Document to configure loglevel through env variables.

2026-05-26 12:10:49 +00:00 · 2026-01-12 11:01:54 +01:00 · 2026-01-12 11:01:54 +01:00 · 20994c1834
commit 20994c1834
parent 3573ef2bc5
2 changed files with 35 additions and 13 deletions
--- a/README.md
+++ b/README.md
@ -152,23 +152,36 @@ iex (iwr "https://github.com/AikidoSec/safe-chain/releases/latest/download/unins

 ## Logging

-You can control the output from Aikido Safe Chain using the `--safe-chain-logging` flag:
+You can control the output from Aikido Safe Chain using the `--safe-chain-logging` flag or the `SAFE_CHAIN_LOGGING` environment variable.

- `--safe-chain-logging=silent` - Suppresses all Aikido Safe Chain output except when malware is blocked. The package manager output is written to stdout as normal, and Safe Chain only writes a short message if it has blocked malware and causes the process to exit.
+### Configuration Options

-  Example usage:
+You can set the logging level through multiple sources (in order of priority):

-  ```shell
-  npm install express --safe-chain-logging=silent
-  ```
+1. **CLI Argument** (highest priority):

- `--safe-chain-logging=verbose` - Enables detailed diagnostic output from Aikido Safe Chain. Useful for troubleshooting issues or understanding what Safe Chain is doing behind the scenes.
+   - `--safe-chain-logging=silent` - Suppresses all Aikido Safe Chain output except when malware is blocked. The package manager output is written to stdout as normal, and Safe Chain only writes a short message if it has blocked malware and causes the process to exit.

-  Example usage:
+     ```shell
+     npm install express --safe-chain-logging=silent
+     ```

-  ```shell
-  npm install express --safe-chain-logging=verbose
-  ```
+   - `--safe-chain-logging=verbose` - Enables detailed diagnostic output from Aikido Safe Chain. Useful for troubleshooting issues or understanding what Safe Chain is doing behind the scenes.
+
+     ```shell
+     npm install express --safe-chain-logging=verbose
+     ```
+
+2. **Environment Variable**:
+
+   ```shell
+   export SAFE_CHAIN_LOGGING=verbose
+   npm install express
+   ```
+
+   Valid values: `silent`, `normal`, `verbose`
+
+   This is useful for setting a default logging level for all package manager commands in your terminal session or CI/CD environment.

 ## Minimum Package Age

--- a/docs/troubleshooting.md
+++ b/docs/troubleshooting.md
@ -48,12 +48,16 @@ These test packages are flagged as malware and should be blocked by Safe Chain.

 ### Logging Options

-Use logging flags to get more information:
+Use logging flags or environment variables to get more information:

 ```bash
 # Verbose mode - detailed diagnostic output for troubleshooting
 npm install express --safe-chain-logging=verbose

+# Or set it globally for all commands in your session
+export SAFE_CHAIN_LOGGING=verbose
+npm install express
+
 # Silent mode - suppress all output except malware blocking
 npm install express --safe-chain-logging=silent
 ```
@ -277,11 +281,16 @@ rm -rf ~/.safe-chain

 ### Enable Verbose Logging

-Get detailed diagnostic output:
+Get detailed diagnostic output using a CLI flag or environment variable:

 ```bash
+# Using CLI flag
 npm install express --safe-chain-logging=verbose
 pip install requests --safe-chain-logging=verbose
+
+# Using environment variable (applies to all commands)
+export SAFE_CHAIN_LOGGING=verbose
+npm install express
 ```

 ### Report Issues