Security News
Deno 2.6 + Socket: Supply Chain Defense In Your CLI
Deno 2.6 introduces deno audit with a new --socket flag that plugs directly into Socket to bring supply chain security checks into the Deno CLI.
By Sarah Gooding -  Dec 12, 2025
🚨 Shai-Hulud Strikes Again:834 Packages Compromised.Technical Analysis →
@andrewosh/tracing-framework
Advanced tools
@andrewosh/tracing-framework
Web Tracing Framework instrumentation and analysis library.
Web Tracing Framework
The Web Tracing Framework is a set of libraries, tools, and visualizers for the tracing and investigation of complex web applications. You spend a small amount of time instrumenting your code and it helps you discover performance problems, track regressions, and build buttery-smooth 60fps web apps.
This is still very much a work in progress, and not designed to work for all applications. If you find issues when using it with your application please contribute fixes!
For documentation, tutorials, etc see the main Web Tracing Framework website.
For a list of known issues see KNOWN_ISSUES or the Github issues list.
Setup
See building for instructions and testing for information on running the various tests.
Quickstart
Just want the extension as fast as possible?
umask 0022
git clone https://github.com/google/tracing-framework.git
cd tracing-framework/
./scripts/setup.sh # or setup.bat on Windows
source wtfrc && deployext
# At chrome://extensions load unpacked extension from
# build-bin/wtf-injector-chrome
If you pull new changes, just redeploy:
git pull && git submodule update
deployext
# Reload from chrome://extensions
For more information and other build options, see building.
License
All code except dependencies under third_party/ is licensed under the permissive BSD license. Feel free to fork/rip/etc and use as you wish!
Contributing
Have a fix or feature? Submit a pull request - we love them! Note that we do keep to the style_guide, so please check it out first!
As this is a Google project, you must first e-sign the Google Contributor License Agreement before we can accept any code. It takes only a second and basically just says you won't sue us or claim copyright of your submitted code.
FAQs
Web Tracing Framework instrumentation and analysis library.
The npm package @andrewosh/tracing-framework receives a total of 1 weekly downloads. As such, @andrewosh/tracing-framework popularity was classified as not popular.
We found that @andrewosh/tracing-framework demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 11 Mar 2018
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
New React Server Components Vulnerabilities: DoS and Source Code Exposure
New DoS and source code exposure bugs in React Server Components and Next.js: what’s affected and how to update safely.
By Sarah Gooding -  Dec 12, 2025
Security News
Software Engineering Daily Podcast: Feross on AI, Open Source, and Supply Chain Risk
Socket CEO Feross Aboukhadijeh joins Software Engineering Daily to discuss modern software supply chain attacks and rising AI-driven security risks.
By Sarah Gooding -  Dec 11, 2025