Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
sourcegraph.com/sourcegraph/appdash
Appdash is an application tracing system for Go, based on Google's Dapper and Twitter's Zipkin.
Appdash allows you to trace the end-to-end handling of requests and operations in your application (for perf and debugging). It displays timings and application-specific metadata for each step, and it displays a tree and timeline for each request and its children.
To use appdash, you must instrument your application with calls to an appdash recorder. You can record any type of event or operation. Recorders and schemas for HTTP (client and server) and SQL are provided, and you can write your own.
To install appdash, run:
go get -u sourcegraph.com/sourcegraph/appdash/cmd/...
A standalone example using Negroni and Gorilla packages is available in the examples/cmd/webapp
folder.
A demo / pure net/http
application (which is slightly more verbose) is also available at cmd/appdash/example_app.go
, and it can be ran easily using appdash demo
on the command line.
Questions or comments? Join us on #sourcegraph in the Gophers slack!
Appdash uses vfsgen to package HTML templates with the appdash binary for
distribution. This means that if you want to modify the template data in traceapp/tmpl
you can first build using the dev
build tag, which makes the template data be reloaded from disk live.
After you're finished making changes to the templates, always run go generate sourcegraph.com/sourcegraph/appdash/traceapp/tmpl
so that the data_vfsdata.go
file is updated for normal Appdash users that aren't interested in modifying the template data.
Appdash follows the design and naming conventions of Google's Dapper. You should read that paper if you are curious about why certain architectural choices were made.
There are 4 main components/concepts in appdash:
Appdash has clients available for Go, Python (see python/
subdir) and Ruby (see https://github.com/bsm/appdash-rb).
Appdash supports the OpenTracing API. Please see the
opentracing
subdir for the Go implementation, or see the GoDoc
for API documentation.
appdash was influenced by, and uses code from, Coda Hale's lunk.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.