v6.4.1

Bug Fix

• Updated colorize.ts so values now follow the color of their associated key, using a slightly different shade instead of the exact same color to make key/value pairs easier to visually distinguish while still clearly belonging together.

v6.4.0

Breaking Changes

• IColorConfiguration key slots removed. The interface no longer includes key, levelKey, messageKey, fileNameKey, logCallStackKey, packageNameKey, timestampKey, or errCallStackKey. These slots were used to assign a single fixed color to all keys of each type. They are replaced by hash-based coloring (see below). If you were reading or writing these slots on a custom IColorConfiguration, remove those references. Value-coloring slots (errorLevel, warnLevel, nonErrorMessage, fileName, timestamp, errCallStack, etc.) are unchanged.

New Features

• Unique per-property key colors derived from property name. Every JSON key now gets its own distinct ANSI truecolor (24-bit RGB) derived from a djb2 hash of the key name. The same key name always produces the same color across all log lines, regardless of call site, log level, or log order. This makes it easy to visually track specific fields like userId or requestId across many log entries — each field consistently appears in its own color.
• Terminal background auto-detection. When CONSOLE_LOG_COLORIZE=true, the colorizer now detects whether the terminal background is dark or light and adjusts key colors accordingly. Dark backgrounds (the most common developer setup) get bright, high-lightness colors. Light backgrounds get darker, more readable tones. Detection checks, in order: CONSOLE_LOG_COLORIZE_BACKGROUND env var override, COLORFGBG (xterm/rxvt/Konsole), TERM_PROGRAM (Apple_Terminal → light, vscode → dark), WT_SESSION (Windows Terminal → dark), VTE_VERSION (GNOME Terminal → dark). Falls back to dark-background behavior when no signal is found.
• CONSOLE_LOG_COLORIZE_BACKGROUND override. Set to dark or light to force a specific color palette regardless of terminal detection. Useful in CI environments, scripts, or when auto-detection is wrong.

Security Fixes

• Replaced the regex-based colorJson(...) token matcher with a linear JSON scanner, removing the polynomial-time escaped-string path flagged by CodeQL while preserving existing ANSI color behavior.

Improvements

• Unified the logger configuration model so settings can be supplied either as direct LoggerAdaptToConsole({...}) options or as environment variables. This adds top-level programmatic aliases for the existing env-backed flags and adds env-var forms for log level, debug-string capture, static custom fields, redaction, hook timeout, and advanced hook references.
• Key colors are cached per name and theme across log calls, so repeated keys (e.g. level, message, userId) pay the hash cost only once per process lifetime.

Tests

• Added regression coverage for long escaped-quote payloads in colorJson(...), ensuring colorized output still round-trips without content changes.
• Added regression coverage for the unified configuration surface, including top-level flag aliases, env-driven log level/debug/custom-options/redaction behavior, and env-resolved hook callbacks.
• Added end-to-end regression coverage for colorized logger output through the real LoggerAdaptToConsole(...) path, including direct top-level colorize usage and the transformOutput + colorize and redact + colorize combinations. The new tests assert both ANSI emission and that the JSON payload remains correct after stripping ANSI codes.
• Added hash-based key color tests: same key name produces same color across calls, different key names produce different colors, truecolor codes are emitted, light and dark themes produce visually distinct colors (verified by RGB sum thresholds).

v6.3.2

Bug Fixes

• Hardened browser-like host detection so the logger treats globalThis.document and window.document as DOM signals when deciding whether process.stdout.write(...) is trustworthy. This closes another esm.sh-style recursion path where a browser host exposes a fake Node stdout shim through tty.mjs.

Tests

• Added regression coverage for browser-like hosts that expose DOM only through window.document, ensuring the logger still avoids fake stdout writes in that shape.

v6.3.1

Bug Fixes

• Added a second defensive safeguard for browser-style hosts where even the saved original console.log(...) feeds back into the patched console path. Re-entrant feedback during the logger's own write/fallback emission is now dropped instead of recursively re-logging logger output.

v6.3.0

Security Fixes

• Upgraded dev-dependency np package version to 11.1.0
• Upgraded dev-dependency jest package version to 30.3.0

Bug Fixes

• Narrowed browser-like output handling to ignore fake process.stdout.write(...) shims in hosts like code.esm.sh, preventing recursive console.log(...) loops and Maximum call stack size exceeded while preserving direct stdout writes in real Node.js. See details in docs/code-esm-sh-stdout-recursion.md

Improvements

• Made the Jest contributor/test stack ESM-aware without changing library runtime behavior. Jest now transpiles the ESM-only chai package via ts-jest, uses a dedicated tsconfig.jest.json, and keeps the test environment on the existing CommonJS semantics so logger startup behavior stays stable under test.
• Refreshed the contributor toolchain around the Jest migration by upgrading ts-jest, chai, @types/jest, @types/chai, sinon, @types/sinon, @types/node, prettier, and typescript, while pruning stale unused test/dev dependencies from package.json.
• Added TypeScript 6 build compatibility by setting ignoreDeprecations: "6.0" in tsconfig.json, keeping the existing emit target and broader library compatibility intact.

Tests

• Added regression coverage for the browser-like fake-stdout recursion case in both the Node-simulated compatibility tests and the real browser bundle tests.
• Updated the Jest test suite to use ESM-safe imports where needed so the upgraded Jest/Chai toolchain runs cleanly end to end.

v6.2.1

Bug Fixes

• Logging a bare Error no longer prefixes the message with a dangling hyphen. Calls like console.error(new Error('bang')) and console.log(new Error('bang')) now emit message: "bang" instead of message: " - bang".

Tests

• Added regression coverage for bare-error logging without extra context. Updated error-only expectations and added an explicit end-to-end console-path test to ensure the emitted message stays clean when no leading string message is provided.

v6.2.0

Bug Fixes

• Buffered startup logs now preserve original caller metadata. When an early log is held briefly for async package-name lookup, its @filename and @logCallStack are captured at the original call site instead of being recomputed later during flush.
• Node ESM caller detection now skips packaged library frames more reliably. @filename no longer falls back to node_modules/console-log-json/dist/esm/index.mjs in the reported startup case when the first real external caller is the consumer's app entry file.
• Bare Error stack headers are now stripped from non-error call stacks. @logCallStack no longer degrades to a useless literal "Error" when the runtime emits a header line without a trailing colon.
• Internal helper frames are omitted from @logCallStack. Non-error call stacks now start at the consumer-visible caller instead of internal helpers like captureFileInfo(...), emitConsoleJsonLog(...), or logUsingConsoleJson(...).

Tests

• Added end-to-end regression coverage for the reported Node ESM startup case. The test suite now verifies @packageName, @filename, and @logCallStack behavior with a temporary ESM consumer setup that mirrors the installed package layout under node_modules/console-log-json/dist/esm/index.mjs.
• Added stack-parser regressions for packaged ESM frames and internal helper trimming. Browser/stack compatibility tests now cover installed-package frame skipping, bare Error headers, and removal of leading internal logger helper frames from @logCallStack.

v6.0.0

Breaking Changes

• Automatic .env loading has been removed. The library no longer reads .env files or depends on dotenv, even optionally. Configuration now comes only from existing process.env values or LoggerAdaptToConsole({ envOptions }).
• logUsingWinston has been renamed to logUsingConsoleJson. If you were importing or referencing the old helper directly, update to the new name.

New Features

• Built-in structured redaction. LoggerAdaptToConsole() now accepts a Pino-style redact option:
  • shorthand array form: redact: ['password', 'headers.authorization', 'items[*].token']
  • object form with custom censor: redact: { paths: [...], censor: 'MASKED' }
• Redaction runs on the final output object. It applies after transformOutput, before serialization/write, and onLog receives the redacted result.
• Minification-resistant caller detection. @filename now prefers V8 callsites, skips internal logger frames by function identity where possible, and falls back to stack parsing only when needed.

Improvements

• Jest replaced Mocha. The test runner is now Jest via ts-jest, with a new jest.config.cjs and TypeScript configured for Jest globals.
• Safer browser/bundled filename behavior. Documentation now explicitly treats @filename as best-effort when a consumer bundles the library and their app into a single browser file.
• No more manual .env scanning logic. The legacy Env.loadDotEnv() implementation is now a no-op compatibility shim instead of touching the filesystem.
• Logging pipeline cleanup. Internal naming and structure were updated to match the current architecture:
  • logUsingConsoleJson replaces stale Winston naming
  • final output shaping, transform hooks, redaction, and serialization are now separated more clearly
• Test suite cleanup. Removed confusing no-op await console.*(...) usage, converted the helper stack-format test to assertions instead of console output, and added targeted coverage for:
  • reserved message handling through the real console.log(...) path
  • fallback-pattern skipping in browser-style stack parsing
  • callsite-based filename detection
  • structured redaction behavior
• Stronger configuration coverage. Added an audit test to ensure every documented CONSOLE_LOG_* setting in README.md is referenced by the test suite.
• More deterministic permutation coverage. Added a table-driven test that exercises permutations of string messages, errors, one or more context objects, and explicit { level: ... } overrides and asserts a normalized final payload.

Follow-up Behavior Changes

• Reserved message handling is now consistent.
  • console.log('dude', { message: 'hi there' }) now produces message: "dude - hi there"
  • object-valued message is preserved under @messageObject instead of being flattened into top-level keys
  • when only message: { ... } is provided, the canonical message field remains present with the usual placeholder text

Bug Fixes

• @packageName now works in Node ESM startup paths. The logger no longer relies solely on require(...) to discover package.json, so LoggerAdaptToConsole() in "type": "module" projects no longer emits the misleading "<not-yet-set> Please await..." placeholder.
• Early logs are buffered while async package-name lookup completes. Startup logs emitted immediately after LoggerAdaptToConsole() are now replayed once package-name resolution finishes, instead of racing initialization.
• Redaction no longer mutates caller-owned input objects. Sensitive fields are still redacted in the final emitted log object, but the original application objects passed to console.log(...) remain unchanged.

Documentation

• ARCHITECTURE.md was rewritten and updated to reflect the real implementation instead of the older Winston-based design.
• README.md now documents:
  • Jest-based contributor/test setup
  • no automatic .env loading
  • best-effort @filename semantics in bundled browsers
  • the new redact API with examples and guidance

v5.0.0

5.0.0

v4.3.0

• fix: update prepublishOnly script to use clean-only-dist for improved clarity 0f32967
• fix: improve clean script to handle node_modules deletion more robustly c28953f
• chore: upgrade Node.js version to 20 in Dockerfile and .nvmrc f06682c
• chore: upgrade Node.js version to 18 in Dockerfile and .nvmrc d48d8b0
• chore: update np dependency to version 11.0.3 in package.json 528957b
• fix: update clean script to use rm instead of rimraf for consistency c2f72c0
• chore: downgrade dependencies for compatibility 8fe5ab3
• docs: add changelog section to README and include CHANGELOG.md in package files aaba1f6
• Merge pull request #67 from hiro5id/chore--de-couple-from-winston 1ed4672
• feat: enhance logging capabilities with envOptions and transformOutput c55e816
• Add comprehensive tests for console logging functionality 7d002c5
• chore: remove winston dependency 0837ee7
• chore: add test coverage 3f7a1c0
• chore: fix container 23e5f41

---

v3.1.1...v4.3.0