><span class="p">({</span> <span class="na">sampling</span><span class="p">:</span> <span class="p">{</span> <span class="na">debug</span><span class="p">:</span> <span class="mf">0.1</span><span class="p">,</span> <span class="c1">// 10% of debug logs</span> <span class="na">info</span><span class="p">:</span> <span class="mf">0.5</span><span class="p">,</span> <span class="c1">// 50% of info logs</span> <span class="na">error</span><span class="p">:</span> <span class="mf">1.0</span> <span class="c1">// 100% of errors (always log)</span> <span class="p">}</span> <span class="p">})</span> </code></pre> </div> <p>Useful when you're getting millions of requests.</p> <h2> Async Logging </h2> <p>Buffer and batch logs for better performance:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">log</span> <span class="o">=</span> <span class="nf">createLogger</span><span class="p">({</span> <span class="na">async</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">buffer</span><span class="p">:</span> <span class="p">{</span> <span class="na">size</span><span class="p">:</span> <span class="mi">100</span><span class="p">,</span> <span class="c1">// flush after 100 logs</span> <span class="na">flushInterval</span><span class="p">:</span> <span class="mi">1000</span> <span class="c1">// or every 1 second</span> <span class="p">}</span> <span class="p">})</span> </code></pre> </div> <p>Prevents logging from blocking your event loop.</p> <h2> Multiple Transports </h2> <p>Send logs to different destinations simultaneously:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">createLogger</span><span class="p">,</span> <span class="nx">transports</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">logfx</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">log</span> <span class="o">=</span> <span class="nf">createLogger</span><span class="p">({</span> <span class="na">transports</span><span class="p">:</span> <span class="p">[</span> <span class="nx">transports</span><span class="p">.</span><span class="nf">console</span><span class="p">({</span> <span class="na">format</span><span class="p">:</span> <span class="dl">'</span><span class="s1">pretty</span><span class="dl">'</span> <span class="p">}),</span> <span class="nx">transports</span><span class="p">.</span><span class="nf">file</span><span class="p">({</span> <span class="na">path</span><span class="p">:</span> <span class="dl">'</span><span class="s1">./logs/app.log</span><span class="dl">'</span><span class="p">,</span> <span class="na">format</span><span class="p">:</span> <span class="dl">'</span><span class="s1">json</span><span class="dl">'</span> <span class="p">}),</span> <span class="nx">transports</span><span class="p">.</span><span class="nf">webhook</span><span class="p">({</span> <span class="na">url</span><span class="p">:</span> <span class="dl">'</span><span class="s1">https://logs.example.com/ingest</span><span class="dl">'</span><span class="p">,</span> <span class="na">batchSize</span><span class="p">:</span> <span class="mi">10</span> <span class="p">})</span> <span class="p">]</span> <span class="p">})</span> </code></pre> </div> <h2> Webhook Transport </h2> <p>Send logs to remote endpoints:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">transports</span><span class="p">.</span><span class="nf">webhook</span><span class="p">({</span> <span class="na">url</span><span class="p">:</span> <span class="dl">'</span><span class="s1">https://logs.example.com</span><span class="dl">'</span><span class="p">,</span> <span class="na">method</span><span class="p">:</span> <span class="dl">'</span><span class="s1">POST</span><span class="dl">'</span><span class="p">,</span> <span class="na">headers</span><span class="p">:</span> <span class="p">{</span> <span class="dl">'</span><span class="s1">Authorization</span><span class="dl">'</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Bearer token</span><span class="dl">'</span> <span class="p">},</span> <span class="na">batchSize</span><span class="p">:</span> <span class="mi">10</span><span class="p">,</span> <span class="na">flushInterval</span><span class="p">:</span> <span class="mi">5000</span> <span class="p">})</span> </code></pre> </div> <p>Great for custom log aggregation services or alerting systems.</p> <h2> Environment Detection </h2> <p>Automatically adapts to your environment:</p> <ul> <li> <strong>CI/CD</strong>: Auto-disables colors</li> <li> <strong>TTY Detection</strong>: Only shows colors in terminals</li> <li> <strong>NO_COLOR/FORCE_COLOR</strong>: Respects standard env vars</li> <li> <strong>NODE_ENV</strong>: Auto-switches format (pretty in dev, JSON in prod)</li> </ul> <h2> Complete Feature List </h2> <p><strong>Core Logging:</strong></p> <ul> <li>5 log levels (debug, info, success, warn, error)</li> <li>Namespaced loggers</li> <li>Colorful output with emojis</li> <li>Timestamps</li> <li>Context metadata</li> </ul> <p><strong>Production Features:</strong></p> <ul> <li>Format auto-detection (pretty/JSON)</li> <li>Structured JSON output</li> <li>Request ID tracking</li> <li>Service context</li> <li>Error serialization with stack traces</li> <li>Field redaction</li> <li>Log sampling</li> <li>Async buffered logging</li> </ul> <p><strong>Transports:</strong></p> <ul> <li>Console transport</li> <li>File transport with rotation</li> <li>Webhook transport</li> <li>Multiple transports simultaneously</li> </ul> <p><strong>Framework Integration:</strong></p> <ul> <li>Express middleware</li> <li>Fastify plugin</li> <li>Next.js API middleware</li> </ul> <p><strong>Developer Experience:</strong></p> <ul> <li>Color themes (default, dracula, monokai)</li> <li>Issue detection (undefined values, passwords)</li> <li>Environment detection (CI/CD, TTY)</li> <li>TypeScript support</li> <li>Zero dependencies</li> </ul> <h2> Why I Built This </h2> <p>I got tired of choosing between pretty logs in dev and structured logs in prod. Most loggers force you to pick one. logfx does both automatically.</p> <p>Also wanted something that works in browsers and Node without extra config. Zero dependencies means no supply chain issues.</p> <p>The middleware was the big one though. Every project needs request logging and I was copy-pasting the same code everywhere.</p> <h2> What Makes logfx Different </h2> <p><strong>Works everywhere</strong></p> <p>One logger for your entire stack:</p> <ul> <li>Node.js, Bun, Deno</li> <li>Browsers (Chrome, Firefox, Safari)</li> <li>Express, Fastify, Next.js</li> <li>Edge runtimes (coming in v0.6.0)</li> </ul> <p><strong>Zero dependencies</strong></p> <p>No supply chain risk. No version conflicts. No security audits for logging dependencies.</p> <p><strong>Lightweight but feature-complete</strong></p> <ul> <li>~11KB gzipped (46KB uncompressed)</li> <li>Full TypeScript support</li> <li>117 passing tests</li> <li>All the features you need, none you don't</li> </ul> <h2> Installation </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install </span>logfx </code></pre> </div> <h2> Quick Start </h2> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">log</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">logfx</span><span class="dl">'</span> <span class="nx">log</span><span class="p">.</span><span class="nf">debug</span><span class="p">(</span><span class="dl">'</span><span class="s1">Debugging info</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">detailed</span><span class="p">:</span> <span class="kc">true</span> <span class="p">})</span> <span class="nx">log</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">Server started</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">port</span><span class="p">:</span> <span class="mi">3000</span> <span class="p">})</span> <span class="nx">log</span><span class="p">.</span><span class="nf">success</span><span class="p">(</span><span class="dl">'</span><span class="s1">User created</span><span class="dl">'</span><span class="p">)</span> <span class="nx">log</span><span class="p">.</span><span class="nf">warn</span><span class="p">(</span><span class="dl">'</span><span class="s1">Memory usage high</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">usage</span><span class="p">:</span> <span class="dl">'</span><span class="s1">85%</span><span class="dl">'</span> <span class="p">})</span> <span class="nx">log</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="dl">'</span><span class="s1">Connection failed</span><span class="dl">'</span><span class="p">,</span> <span class="k">new</span> <span class="nc">Error</span><span class="p">(</span><span class="dl">'</span><span class="s1">Timeout</span><span class="dl">'</span><span class="p">))</span> </code></pre> </div> <p><strong>Output:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>🔍 DEBUG Debugging info { detailed: true } 💡 INFO Server started { port: 3000 } ✅ SUCCESS User created ⚠️ WARN Memory usage high { usage: '85%' } 🔴 ERROR Connection failed Error: Timeout at ... </code></pre> </div> <h2> Try It </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install </span>logfx@0.5.0 </code></pre> </div> <p><strong>Links:</strong></p> <ul> <li>GitHub: <a href="https://github.com/chintanshah35/logfx" rel="noopener noreferrer">github.com/chintanshah35/logfx</a> </li> <li>npm: <a href="https://www.npmjs.com/package/logfx" rel="noopener noreferrer">npmjs.com/package/logfx</a> </li> <li>Release Notes: <a href="https://github.com/chintanshah35/logfx/releases/tag/v0.5.0" rel="noopener noreferrer">v0.5.0 Release</a> </li> <li>Original Post: <a href="https://dev.to/chintanshah35/your-consolelog-deserves-better-4ack">Your console.log deserves better</a> </li> </ul> express middleware logging typescript Chintan Shah Thu, 15 Jan 2026 06:13:30 +0000 https://dev.to/chintanshah35/make-your-app-crash-at-startup-not-in-production-45je https://dev.to/chintanshah35/make-your-app-crash-at-startup-not-in-production-45je <p>2am. Slack notification. Production app is down.</p> <p>The error? <code>Cannot read property 'split' of undefined</code></p> <p>Turns out <code>ALLOWED_ORIGINS</code> wasn't set in production. The app started fine. Health checks passed. Then the first CORS request came in and crashed the server.</p> <p>Or that time <code>STRIPE_SECRET_KEY</code> had a trailing space from copy-paste. App started. First payment request? Failed. Took 30 minutes to figure out.</p> <p>Or when someone set <code>ENABLE_CACHING=false</code> as a string, but the code checked <code>if (config.ENABLE_CACHING)</code> - string "false" is truthy, so caching stayed on.</p> <p>This stuff happens constantly.</p> <h2> The real problem isn't missing env vars </h2> <p>It's that your app doesn't know they're wrong until it tries to use them.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">port</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">PORT</span> <span class="o">||</span> <span class="mi">3000</span> <span class="kd">const</span> <span class="nx">apiKey</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">API_KEY</span> <span class="kd">const</span> <span class="nx">enableCache</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">ENABLE_CACHING</span> <span class="kd">const</span> <span class="nx">origins</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">ALLOWED_ORIGINS</span><span class="p">?.</span><span class="nf">split</span><span class="p">(</span><span class="dl">'</span><span class="s1">,</span><span class="dl">'</span><span class="p">)</span> <span class="c1">// App starts fine</span> <span class="c1">// apiKey is undefined</span> <span class="c1">// enableCache is the string "false" (truthy!)</span> <span class="c1">// origins will crash when undefined</span> <span class="c1">// Everything looks good... until it's not</span> </code></pre> </div> <p>Your app starts. Health checks pass. Then 5 minutes later, it tries to call the API and crashes because <code>apiKey</code> is undefined.</p> <p>Or your boolean flag is the string <code>"false"</code> but your code checks <code>if (enableCache)</code> - string "false" is truthy, so the logic is backwards.</p> <p>Or someone has a trailing space in <code>STRIPE_KEY=" sk_live_123 "</code> and all payment requests fail with cryptic auth errors.</p> <h2> Fail fast, not later </h2> <p>What if your app refused to start unless everything was valid?<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">env</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">envconfig-kit</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">config</span> <span class="o">=</span> <span class="nf">env</span><span class="p">({</span> <span class="na">PORT</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">number</span><span class="dl">'</span><span class="p">,</span> <span class="na">default</span><span class="p">:</span> <span class="mi">3000</span> <span class="p">},</span> <span class="na">API_KEY</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">string</span><span class="dl">'</span> <span class="p">},</span> <span class="na">DATABASE_URL</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">url</span><span class="dl">'</span> <span class="p">},</span> <span class="p">})</span> </code></pre> </div> <p>Now if <code>API_KEY</code> is missing or <code>DATABASE_URL</code> isn't a valid URL, your app won't start at all.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>❌ Environment validation failed: API_KEY: Missing required environment variable ➜ Fix: Add to .env file Example: API_KEY=your-value-here STRIPE_SECRET_KEY: Value contains leading/trailing whitespace ➜ Fix: Remove extra spaces Current: " sk_live_123 " Expected: "sk_live_123" </code></pre> </div> <p>Crash at startup, not during runtime. Get useful error messages, not <code>undefined is not a function</code>.</p> <h2> What you get </h2> <p><strong>Type safety</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">config</span><span class="p">.</span><span class="nx">PORT</span> <span class="c1">// number</span> <span class="nx">config</span><span class="p">.</span><span class="nx">API_KEY</span> <span class="c1">// string</span> <span class="nx">config</span><span class="p">.</span><span class="nx">DEBUG</span> <span class="c1">// boolean</span> <span class="nx">config</span><span class="p">.</span><span class="nx">REDIS_URL</span> <span class="c1">// string | undefined (if optional)</span> </code></pre> </div> <p>TypeScript knows the exact types. No more <code>process.env.PORT as number</code>.</p> <p><strong>Built-in .env loading</strong></p> <p>No need for <code>dotenv</code>. Automatically loads from <code>.env</code>, <code>.env.local</code>, <code>.env.production</code>, etc.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">config</span> <span class="o">=</span> <span class="nf">env</span><span class="p">({</span> <span class="na">PORT</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">number</span><span class="dl">'</span> <span class="p">}</span> <span class="p">})</span> <span class="c1">// Just works. No extra setup.</span> </code></pre> </div> <p><strong>Transform values</strong></p> <p>Parse arrays, trim whitespace, normalize URLs:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">config</span> <span class="o">=</span> <span class="nf">env</span><span class="p">({</span> <span class="na">ALLOWED_ORIGINS</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">string</span><span class="dl">'</span><span class="p">,</span> <span class="na">transform</span><span class="p">:</span> <span class="p">(</span><span class="nx">value</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nx">value</span><span class="p">.</span><span class="nf">split</span><span class="p">(</span><span class="dl">'</span><span class="s1">,</span><span class="dl">'</span><span class="p">).</span><span class="nf">map</span><span class="p">(</span><span class="nx">s</span> <span class="o">=&gt;</span> <span class="nx">s</span><span class="p">.</span><span class="nf">trim</span><span class="p">())</span> <span class="p">},</span> <span class="na">API_URL</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">url</span><span class="dl">'</span><span class="p">,</span> <span class="na">transform</span><span class="p">:</span> <span class="p">(</span><span class="nx">value</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nx">value</span><span class="p">.</span><span class="nf">replace</span><span class="p">(</span><span class="sr">/</span><span class="se">\/</span><span class="sr">$/</span><span class="p">,</span> <span class="dl">''</span><span class="p">)</span> <span class="c1">// remove trailing slash</span> <span class="p">}</span> <span class="p">})</span> <span class="nx">config</span><span class="p">.</span><span class="nx">ALLOWED_ORIGINS</span> <span class="c1">// ['http://localhost:3000', 'https://app.com']</span> </code></pre> </div> <p><strong>Validation types that matter</strong></p> <ul> <li> <code>string</code>, <code>number</code>, <code>boolean</code> - the basics</li> <li> <code>url</code> - validates protocol, catches <code>localhost</code> and <code>http:/missing-slash</code> </li> <li> <code>email</code> - actual email validation</li> <li> <code>port</code> - number between 0-65535</li> </ul> <h2> Real example </h2> <p>Here's what a typical API config looks like:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">env</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">envconfig-kit</span><span class="dl">'</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">config</span> <span class="o">=</span> <span class="nf">env</span><span class="p">({</span> <span class="c1">// Server</span> <span class="na">PORT</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">port</span><span class="dl">'</span><span class="p">,</span> <span class="na">default</span><span class="p">:</span> <span class="mi">3000</span> <span class="p">},</span> <span class="na">HOST</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">string</span><span class="dl">'</span><span class="p">,</span> <span class="na">default</span><span class="p">:</span> <span class="dl">'</span><span class="s1">0.0.0.0</span><span class="dl">'</span> <span class="p">},</span> <span class="na">NODE_ENV</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">string</span><span class="dl">'</span><span class="p">,</span> <span class="na">default</span><span class="p">:</span> <span class="dl">'</span><span class="s1">development</span><span class="dl">'</span> <span class="p">},</span> <span class="c1">// Database</span> <span class="na">DATABASE_URL</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">url</span><span class="dl">'</span> <span class="p">},</span> <span class="c1">// Redis (optional)</span> <span class="na">REDIS_URL</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">url</span><span class="dl">'</span><span class="p">,</span> <span class="na">optional</span><span class="p">:</span> <span class="kc">true</span> <span class="p">},</span> <span class="c1">// API Keys</span> <span class="na">API_KEY</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">string</span><span class="dl">'</span> <span class="p">},</span> <span class="na">JWT_SECRET</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">string</span><span class="dl">'</span> <span class="p">},</span> <span class="c1">// External services</span> <span class="na">STRIPE_KEY</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">string</span><span class="dl">'</span> <span class="p">},</span> <span class="na">SENDGRID_KEY</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">string</span><span class="dl">'</span> <span class="p">},</span> <span class="c1">// CORS</span> <span class="na">ALLOWED_ORIGINS</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">string</span><span class="dl">'</span><span class="p">,</span> <span class="na">default</span><span class="p">:</span> <span class="dl">'</span><span class="s1">http://localhost:3000</span><span class="dl">'</span><span class="p">,</span> <span class="na">transform</span><span class="p">:</span> <span class="p">(</span><span class="nx">value</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nx">value</span><span class="p">.</span><span class="nf">split</span><span class="p">(</span><span class="dl">'</span><span class="s1">,</span><span class="dl">'</span><span class="p">)</span> <span class="p">},</span> <span class="c1">// Feature flags</span> <span class="na">ENABLE_ANALYTICS</span><span class="p">:</span> <span class="p">{</span> <span class="na">type</span><span class="p">:</span> <span class="dl">'</span><span class="s1">boolean</span><span class="dl">'</span><span class="p">,</span> <span class="na">default</span><span class="p">:</span> <span class="kc">false</span> <span class="p">},</span> <span class="p">})</span> <span class="c1">// Now everything is typed and validated</span> <span class="c1">// App won't start if anything is wrong</span> </code></pre> </div> <h2> CLI tools </h2> <p>Generate <code>.env.example</code> for your team:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npx envconfig-kit generate </code></pre> </div> <p>Validate before deployment:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npx envconfig-kit check </code></pre> </div> <p>Health check:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npx envconfig-kit doctor </code></pre> </div> <h2> Install </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install </span>envconfig-kit </code></pre> </div> <p>Zero dependencies. 3KB minified. Works with CommonJS and ESM.</p> <p>Stop debugging <code>undefined</code> errors at 2am. Make your app fail fast with clear error messages.</p> <p><a href="https://github.com/chintanshah35/envconfig-kit" rel="noopener noreferrer">GitHub</a> | <a href="https://www.npmjs.com/package/envconfig-kit" rel="noopener noreferrer">npm</a></p> typescript node devops webdev Chintan Shah Tue, 06 Jan 2026 06:46:33 +0000 https://dev.to/chintanshah35/introducing-handlejson-safe-json-parsing-without-the-try-catch-spam-1oh3 https://dev.to/chintanshah35/introducing-handlejson-safe-json-parsing-without-the-try-catch-spam-1oh3 <p>I built a tiny library called handlejson because I got tired of writing try-catch blocks for JSON.parse everywhere. Just shipped v0.2.0 today with some features I actually needed in real projects.</p> <h2> The Problem </h2> <p>How many times have you written this?<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">let</span> <span class="nx">data</span> <span class="k">try</span> <span class="p">{</span> <span class="nx">data</span> <span class="o">=</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">parse</span><span class="p">(</span><span class="nx">str</span><span class="p">)</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">{</span> <span class="nx">data</span> <span class="o">=</span> <span class="kc">null</span> <span class="p">}</span> </code></pre> </div> <p>I wrote it hundreds of times. localStorage.getItem? try-catch. API response? try-catch. User input? try-catch. Every single time.</p> <p>It works, but it's verbose. And there are other annoyances too - JSON.stringify throws on circular references, Date objects serialize to empty objects (useless), and there's no easy way to validate structure.</p> <h2> What handlejson Does </h2> <p>It's basically a wrapper around native JSON functions, but with all the annoying edge cases handled:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">parse</span><span class="p">,</span> <span class="nx">stringify</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">handlejson</span><span class="dl">'</span> <span class="c1">// Safe parsing - returns null on error, no try-catch needed</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="nf">parse</span><span class="p">(</span><span class="nx">localStorage</span><span class="p">.</span><span class="nf">getItem</span><span class="p">(</span><span class="dl">'</span><span class="s1">user</span><span class="dl">'</span><span class="p">))</span> <span class="kd">const</span> <span class="nx">config</span> <span class="o">=</span> <span class="nf">parse</span><span class="p">(</span><span class="nx">invalidJson</span><span class="p">,</span> <span class="p">{</span> <span class="na">default</span><span class="p">:</span> <span class="p">{}</span> <span class="p">})</span> <span class="c1">// Handles circular refs automatically</span> <span class="kd">const</span> <span class="nx">obj</span> <span class="o">=</span> <span class="p">{</span> <span class="na">a</span><span class="p">:</span> <span class="mi">1</span> <span class="p">}</span> <span class="nx">obj</span><span class="p">.</span><span class="nb">self</span> <span class="o">=</span> <span class="nx">obj</span> <span class="nf">stringify</span><span class="p">(</span><span class="nx">obj</span><span class="p">)</span> <span class="c1">// '{"a":1,"self":"[Circular]"}'</span> <span class="c1">// BigInt support</span> <span class="nf">stringify</span><span class="p">({</span> <span class="na">value</span><span class="p">:</span> <span class="nc">BigInt</span><span class="p">(</span><span class="mi">123</span><span class="p">)</span> <span class="p">})</span> <span class="c1">// '{"value":"123n"}'</span> </code></pre> </div> <p>That's the basics. Small, simple, just makes JSON parsing less annoying.</p> <h2> New in v0.2.0 </h2> <p>I released v0.1.0 a while back with the core functionality. Today I'm shipping v0.2.0 with three features I kept needing:</p> <h3> Date Handling </h3> <p>This was the most annoying one. Every API response with dates means writing custom revivers to convert ISO strings back to Date objects:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// The old way</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="nf">parse</span><span class="p">(</span><span class="nx">jsonString</span><span class="p">,</span> <span class="p">{</span> <span class="na">reviver</span><span class="p">:</span> <span class="p">(</span><span class="nx">key</span><span class="p">,</span> <span class="nx">value</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">if </span><span class="p">(</span><span class="nx">key</span><span class="p">.</span><span class="nf">endsWith</span><span class="p">(</span><span class="dl">'</span><span class="s1">At</span><span class="dl">'</span><span class="p">)</span> <span class="o">&amp;&amp;</span> <span class="k">typeof</span> <span class="nx">value</span> <span class="o">===</span> <span class="dl">'</span><span class="s1">string</span><span class="dl">'</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">date</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">Date</span><span class="p">(</span><span class="nx">value</span><span class="p">)</span> <span class="k">return</span> <span class="nf">isNaN</span><span class="p">(</span><span class="nx">date</span><span class="p">.</span><span class="nf">getTime</span><span class="p">())</span> <span class="p">?</span> <span class="nx">value</span> <span class="p">:</span> <span class="nx">date</span> <span class="p">}</span> <span class="k">return</span> <span class="nx">value</span> <span class="p">}</span> <span class="p">})</span> </code></pre> </div> <p>Now it's just:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="nf">parse</span><span class="p">(</span><span class="nx">jsonString</span><span class="p">,</span> <span class="p">{</span> <span class="na">dates</span><span class="p">:</span> <span class="kc">true</span> <span class="p">})</span> <span class="c1">// Dates are automatically converted</span> </code></pre> </div> <p>Same for stringifying - Date objects serialize to ISO strings instead of empty objects:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nf">stringify</span><span class="p">({</span> <span class="na">createdAt</span><span class="p">:</span> <span class="k">new</span> <span class="nc">Date</span><span class="p">()</span> <span class="p">},</span> <span class="p">{</span> <span class="na">dates</span><span class="p">:</span> <span class="kc">true</span> <span class="p">})</span> <span class="c1">// → '{"createdAt":"2023-01-01T10:00:00.000Z"}'</span> </code></pre> </div> <p>Saves a lot of boilerplate. I was writing that reviver logic constantly.</p> <h3> Schema Validation </h3> <p>I kept hitting bugs where API responses had wrong types. A number field coming through as a string, that sort of thing. Instead of writing custom validation each time, you can pass a schema:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">schema</span> <span class="o">=</span> <span class="p">{</span> <span class="na">name</span><span class="p">:</span> <span class="dl">'</span><span class="s1">string</span><span class="dl">'</span><span class="p">,</span> <span class="na">age</span><span class="p">:</span> <span class="dl">'</span><span class="s1">number</span><span class="dl">'</span><span class="p">,</span> <span class="na">active</span><span class="p">:</span> <span class="dl">'</span><span class="s1">boolean</span><span class="dl">'</span><span class="p">,</span> <span class="na">address</span><span class="p">:</span> <span class="p">{</span> <span class="na">street</span><span class="p">:</span> <span class="dl">'</span><span class="s1">string</span><span class="dl">'</span><span class="p">,</span> <span class="na">zip</span><span class="p">:</span> <span class="dl">'</span><span class="s1">number</span><span class="dl">'</span> <span class="p">}</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">user</span> <span class="o">=</span> <span class="nf">parse</span><span class="p">(</span><span class="nx">apiResponse</span><span class="p">,</span> <span class="p">{</span> <span class="nx">schema</span> <span class="p">})</span> <span class="c1">// Returns null if validation fails</span> </code></pre> </div> <p>It's not full JSON Schema (that'd be overkill), just simple type checking. The validation happens after parsing, so you get useful errors like "Field 'age': expected number, got string" instead of cryptic parse failures.</p> <p>Useful for catching bugs early, especially when working with APIs you don't control.</p> <h3> Stream Parsing </h3> <p>This one's for processing large JSON files. Most projects won't need it, but if you're dealing with big datasets:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">parseStream</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">handlejson</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">result</span> <span class="o">=</span> <span class="k">await</span> <span class="nf">parseStream</span><span class="p">(</span><span class="nx">response</span><span class="p">.</span><span class="nx">body</span><span class="p">,</span> <span class="p">{</span> <span class="na">onProgress</span><span class="p">:</span> <span class="p">(</span><span class="nx">parsed</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">'</span><span class="s1">Loading...</span><span class="dl">'</span><span class="p">),</span> <span class="na">onError</span><span class="p">:</span> <span class="p">(</span><span class="nx">err</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="nx">console</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="dl">'</span><span class="s1">Error:</span><span class="dl">'</span><span class="p">,</span> <span class="nx">err</span><span class="p">)</span> <span class="p">})</span> <span class="k">if </span><span class="p">(</span><span class="nx">result</span><span class="p">.</span><span class="nx">complete</span><span class="p">)</span> <span class="p">{</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">'</span><span class="s1">Data:</span><span class="dl">'</span><span class="p">,</span> <span class="nx">result</span><span class="p">.</span><span class="nx">data</span><span class="p">)</span> <span class="p">}</span> </code></pre> </div> <p>I added this because I was working on a feature that needed to process multi-MB JSON files. Loading everything into memory first wasn't ideal.</p> <h2> Real Example </h2> <p>Here's a common pattern I see (and wrote myself many times):<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// Before</span> <span class="kd">function</span> <span class="nf">loadUser</span><span class="p">()</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">stored</span> <span class="o">=</span> <span class="nx">localStorage</span><span class="p">.</span><span class="nf">getItem</span><span class="p">(</span><span class="dl">'</span><span class="s1">user</span><span class="dl">'</span><span class="p">)</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">stored</span><span class="p">)</span> <span class="k">return</span> <span class="kc">null</span> <span class="k">try</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">parsed</span> <span class="o">=</span> <span class="nx">JSON</span><span class="p">.</span><span class="nf">parse</span><span class="p">(</span><span class="nx">stored</span><span class="p">)</span> <span class="k">if </span><span class="p">(</span><span class="nx">parsed</span><span class="p">.</span><span class="nx">createdAt</span><span class="p">)</span> <span class="p">{</span> <span class="nx">parsed</span><span class="p">.</span><span class="nx">createdAt</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">Date</span><span class="p">(</span><span class="nx">parsed</span><span class="p">.</span><span class="nx">createdAt</span><span class="p">)</span> <span class="p">}</span> <span class="k">return</span> <span class="nx">parsed</span> <span class="p">}</span> <span class="k">catch</span> <span class="p">{</span> <span class="k">return</span> <span class="kc">null</span> <span class="p">}</span> <span class="p">}</span> <span class="c1">// After</span> <span class="kd">function</span> <span class="nf">loadUser</span><span class="p">()</span> <span class="p">{</span> <span class="k">return</span> <span class="nf">parse</span><span class="p">(</span><span class="nx">localStorage</span><span class="p">.</span><span class="nf">getItem</span><span class="p">(</span><span class="dl">'</span><span class="s1">user</span><span class="dl">'</span><span class="p">),</span> <span class="p">{</span> <span class="na">default</span><span class="p">:</span> <span class="kc">null</span><span class="p">,</span> <span class="na">dates</span><span class="p">:</span> <span class="kc">true</span> <span class="p">})</span> <span class="p">}</span> </code></pre> </div> <p>Way cleaner. The new features make this even better - you can add schema validation if you want to be extra safe.</p> <h2> Why Build This? </h2> <p>There are other libraries that do similar things, but they're usually heavier or have more features than I need. I wanted something tiny that just handles the common edge cases.</p> <p>It's ~2.8KB gzipped, zero dependencies, TypeScript native. Small enough that you can use it without thinking about bundle size.</p> <p>Works in browser and Node.js. Same API everywhere.</p> <h2> Should You Use It? </h2> <p>If you're doing a lot of JSON parsing and tired of try-catch blocks everywhere, maybe. It's not revolutionary - just a quality-of-life improvement.</p> <p>If you're happy with native JSON and don't mind the try-catch boilerplate, stick with that. No need to add dependencies for no reason.</p> <p>But if you do a lot of JSON parsing (localStorage, API responses, user input), it cleans up your code quite a bit.</p> <h2> Try It </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install </span>handlejson </code></pre> </div> <p>The v0.2.0 release is on npm now. If you want to try it, that's the latest version with all the new features.</p> <p>All the new stuff is opt-in, so existing code using handlejson (if anyone is) won't break. The new features are optional options.</p> <p>What do you think? Do you write try-catch blocks for JSON.parse a lot, or am I the only one bothered by this? Always curious what other developers think about this stuff.</p> javascript typescript json node Chintan Shah Thu, 18 Dec 2025 22:11:14 +0000 https://dev.to/chintanshah35/your-consolelog-deserves-better-4ack https://dev.to/chintanshah35/your-consolelog-deserves-better-4ack <p>I kept copy-pasting the same logging code into every new project. Eventually I just packaged it up. It's called <strong>logfx</strong> — a tiny library that makes your console output a bit easier to read.</p> <h2> The problem I kept running into </h2> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">'</span><span class="s1">DEBUG: starting process</span><span class="dl">'</span><span class="p">)</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">'</span><span class="s1">INFO: connected</span><span class="dl">'</span><span class="p">)</span> <span class="nx">console</span><span class="p">.</span><span class="nf">log</span><span class="p">(</span><span class="dl">'</span><span class="s1">ERROR: something broke</span><span class="dl">'</span><span class="p">)</span> </code></pre> </div> <p>It works, but it's hard to scan. Everything looks the same.</p> <h2> A small improvement </h2> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">log</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">logfx</span><span class="dl">'</span> <span class="nx">log</span><span class="p">.</span><span class="nf">debug</span><span class="p">(</span><span class="dl">'</span><span class="s1">Starting process</span><span class="dl">'</span><span class="p">)</span> <span class="nx">log</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">Connected</span><span class="dl">'</span><span class="p">)</span> <span class="nx">log</span><span class="p">.</span><span class="nf">error</span><span class="p">(</span><span class="dl">'</span><span class="s1">Something broke</span><span class="dl">'</span><span class="p">)</span> </code></pre> </div> <p><strong>Output:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>🔍 DEBUG Starting process 💡 INFO Connected 🔴 ERROR Something broke </code></pre> </div> <p>Just a bit of color and structure — but it makes a difference when you're debugging.</p> <h2> When logfx might help </h2> <p>logfx is a lightweight option for when you want:</p> <ul> <li> <strong>Something simple</strong> — no config, just import and go</li> <li> <strong>Readable dev logs</strong> — easier to scan in your terminal</li> <li> <strong>A small footprint</strong> — ~2KB gzipped, zero dependencies</li> <li> <strong>Quick projects</strong> — prototypes, scripts, side projects</li> <li> <strong>Universal support</strong> — Node.js, browsers, Bun, Deno</li> </ul> <h2> What's inside </h2> <p><strong>Lightweight</strong><br><br> ~2KB gzipped with zero dependencies. Tried to keep it minimal.</p> <p><strong>Nice defaults</strong><br><br> Colors and structure out of the box — no setup needed.</p> <p><strong>TypeScript support</strong><br><br> Built in TypeScript with full type inference.</p> <p><strong>Smart log levels</strong><br><br> Debug logs auto-hide in production.</p> <p><strong>Transports</strong><br><br> Console, file, webhook — in case you need to send logs somewhere.</p> <h2> A few examples </h2> <p><strong>Namespaced loggers:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">logger</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">logfx</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">auth</span> <span class="o">=</span> <span class="nf">logger</span><span class="p">(</span><span class="dl">'</span><span class="s1">auth</span><span class="dl">'</span><span class="p">)</span> <span class="kd">const</span> <span class="nx">db</span> <span class="o">=</span> <span class="nf">logger</span><span class="p">(</span><span class="dl">'</span><span class="s1">db</span><span class="dl">'</span><span class="p">)</span> <span class="nx">auth</span><span class="p">.</span><span class="nf">success</span><span class="p">(</span><span class="dl">'</span><span class="s1">User logged in</span><span class="dl">'</span><span class="p">)</span> <span class="c1">// ✅ SUCCESS [auth] User logged in</span> <span class="nx">db</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">Query executed</span><span class="dl">'</span><span class="p">)</span> <span class="c1">// 💡 INFO [db] Query executed</span> </code></pre> </div> <p><strong>Timers:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">time</span><span class="p">,</span> <span class="nx">timeEnd</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">logfx</span><span class="dl">'</span> <span class="nf">time</span><span class="p">(</span><span class="dl">'</span><span class="s1">api-call</span><span class="dl">'</span><span class="p">)</span> <span class="k">await</span> <span class="nf">fetch</span><span class="p">(</span><span class="dl">'</span><span class="s1">/data</span><span class="dl">'</span><span class="p">)</span> <span class="nf">timeEnd</span><span class="p">(</span><span class="dl">'</span><span class="s1">api-call</span><span class="dl">'</span><span class="p">)</span> <span class="c1">// ⏱️ api-call: 245.32ms</span> </code></pre> </div> <p><strong>Pretty boxes:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">box</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">logfx</span><span class="dl">'</span> <span class="nf">box</span><span class="p">(</span><span class="dl">'</span><span class="s1">Server running on port 3000</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">title</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Ready</span><span class="dl">'</span> <span class="p">})</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>╭─ Ready ─────────────────────────╮ │ Server running on port 3000 │ ╰─────────────────────────────────╯ </code></pre> </div> <p><strong>Tables:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">table</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">logfx</span><span class="dl">'</span> <span class="nf">table</span><span class="p">([</span> <span class="p">{</span> <span class="na">name</span><span class="p">:</span> <span class="dl">'</span><span class="s1">John</span><span class="dl">'</span><span class="p">,</span> <span class="na">role</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Admin</span><span class="dl">'</span> <span class="p">},</span> <span class="p">{</span> <span class="na">name</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Jane</span><span class="dl">'</span><span class="p">,</span> <span class="na">role</span><span class="p">:</span> <span class="dl">'</span><span class="s1">User</span><span class="dl">'</span> <span class="p">},</span> <span class="p">])</span> </code></pre> </div> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>┌─────────┬─────────┐ │ name │ role │ ├─────────┼─────────┤ │ John │ Admin │ │ Jane │ User │ └─────────┴─────────┘ </code></pre> </div> <p><strong>JSON output:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">createLogger</span><span class="p">,</span> <span class="nx">transports</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">logfx</span><span class="dl">'</span> <span class="kd">const</span> <span class="nx">log</span> <span class="o">=</span> <span class="nf">createLogger</span><span class="p">({</span> <span class="na">transports</span><span class="p">:</span> <span class="p">[</span><span class="nx">transports</span><span class="p">.</span><span class="nf">console</span><span class="p">({</span> <span class="na">format</span><span class="p">:</span> <span class="dl">'</span><span class="s1">json</span><span class="dl">'</span> <span class="p">})]</span> <span class="p">})</span> <span class="nx">log</span><span class="p">.</span><span class="nf">info</span><span class="p">(</span><span class="dl">'</span><span class="s1">Request</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">method</span><span class="p">:</span> <span class="dl">'</span><span class="s1">GET</span><span class="dl">'</span><span class="p">,</span> <span class="na">path</span><span class="p">:</span> <span class="dl">'</span><span class="s1">/api</span><span class="dl">'</span> <span class="p">})</span> <span class="c1">// {"timestamp":"2025-12-18T...","level":"info","message":"Request","method":"GET","path":"/api"}</span> </code></pre> </div> <h2> Try it out </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install </span>logfx </code></pre> </div> <h2> Links </h2> <ul> <li> <strong>GitHub:</strong> <a href="https://github.com/chintanshah35/logfx" rel="noopener noreferrer">github.com/chintanshah35/logfx</a> </li> <li> <strong>npm:</strong> <a href="https://www.npmjs.com/package/logfx" rel="noopener noreferrer">npmjs.com/package/logfx</a> </li> </ul> logging devtools typescript opensource Chintan Shah Thu, 18 Dec 2025 05:27:19 +0000 https://dev.to/chintanshah35/hello-devto-im-chintan-shah-2hka https://dev.to/chintanshah35/hello-devto-im-chintan-shah-2hka <p>Excited to finally join the dev.to community! Here's a bit about me.</p> <h2> Who am I? </h2> <p>I'm Chintan — a Senior Software Engineer based in Virginia. I've been building web applications for about 9 years now, and somehow I still get excited when a tricky bug finally clicks.</p> <p>I have a Master's in Computer Science, but honestly, most of what I know came from breaking things in production and frantically Googling at 2am (kidding... mostly).</p> <h2> The journey so far </h2> <p>I've been lucky to work across some really different industries — <strong>healthcare</strong>, <strong>insurance</strong>, <strong>digital marketing</strong>, and <strong>travel</strong>. Each one taught me something different.</p> <p>Healthcare taught me that your code actually matters — when clinicians rely on your software, you think twice before shipping. Insurance showed me what high-volume really means — millions of transactions, peak hours that can make or break systems. Marketing was all about speed and iteration. Travel? Resilience. Nothing prepares you for traffic spikes like holiday booking season.</p> <p>These days, I'm leading projects and doing the full-stack thing — React and TypeScript on the frontend, Scala and Node.js on the backend, with a healthy dose of AWS thrown in.</p> <h2> What gets me excited </h2> <p>I genuinely enjoy the craft of building software. Whether it's architecting a micro frontend, setting up a clean CI pipeline, or making an app actually work with a screen reader — I'm into it.</p> <p>Web accessibility is a big one for me. It's not a checkbox, it's the baseline. I've spent a lot of time with WCAG, screen readers, and making sure the things I build work for everyone.</p> <p>Also, I have a soft spot for developer tooling. There's something satisfying about building tools that make other engineers' lives easier.</p> <h2> Outside of work </h2> <p>I tinker with open source and recently published a couple of npm packages. <a href="https://www.npmjs.com/package/logfx" rel="noopener noreferrer">logfx</a> is a tiny, colorful logging library with emojis, namespaces, and transports — because console.log deserves better. And <a href="https://www.npmjs.com/package/upstatus" rel="noopener noreferrer">upstatus</a> is a simple CLI for uptime monitoring when you just need something quick and lightweight.</p> <p>Building small, focused utilities is my kind of side project.</p> <h2> Why I'm here </h2> <p>I want to write more. Document what I learn. Share the random things I figure out. Maybe help someone avoid the same mistakes I made.</p> <p>Topics I'll probably write about:</p> <ul> <li>React patterns and frontend architecture</li> <li>Full-stack development stories</li> <li>Accessibility in practice</li> <li>The occasional rant about something that took way too long to debug</li> </ul> <h2> Say hi! </h2> <p>Find me on <a href="https://github.com/chintanshah35" rel="noopener noreferrer">GitHub</a> or <a href="https://linkedin.com/in/chintanshah301" rel="noopener noreferrer">LinkedIn</a>. </p> <p>Always down to chat about code, career stuff, or swap stories about that one bug that haunted you for days.</p> <p>See you around! 🙌</p> javascript typescript fullstack