Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
com.ebay.opentracing:opentracing-basic
Advanced tools
The OpenTracing API for Java defines the interfaces for how a user interacts with a compliant OpenTracing back-end but leaves it up to the OpenTracing backend implementation to fulfill the API requirements. When creating simple bridge implementations, tracing data ETL operations, or integrating OpenTracing support in constrained environments this can amount to a significant effort in order to define and consistently adhere to the API.
The goal of this library is to attempt to implement the generic semantics of the OpenTracing API and allow for the main implementation details to be provided into the library by the consumer.
This project is currently in beta. The API should be considered to be unstable and the implementation is not yet optimized.
This library is distributed via both jcenter and maven central repositories. The latest version number is represented in the "Download" badge at the top of this page. To use the library, include it as a dependency in your project as follows:
dependencies {
compile 'com.ebay.opentracing:opentracing-basic:${version}'
}
<dependencies>
<dependency>
<groupId>com.ebay.opentracing</groupId>
<artifactId>opentracing-basic</artifactId>
<version>${version}</version>
</dependency>
</dependencies>
At a high level, the use of this library requires the developer to do the following:
Once the above have been setup, usage of the library may be as simple as the following:
TraceContextHandler traceContextHandler = ...
FinishedSpanReceiver receiver = ...
Tracer tracer = new BasicTracerBuilder<>(traceContextHandler, receiver)
.build();
try (Scope scope = tracer.buildSpan("operation").startActive(true)) {
// Measured work
}
To achieve cross-process operation, one or more implementation(s) of the Formatter interface may be supplied in order to define how the trace/span context is applied to a data carrier of a particular type. Once defined, the formatter should be registered at Tracer- creation time as in the following example, replacing the Format with the appropriate type.
Tracer tracer = new BasicTracerBuilder<>(traceContextHandler, receiver)
.registerFormatter(Format.Builtin.TEXT_MAP, formatter)
.build();
The Basic Tracer implementation will then leverage the provided formatter for inject and extract operations.
When the tracer implementation is creating a new span instance, it provides the opportunity to hook into the creation process by providing a SpanInitiator instance. This allows integration at the front-end of the span whereas the span receiver allows for integration at the back-end.
When called, the initiator should leverage the provided initiator context to create and return the Span instance. The initiator instance can use this opportunity to decorate or populate data within the span before being used at the call point.
Custom initiators are registered with the Tracer though the BasicTracerBuilder
:
SpanInitiator initiator = ...
Tracer tracer = new BasicTracerBuilder<>(traceContextHandler, receiver)
.spanInitiator(initiator)
.build();
FAQs
OpenTracing Basic Bridge Implementation API
We found that com.ebay.opentracing:opentracing-basic demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.