Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@dohyeong2/nestjs-sentry
Advanced tools
Provides an injectable sentry.io client to provide enterprise logging nestjs modules
Provides an injectable sentry.io client to provide enterprise logging nestjs modules
Version 3.x.x will support NestJS 8+. If you need support for NestJS 7 please continue to use Version 2.x.x. Thanks for you support!
@ntegral/nestjs-sentry
implements a module, SentryModule
, which when imported into
your nestjs project provides a Sentry.io client to any class that injects it. This
lets Sentry.io be worked into your dependency injection workflow without having to
do any extra work outside of the initial setup.
npm install --save @ntegral/nestjs-sentry @sentry/node
The following project was created as a sample starter project to get you going... (if needed...).
The simplest way to use @ntegral/nestjs-sentry
is to use SentryModule.forRoot
import { Module } from '@nestjs-common';
import { SentryModule } from '@ntegral/nestjs-sentry';
@Module({
imports: [
SentryModule.forRoot({
dsn: 'sentry_io_dsn',
debug: true | false,
environment: 'dev' | 'production' | 'some_environment',
release: 'some_release', | null, // must create a release in sentry.io dashboard
logLevels: ['debug'] //based on sentry.io loglevel //
}),
],
})
export class AppModule {}
The async way @ntegral/nestjs-sentry
is to use SentryModule.forRootAsync
import { Module } from '@nestjs-common';
import { SentryModule } from '@ntegral/nestjs-sentry';
import { ConfigModule } from '@ntegral/nestjs-config';
import { ConfigService } from '@ntegral/nestjs-config';
@Module({
imports: [
SentryModule.forRootAsync({
imports: [ConfigModule],
useFactory: async (cfg:ConfigService) => ({
dsn: cfg.get('SENTRY_DSN'),
debug: true | false,
environment: 'dev' | 'production' | 'some_environment',
release: 'some_release', | null, // must create a release in sentry.io dashboard
logLevels: ['debug'] //based on sentry.io loglevel //
}),
inject: [ConfigService],
})
]
})
export class AppModule {}
You can then inject the Sentry client into any of your injectables by using a custom decorator
import { Injectable } from '@nestjs/common';
import { InjectSentry, SentryService } from '@ntegral/nestjs-sentry';
@Injectable()
export class AppService {
public constructor(@InjectSentry() private readonly client: SentryService) {
client.instance().captureMessage(message, Sentry.Severity.Log);
client.instance().captureException(exception);
... and more
}
}
You can instruct Nest to use the SentryService as the default logger:
async function bootstrap() {
const app = await NestFactory.create(AppModule, { logger: false });
app.useLogger(SentryService.SentryServiceInstance());
await app.listen(3000);
}
bootstrap();
You can instuct use the SentryService to log non-error messages as breadcrumbs or use the native Sentry.addBreadcrumb method.
import { Injectable } from '@nestjs/common';
import { InjectSentry, SentryService } from '@ntegral/nestjs-sentry';
@Injectable()
export class AppService {
constructor(@InjectSentry() private readonly client: SentryService) {
client.log('AppSevice Loaded','test', true); // creates log asBreadcrumb //
client.instance().addBreadcrumb({level: 'debug' , message: 'How to use native breadcrumb', data: { context: 'WhatEver'}})
client.debug('AppService Debug', 'context');
}
getHello(): string {
return 'Hello World!';
}
}
BREAKING CHANGES: The SentryInterceptor can be used in projects that don't require GraphQL. If you will be needed GraphQL support, use the GraphqlInterceptor. Using the GraphqlInterceptor will create a dependancy for the @nestjs/graphql package.
npm install --save @nestjs/graphql
Using graphql interceptor globally
import { Module } from '@nestjs/common';
import { APP_INTERCEPTOR } from '@nestjs/core';
import { GraphqlInterceptor } from '@ntegral/nestjs-sentry';
@Module({
....
providers: [
{
provide: APP_INTERCEPTOR,
useFactory: () => new GraphqlInterceptor(),
},
],
})
export class AppModule {}
Using the sentry interceptor globally
import { Module } from '@nestjs/common';
import { APP_INTERCEPTOR } from '@nestjs/core';
import { SentryInterceptor } from '@ntegral/nestjs-sentry';
@Module({
....
providers: [
{
provide: APP_INTERCEPTOR,
useFactory: () => new SentryInterceptor({
filters: [{
type: HttpException,
filter: (exception: HttpException) => 500 > exception.getStatus() // Only report 500 errors
}]
}),
}
],
})
export class AppModule {}
Sentry does not flush all the errors by itself, it does it in background so that it doesn't block the main thread. If you kill the nestjs app forcefully some exceptions have to be flushed and logged successfully.
If you want to force that behaviour use the close flag in your options. That is handy if using nestjs as a console
runner. Keep in mind that you need to have app.enableShutdownHooks();
enabled in order
for closing (flushing) to work.
import { Module } from '@nestjs-common';
import { SentryModule } from '@ntegral/nestjs-sentry';
@Module({
imports: [
SentryModule.forRoot({
dsn: 'sentry_io_dsn',
debug: true | false,
environment: 'dev' | 'production' | 'some_environment',
release: 'some_release', | null, // must create a release in sentry.io dashboard
logLevels: ['debug'] //based on sentry.io loglevel //
close: {
enabled: true,
// Time in milliseconds to forcefully quit the application
timeout?: number,
}
}),
],
})
export class AppModule {}
I would greatly appreciate any contributions to make this project better. Please make sure to follow the below guidelines before getting your hands dirty.
git checkout -b my-branch
)Distributed under the ISC License. See LICENSE
for more information.
Copyright © 2019 Ntegral Inc.
FAQs
Provides an injectable sentry.io client to provide enterprise logging nestjs modules
We found that @dohyeong2/nestjs-sentry demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.