Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@appland/appmap-agent-js
Advanced tools
`appmap-agent-js` is a JavaScript recording agent for the [AppMap](https://appland.org) framework.
appmap-agent-js
appmap-agent-js
is a JavaScript recording agent for the AppMap framework.
appmap-agent-js
records AppMaps from Node.js processes when they run. There are two recommended strategies for recording AppMaps when getting started:
mocha
test cases when they run.appmap-agent-js
starts the test and application processes that will be recorded.
Supported platforms:
Please open a new GitHub ticket if your application does not satisfy the criteria or if you experience any problems with the agent.
Run this command in your Node.js project folder (where package.json
is located):
npx @appland/appmap install
You will be guided through a series of steps for installing and configuring the agent.
To use remote recording, and view and interact with recorded AppMaps, we recommend installing the AppMap extension for popular code editors:
The agent requires a valid configuration in appmap.yml
file. The install
command creates a default appmap.yml
file by scanning the project directories. We recommend that you review the generated appmap.yml
file
and confirm your application name and a list of directories that will be recorded.
For projects with JavaScript source maps: add paths to sources to be recorded. For example:
name: MyApp
packages:
- path: src/server/controllers
- path: src/server/data
- path: src/server/lib
- path: src/server/models
- path: src/server/routes
For projects without JavaScript source maps: include build folders. For example:
name: MyApp
packages:
- path: dist/controllers
- path: dist/data
- path: dist/lib
- path: dist/models
- path: dist/routes
If you aren't sure which option to take, start with both source and build folders and optimize the appmap.yml
file later.
Once appmap.yml
is configured for your project, you're ready to record AppMaps.
appmap-agent-js
with the mocha
command and its parameters following the --
delimiter. For example:npx appmap-agent-js -- mocha test/**/*.ts
appmap-agent-js
will run the tests. When the tests are complete, the AppMaps will be stored in the default output directory tmp/appmap/mocha
.appmap-agent-js
with the application-starting command and its parameters following the --
delimiter. For example:npx appmap-agent-js -- node app/main.js --param1 hello --param2=world
appmap-agent-js
will start the app and inject itself in its http stack. It will listen for remote recording requests on all http ports of the application.appmap.yml
Recorded AppMap are saved as .appmap.json
files in the project folders (default location: tmp/appmap
.)
Follow the documentation for your IDE to open the recorded .appmap.json
files:
The most frequently used appmap-agent-js
parameters are:
--recorder=[mocha|remote|process]
: process recorder
mocha
if the the command contains mocha
remote
in all other casesmocha
recorder records AppMaps from test cases automaticallyremote
recorder has to be started and stopped manually with http requestsprocess
recorder records entire processes automatically, from start to finish
process
recorder can be excessively large and noisy.--command="_start command_"
: alternate method of specifying the app- or tests-starting command, wrapped in quotes--log-level=[debug|info|warning|error]
: defaults to info
--log-file=_file_
: location of log file, defaults to stderr
--appmap-dir=_directory_
: location of recorded AppMap files, default is tmp/appmap
.npx appmap-agent-js --recorder=mocha --command="mocha test/**/*.ts" --log-level=error
11.3.0 (2022-09-09)
FAQs
`appmap-agent-js` is a JavaScript recording agent for the [AppMap](https://appmap.io) framework.
The npm package @appland/appmap-agent-js receives a total of 496 weekly downloads. As such, @appland/appmap-agent-js popularity was classified as not popular.
We found that @appland/appmap-agent-js demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.