npm - @meadown/logger - Versions diffs - 1.8.2 → 1.8.4 - Mend

@meadown/logger 1.8.2 → 1.8.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/README.md CHANGED Viewed

@@ -1,3 +1,5 @@
+![meadown/logger — a development-focused logger for Node.js](media/header.png)
 # @meadown/logger
 A **development-focused logger** for Node.js and TypeScript — built to make your
@@ -7,15 +9,18 @@ No dependencies. No config. Import it and you're done.
 ## Why this exists
-I kept writing the same custom log wrapper in every project — the one that
-silences itself in production and shows a timestamp. I kept forgetting to use
-it, shipping stray `console.log` calls, and having no idea which file a log
-message came from. So I built the version I always wanted: zero dependencies,
-automatic production silence, and every line tells you exactly where it came
-from as a clickable link.
+I kept writing the same `console.log` wrapper in every project. Every time.
+Copy, paste, rename. And I still shipped it to production by accident. And I
+still spent ten minutes staring at logs trying to figure out which file they
+came from.
+At some point I just built the thing I always wanted.
+One import. No config. No dependencies. It shows you exactly where every log
+came from, and it gets out of the way when you ship.
-> Full story — problem, research, design, build, and what got cut along the
-> way — in [`docs/STORY.md`](docs/STORY.md).
+> The full story — the problem, the research, every design decision, and
+> everything that got cut — is in [`docs/STORY.md`](docs/STORY.md).
 ## Features
@@ -63,7 +68,7 @@ actual response body. The promise flows through untouched. One line of code.
 ```ts
 const user = await logger.tap(
   fetch("https://api.example.com/users/1"),
-  "GET /users/1"
+  "GET /users/1",
 )
 // user is the real Response — your code doesn't change at all
 ```
@@ -93,7 +98,7 @@ back? Without opening DevTools.
 Works with plain values too — logs it, returns it, nothing changes:
 ```ts
-const port = logger.tap(5000, "port")          // port is still 5000
+const port = logger.tap(5000, "port") // port is still 5000
 const user = logger.tap(await getUser(), "user") // same as without tap
 ```

package/SECURITY.md CHANGED Viewed

@@ -2,15 +2,15 @@
 ## Reporting a vulnerability
-Please report security issues **privately** by email to
-[inbox.meadown@gmail.com](mailto:inbox.meadown@gmail.com).
+Please report security issues **privately** — do not open a public issue for
+anything exploitable.
+- **Preferred:** [Open a private security advisory →](https://github.com/meadown/meadown-logger/security/advisories/new)
+- **Alternative:** email [inbox.meadown@gmail.com](mailto:inbox.meadown@gmail.com)
 Include a description, the affected version, and steps to reproduce. We aim to
 acknowledge reports within a few days and to coordinate a fix and disclosure.
-> Once this repository is public, reports can also be filed via GitHub Security
-> Advisories ("Report a vulnerability" under the Security tab).
 ## Supported versions
 Only the latest published `@meadown/logger` release receives security fixes.

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@meadown/logger",
-  "version": "1.8.2",
+  "version": "1.8.4",
   "description": "A development-focused logger for Node.js and TypeScript — zero dependencies, clickable source links, and API response logging built in.",
   "keywords": [
     "logger",