Skip to content

Nehonix-Team/xyphra

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
src
src
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
package.json
package.json
 
 
tsconfig.json
tsconfig.json
 
 
xypriss.config.jsonc
xypriss.config.jsonc
 
 
xypriss.plugin.xsig
xypriss.plugin.xsig
 
 

Repository files navigation

Xyphra

Xyphra is the official, native replacement for morgan in the XyPriss G3 ecosystem. Designed for ultra-high performance and Zero-Trust security, it offers features that standard JS loggers lack, such as native JSON support, automatic security redaction, and GDPR-compliant IP anonymization.

Features

  • Blazing Fast: Native TypeScript implementation with zero overhead.
  • Security-First: Redact sensitive headers (Authorized, Cookies, etc.) automatically.
  • GDPR Compliant: One-click IP anonymization.
  • Hybrid Architecture: Use it as a XyPriss Plugin (Lifecycle integrated) or as a standard middleware.

Security & Required Permissions (XHS G3)

Xyphra operates under a strict Zero-Trust model. To ensure full visibility and accurate telemetry, you must grant the following permissions in your xypriss.config.jsonc:

  • XHS.PERM.SECURITY.SENSITIVE_DATA: Critical. Grants access to request headers (User-Agent, Referer). Note: Standard headers like Host and Content-Type are visible by default through selective masking, but full identification requires this permission.
  • XHS.PERM.HTTP.GLOBAL_MIDDLEWARE: Required to hook into the global request/response stream via server.app.use().
  • XHS.HOOK.HTTP.ON_RESPONSE: Required for lifecycle-integrated logging (triggered at the end of every response).
  • Strictly Typed: Full TypeScript support with detailed request timing.

Developer Identity (G3 Security)

Important

Developer ID: ed25519:a58b17a3e46302dd3ae5538bc9b8b991c57f4c5fe2e7d8ac41803de818d947f4 This plugin is cryptographically signed. Always verify the signature during installation.

Installation

xfpm install xyphra

Quick Start

1. Register as a Plugin (Recommended)

In your xypriss.config.jsonc, grant the necessary permissions:

{
  "$internal": {
    "xyphra": {
      "permissions": {
        "allowedHooks": [
          "XHS.HOOK.HTTP.REQUEST",
          "XHS.HOOK.HTTP.RESPONSE",
          "XHS.PERM.SECURITY.SENSITIVE_DATA",
        ],
        "policy": "allow",
      },
    },
  },
}

Then, register the plugin using one of the two standard methods:

Method A: Via ServerOptions (Standard)

import { createServer } from "xypriss";
import { XyphraPlugin } from "xyphra";

const server = createServer({
  plugins: {
    register: [
            XyphraPlugin({
                anonymizeIp: true,
                immediate: false,
                stream: {
                    write(str: string) {
                        console.log(str);
                    },
                },
            }),
        ],
  }
});

Method B: Programmatically (Runtime)

import { Plugin } from "xypriss";
import { XyphraPlugin } from "xyphra";

Plugin.exec(
  XyphraPlugin({
    format: "json",
    anonymizeIp: true,
    redactHeaders: ["authorization", "cookie"],
  })
);

2. Use as Middleware (Compat Mode)

import { xyphraMiddleware } from "xyphra";

server.use(xyphraMiddleware("dev"));

Configuration

Option Type Description
format string 'json', 'dev', 'combined', 'short', 'tiny'
stream Stream Output target (default: stdout)
anonymizeIp boolean Mask the last octet of IP addresses
redactHeaders string[] List of headers to mask as [REDACTED]
immediate boolean Log on request start instead of response finish

License

MIT © Nehonix-Team

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages