@contrast/fn-inspect - npm Package Compare versions

Comparing version 1.0.1 to 2.0.1

index.js

 'use strict';
-let funcinfo;
-const name = 'funcinfo.node';
+let codeEventsInited, codeEventListener, _interval;
 const version = process.version.split('.')[0].substring(1);
+const codeEventTypes = require('./code-event-types');
 
-try {
-  ({ funcinfo } = require(`./build/Release/${name}`));
-} catch (e) {
-  ({
-    funcinfo
-  } = require(`${__dirname}/${process.platform}-${version}/${name}`));
+codeEventsInited = false;
+
+function modLoad(name) {
+  const locations = [
+    `./build/Debug/${name}`,
+    `./build/Release/${name}`,
+    `${__dirname}/${process.platform}-${version}/${name}`
+  ];
+
+  for (let i = 0; i < locations.length; i++) {
+    try {
+      const mod = require(locations[i]);
+      return mod;
+      // eslint-disable-next-line no-empty
+    } catch (e) {}
+  }
+  throw new Error(`failed to load ${name}`);
 }
 
-/**
- * Retrieves name, type, lineNumber and file from a function reference
- *
- * @param {function} fn function reference to obtain info
- * @return {object}
- */
-module.exports = (fn) => {
-  if (typeof fn === 'function') {
-    const info = funcinfo(fn);
-    info.type = fn.__proto__.constructor.name;
-    info.method = fn.name;
-    return info;
-  } else {
-    return null;
+const { funcinfo } = modLoad('funcinfo.node');
+const codeEvents = modLoad('codeevents.node');
+
+module.exports = {
+  /**
+   * Retrieves name, type, lineNumber and file from a function reference
+   *
+   * @param {function} fn function reference to obtain info
+   * @return {object}
+   */
+  funcinfo: (fn) => {
+    if (typeof fn === 'function') {
+      const info = funcinfo(fn);
+      info.type = fn.__proto__.constructor.name;
+      info.method = fn.name;
+      return info;
+    } else {
+      return null;
+    }
+  },
+
+  /**
+   * Sets the function for processing v8 code events.
+   * Will start listening for code events if not already listening.
+   * starts a timer which polls for an available code event once every 1 ms.
+   *
+   * @param {function} cb callback function to call
+   */
+  setCodeEventListener: (cb) => {
+    if (!codeEventsInited) {
+      codeEvents.init();
+      codeEventsInited = true;
+      codeEventListener = cb;
+      _interval = setInterval(() => {
+        const codeEvent = codeEvents.getNext();
+        if (codeEvent) {
+          codeEvent.type = codeEventTypes[codeEvent.type];
+          codeEvent.ts = new Date(codeEvent.ts);
+          codeEventListener(codeEvent);
+        }
+      }, 1); // TODO configurable frequency?
+    } else {
+      codeEventListener = cb;
+    }
+  },
+
+  /**
+   * Stop listening for v8 code events
+   */
+  stopListening: () => {
+    if (!codeEventsInited) {
+      return;
+    }
+    clearInterval(_interval);
+    codeEvents.deinit();
+    codeEventListener = null;
+    codeEventsInited = false;
   }
 };

package.json

 {
   "name": "@contrast/fn-inspect",
-  "version": "1.0.1",
+  "version": "2.0.1",
   "description": "Retrieve function name and line number from a function reference",
   "main": "index.js",
   "scripts": {
-    "test": "mocha test"
+    "valgrind-test": "valgrind --trace-children=yes --leak-check=full --show-leak-kinds=all mocha --timeout 60000 test",
+    "test": "nyc --reporter=text-summary --reporter=html --report-dir=./coverage mocha test"
   },
@@ -25,3 +26,3 @@ "repository": {
     "hooks": {
-      "pre-commit": "lint-staged"
+      "pre-commit": "lint-staged && npx ls-lint"
     }
@@ -37,2 +38,3 @@ },
     "@contrast/eslint-config": "^2.0.0",
+    "@ls-lint/ls-lint": "^1.8.1",
     "chai": "^4.2.0",
@@ -48,2 +50,3 @@ "eslint": "^6.8.0",
     "node-gyp": "^6.1.0",
+    "nyc": "^15.0.1",
     "prettier": "^1.19.1"
@@ -50,0 +53,0 @@ },

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Native code

Supply chain risk

Contains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.

Found 10 instances in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

No README

Quality

Package does not have a README. This may indicate a failed publish or a low quality package.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

1467181

increased by104.92%

Number of package files

15

increased by50%

Lines of code

110

increased by307.41%

Number of low supply chain risk alerts

1

decreased by-50%

Worsened metrics

Dev dependency count

14

increased by16.67%

Number of medium quality alerts

1

increased byInfinity%

Number of lines in readme file

0

decreased by-100%

Number of medium supply chain risk alerts

11

increased byInfinity%

No dependency changes