Security News
NIST Misses 2024 Deadline to Clear NVD Backlog
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
@contrast/patcher
Advanced tools
Advanced monkey patching--registers hooks to run in and around functions
@contrast/patcher
Monkey patching.
This was ported directly from the node-agent
but code with every dependency commented out. As a result there are differences in parity.
Removed dependency on AsyncStorage
.
Old Behavior
Pre and post hooks only run when async storage context indicates an active request scope.
New Behavior
Hooks always run, independent of request scope.
Removed dependency on agent
and perf-logger
.
Old Behavior
A configuration setting would allow for logging of perf data of hooks and original function calls.
New Behavior
Performance logging of hooks is non-funcitonal.
Removed the dependency on scopes
.
Old Behavior
One could specify a scope
in the hook options and the original function would be run in that scope. This allowed control over when to run instrumentaion based on current scope value.
Also, the alwaysRun
option forced hooks to run independent of scope state.
New Behavior
There are no notions of scopes yet in v5. Patcher instrumentation always runs.
The scope
and alwaysRun
options are effectively ignored.
Removed the dependency on tracker
.
Old Behavior
We used to short-circuit __add
function if tracker showed all arguments to be untracked.
New Behavior
We do not make this check; no short-circuiting.
FAQs
Advanced monkey patching--registers hooks to run in and around functions
We found that @contrast/patcher demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.