Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@appland/appmap-agent-js
Advanced tools
`appmap-agent-js` is a JavaScript recording agent for the [AppMap](https://appmap.io) framework.
appmap-agent-js
appmap-agent-js
is a JavaScript recording agent for the AppMap framework.
appmap-agent-js
records AppMaps from Node.js processes when they run. There are several strategies for recording AppMaps:
Supported platforms:
Please open a new GitHub ticket if your application does not satisfy the criteria or if you experience any problems with the agent.
Run this command in your Node.js project folder (where package.json
is located):
npx @appland/appmap install
You will be guided through a series of steps for installing and configuring the agent.
Alternatively, the agent can be directly installed as a normal npm package:
npm install --save-dev @appland/appmap-agent-js
To use remote recording, and view and interact with recorded AppMaps, we recommend installing the AppMap extension for popular code editors:
The agent will read configuration options from a file named appmap.yml
. If this file does not exist a default one will be created. Note that the install
command creates a suitable appmap.yml
file by scanning the project directories. We recommend that you review any generated appmap.yml
file and confirm your application name and a list of directories that will be recorded.
For projects with JavaScript source maps: add paths to sources to be recorded. For example:
name: MyApp
packages:
- path: src/server/controllers
- path: src/server/data
- path: src/server/lib
- path: src/server/models
- path: src/server/routes
For projects without JavaScript source maps: include build folders. For example:
name: MyApp
packages:
- path: dist/controllers
- path: dist/data
- path: dist/lib
- path: dist/models
- path: dist/routes
If you aren't sure which option to take, start with both source and build folders and optimize the appmap.yml
file later.
Once appmap.yml
is configured for your project, you're ready to record AppMaps.
npx appmap-agent-js --
For example:npx appmap-agent-js -- mocha 'test/**/*.ts'
npm run test
does not work, only direct invocation of testing frameworks are currently supported
3. appmap-agent-js
will run the tests. When the tests are complete, the AppMaps will be stored in the default output directory tmp/appmap/(mocha|jest)
.
npx appmap-agent-js --recorder=remote --
. For example:npx appmap-agent-js --recorder=remote -- node app/main.js --param1 hello --param2=world
appmap-agent-js
will start the app and inject itself in its http stack. It will listen for remote recording requests on all http ports of the application.appmap.yml
npx appmap-agent-js --recorder=process --
. For example:npx appmap-agent-js --recorder=process -- node app/main.js --arg1 val1 --arg2=val2
tmp/appmap/process
.Recorded AppMap are saved as .appmap.json
files in the project folders (default location: tmp/appmap
).
Follow the documentation for your IDE to open the recorded .appmap.json
files:
The most frequently used appmap-agent-js
parameters are:
--recorder=[mocha|jest|remote|process]
: process recorder
mocha
if the the command contains mocha
jest
if the command contains jest
process
in all other casesmocha
and jest
recorders record AppMaps from test cases automaticallyremote
recorder has to be started and stopped manually with http requestsprocess
recorder records entire processes automatically, from start to finish
process
recorder can be excessively large and noisy.--command="_start command_"
: alternate method of specifying the app- or tests-starting command, wrapped in quotes--log-level=[debug|info|warning|error]
: defaults to info
--log-file=_file_
: location of log file, defaults to stderr
--appmap-dir=_directory_
: location of recorded AppMap files, default is tmp/appmap
.npx appmap-agent-js --recorder=mocha --command='mocha "test/**/*.ts"' --log-level=error
FAQs
`appmap-agent-js` is a JavaScript recording agent for the [AppMap](https://appmap.io) framework.
The npm package @appland/appmap-agent-js receives a total of 496 weekly downloads. As such, @appland/appmap-agent-js popularity was classified as not popular.
We found that @appland/appmap-agent-js demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.