Node.js Logger log-wiz Hits 253 Downloads in 3 Days

253 downloads in 3 days. 🎯 Honestly didn't expect this when I published @gouranga_samrat/log-wiz to npm last week. For those who missed the first post — log-wiz is an ultra-lightweight Node.js & Browser logger I built from scratch with: 🔒 Automatic PII masking (password, token, secret... auto-redacted. No config needed.) ⚡ < 1.5 KB gzipped for browser 0️⃣ Zero runtime dependencies 📁 Daily file rotation built-in 🌐 Works in Node.js AND browser 💪 Full TypeScript support The thing that seems to resonate most? The PII masking. Every developer has shipped a bug to production and later realized their logs were full of passwords, tokens, or card numbers. log-wiz just... handles it. Before the data ever touches a transport. We also just launched the full documentation site 👇 🌐 https://lnkd.in/g-7EBk7E It covers everything — getting started, all config options, transport setup, browser usage, architecture deep-dive, and a full API reference. If you're still using console.log in production, this is for you. npm install @gouranga_samrat/log-wiz Feedback, stars, and brutal honesty all welcome. 🙏 📦 https://lnkd.in/giaAC5Ac ⭐ https://lnkd.in/gBNajC-Y #nodejs #typescript #opensource #javascript #npm #webdevelopment #softwaredevelopment #programming #developer #100daysofcode

POV: You didn't fix the npm error. You just muted it. 💀 npm i --force or npm i --legacy-peer-deps These commands can save you for 5 minutes... and cost you 5 hours later 😅 🔹 --legacy-peer-deps = "Ignore the dependency conflict and install anyway" 🔹 --force = "Ignore everything and let chaos take the wheel" Example 👇 Found: react@19 Package A requires react@18 --legacy-peer-deps will make it install ✅ But the mismatch is still there 👀 Then later: ❌ CI fails ❌ Teammate gets a different install ❌ Random runtime bugs appear ❌ You are debugging node_modules at 2AM like it is a horror movie 🍿 When is it okay to use them? 🟡 --legacy-peer-deps 1. during migrations 2. old projects with outdated packages 3. when you already checked the versions are compatible 🔴 --force 1. almost never 2. maybe for a broken cache / weird npm issue 3. only if you know exactly what you are bypassing Better fix 🛠️ rm -rf node_modules package-lock.json npm install Or better yet: ✨ align the package versions properly Tiny rule of thumb: 🟡 --legacy-peer-deps = "temporary shortcut" 🔴 --force = "temporary chaos" If your project only works with npm i --force, your dependency tree is being held together by vibes, duct tape, and emotional support 🫠 #javascript #typescript #react #nextjs #nodejs #npm #webdevelopment

Excited to announce west-js-app v3.1.0 🎉 I've been building west-js-app — an open-source CLI that scaffolds a production-ready Express + TypeScript backend in seconds. Think of it as `create-react-app`, but for your Node.js backend. With a single command: $ npx west-js-app ...you get a fully configured project with your choice of ORM (Prisma, Drizzle, TypeORM, Mongoose), database, Docker setup, Zod validation, Pino logging, ESLint, Prettier, and Husky pre-commit hooks — all wired up from day one. Version 3.1.0 brings the most requested feature yet: Vitest support ⚡ Here's what's new: • Vitest is now available as an alternative to Jest for unit and integration testing • New --test-framework flag lets you choose between jest, vitest, or none during scaffolding • Tests are only generated when a framework is selected — no clutter if you don’t need it • Improved Jest compatibility on Windows (no extra tooling required) • Boilerplate templates now include explicit Vitest imports for better IDE support Vitest is now the recommended choice for performance-critical projects — it’s faster, native to ESM, and feels right at home alongside modern TypeScript toolchains. If you’re tired of spending the first few hours of every project configuring boilerplate, give west-js-app a try. It’s open source, zero runtime dependency, and you own all the generated code. 🔗 westjs.vishalvoid.com 📦 npm: npx west-js-app ⭐ GitHub: https://lnkd.in/ge5w3peV #OpenSource #NodeJS #ExpressJS #TypeScript #Vitest #BackendDevelopment #DeveloperTools #WebDevelopment

512,000 lines of TypeScript. Shipped to npm. By accident. Anthropic leaked Claude Code's entire source code through a misconfigured source map in version 2.1.88. Not a hack. A packaging mistake. 𝗛𝗲𝗿𝗲'𝘀 𝘁𝗵𝗲 𝗱𝗲𝗮𝗹 The npm package included an unobfuscated source map exposing ~2,000 TypeScript files. Thousands of devs mirrored it within hours. The internet doesn't forget. 𝗪𝗵𝗮𝘁 𝗽𝗲𝗼𝗽𝗹𝗲 𝗳𝗼𝘂𝗻𝗱 👉🏽 KAIROS: a persistent background agent that fixes errors and runs tasks without you 👉🏽 A "dream" mode where Claude thinks in the background 👉🏽 Push notifications for completed tasks 👉🏽 The full architecture behind one of the fastest growing repos on GitHub 𝗧𝗵𝗲 𝗹𝗲𝘀𝘀𝗼𝗻 A missing .npmignore exposed everything. npm packaging defaults are aggressive: if you don't explicitly exclude files, they ship. Worse, attackers jumped on the confusion window to typosquat internal package names and stage dependency confusion attacks. I use Claude Code every day. No customer data or credentials leaked, and Anthropic patched it fast. But this is a good reminder to audit your own npm packages. One bad publish and your source is public forever. 𝘞𝘩𝘦𝘯'𝘴 𝘵𝘩𝘦 𝘭𝘢𝘴𝘵 𝘵𝘪𝘮𝘦 𝘺𝘰𝘶 𝘤𝘩𝘦𝘤𝘬𝘦𝘥 𝘺𝘰𝘶𝘳 .𝘯𝘱𝘮𝘪𝘨𝘯𝘰𝘳𝘦?

Day 16 #100DaysOfCode 💻 #React_project_clone Today I learned how to run a cloned React project from GitHub. When we clone a React repository, the project files come with it, but the node_modules folder is usually missing because it is not pushed to GitHub. So after cloning the project, we need to install all dependencies using npm install. This command reads the package.json file and installs React, Tailwind, DaisyUI, and other packages automatically. Example workflow: git clone https://lnkd.in/gZ2K9TkJ cd project npm install npm run dev Now the project runs perfectly on another computer as well. Small concept, but very useful for working from multiple machines. #React #GitHub #WebDevelopment #FrontendDeveloper #JavaScript #Akbiplob

🚫 𝗦𝘁𝗼𝗽 𝗔𝗰𝗰𝗶𝗱𝗲𝗻𝘁𝗮𝗹𝗹𝘆 𝗨𝘀𝗶𝗻𝗴 𝗻𝗽𝗺 𝗶𝗻 𝗽𝗻𝗽𝗺 𝗣𝗿𝗼𝗷𝗲𝗰𝘁𝘀 Recently, I was working on a Next.js project that uses pnpm. But out of habit, I (and others) sometimes ran npm install by mistake. This created a package-lock.json alongside pnpm-lock.yaml — leading to: ❌ Dependency drift ❌ Conflicting versions ❌ Corrupted node_modules ❌ Unpredictable production builds So I enforced pnpm-only usage using a simple setup 👇 🔹 1. 𝗥𝗲𝘀𝘁𝗿𝗶𝗰𝘁 𝗽𝗮𝗰𝗸𝗮𝗴𝗲 𝗺𝗮𝗻𝗮𝗴𝗲𝗿 𝘂𝘀𝗶𝗻𝗴 𝗽𝗿𝗲𝗶𝗻𝘀𝘁𝗮𝗹𝗹 𝘀𝗰𝗿𝗶𝗽𝘁 "scripts": {  "preinstall": "npx only-allow pnpm",  "dev": "npx only-allow pnpm && next dev" } 👉 If someone runs npm install, this script checks the user agent and immediately stops execution with an error. Note = User agent (in this context) is a string that tells which tool is running the command. When you run: npm install pnpm install An environment variable npm_config_user_agent is set, containing: package manager (npm/pnpm/yarn) version Node.js version OS Example If you run with npm: npm/10.2.0 node/v18.17.0 win32 x64 If you run with pnpm: pnpm/9.0.0 npm/? node/v18.17.0 win32 x64 How only-allow pnpm works:  It reads this string and checks the tool used. ✅ pnpm → allowed ❌ npm/yarn → blocked 🔹 2. 𝗗𝗲𝗳𝗶𝗻𝗲 𝗿𝗲𝗾𝘂𝗶𝗿𝗲𝗱 𝗲𝗻𝗴𝗶𝗻𝗲𝘀 "engines": {  "node": ">=18.0.0",  "pnpm": ">=9.0.0" } 👉 Clearly specifies which tools are expected for the project. 🔹 3. 𝗘𝗻𝗳𝗼𝗿𝗰𝗲 𝘀𝘁𝗿𝗶𝗰𝘁 𝗲𝗻𝗴𝗶𝗻𝗲 𝗿𝘂𝗹𝗲𝘀 𝘃𝗶𝗮 .𝗻𝗽𝗺𝗿𝗰 engine-strict=true 👉 By default, npm only shows warnings. This setting turns them into hard errors, preventing incorrect setups. Note = The .npmrc file is a configuration file used by npm to control how packages are installed, published, and managed. 💡 Result: No more accidental npm installs. Cleaner dependency management. Stable builds. #NodeJS #NextJS #pnpm #JavaScript

We just released Popcorn 0.2 – our library that lets you run #Elixir in the browser using WebAssembly. The big change: a proper npm package. Sounds simple, but shipping Elixir, JS, and Wasm together meant dealing with bundlers that want to merge and rename everything, and Emscripten-generated code that expects exact filenames in exact locations. These two assumptions don't mix well. We spent three weeks trying to make it all bundler-friendly. At one point we considered base64-encoding the entire VM inside a JS file that contains a stringified copy of itself. The solution that actually worked? A plugin that copies our files to the output directory and tells bundlers not to touch them. The whole integration is one line in your config. Sometimes the right answer is the boring one – you just need the right abstraction for it. Read full story by 🍉 Jakub Gonet, who worked on the Popcorn project: https://lnkd.in/d5YwWznh

I wasted 4 hours debugging a React bug… It was just a stale closure. Yeah. 💀 That one bug taught me more than 10 tutorials ever did. Here are 5 full-stack lessons I wish I knew earlier 👇 --- 1. Most React apps are over-hydrated Stop shipping 500kb JS for static pages. Switching to Server Components gave us near-instant load. 2. console.log is NOT debugging We added global error middleware in Express. Debug time ↓ 50%. 3. Your database is slow… not your server One missing index on a 1M+ row table. 800ms → 12ms. 4. LocalStorage JWT = Security risk Moved to HttpOnly cookies. Safer auth in literally 10 minutes. 5. Writing code ≠ being senior Clear communication > clever code. Documenting “why” saved us weeks of rework. --- 🚀 2026 Full-Stack Audit: ☑ Use Vite ☑ Fix N+1 queries ☑ Standardize API responses ☑ Audit bundle size monthly Every developer has that “stupid bug” story… What’s yours? 👇 I’ll send my Modern Stack Template to everyone who comments. #reactjs #nodejs #webdevelopment #fullstackdeveloper #programming #softwareengineering #javascript #mernstack #coding #developers

Why can't config files have comments? If you've ever pasted a JSON config and immediately wished you could explain what a block of settings actually does — JSON5 is worth knowing about. JSON5 is a superset of JSON that adds a few things that make configuration files much more pleasant to work with: 💬 Comments — both inline and block ✅ Trailing commas — no more hunting down which line is missing one 🔓 Unquoted property names — copy directly from TypeScript/JavaScript without reformatting 📝 Multi-line strings Valid JSON is always valid JSON5, so there's no migration pain. It works across the stack too — npm package for JS/TS, json5k library for Kotlin, and IntelliJ supports it out of the box. I wrote up a quick intro with examples — including a real-world Renovate config — here 👇 https://lnkd.in/grFnkvRd #JSON5 #WebDev #JavaScript #TypeScript #Kotlin #DevTools #SoftwareDevelopment

Completed Episode 2 "Js on Server"of Namaste Node.js season -1 #NamasteNodejs by Akshay Saini 🚀 where learned about server, v8 engine.... 💻 What is a Server? A server is a remote computer that provides data and services to other computers (clients). Client Request 📩 → Server Processing ⚙️ → Response 📦 🌍 What is an IP Address? An IP address is a unique identity for every device on the internet ,Just like a home address, but for computers. ⚡ How JavaScript Came to Servers Earlier, JavaScript only worked inside browsers Then came Node.js - 👉 Now JavaScript runs on servers too 👉 Same language for frontend + backend = efficiency 🧠 V8 Engine • Converts JavaScript into machine code • Executes code at high speed • Uses JIT (Just-In-Time compilation) 💪🏻 Why Node.js is powerful? V8 alone can't Access database and make API calls But Node.js adds superpowers: ✅ File system access ✅ API handling ✅ Database connectivit #JavaScript #NodeJS #Backend #WebDevelopment #LearningInPublic #TechJourney #WebDevelopment #ReactJS #NodeJS #FullStackDeveloper #WebDevelopment #FrontendToBackend #JavaScript #CodingJourney #DeveloperLife #SoftwareDeveloper #TechJourney #LearningInPublic #NamasteNodeJS #CodeNewbie #ProgrammerLife #DevCommunity #BuildInPublic #CodingDaily #WebDev #MERNStack #APIDevelopment #ServerSide #TechLearning #FutureDeveloper #AkshaySaini