Product
Socket Now Supports uv.lock Files
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.
@envelop/prometheus
Advanced tools
This plugin tracks the complete execution flow, and reports metrics using Prometheus tracing (based on `prom-client`).
@envelop/prometheus
This plugin tracks the complete execution flow, and reports metrics using Prometheus tracing (based
on prom-client
).
You can opt-in to collect tracing from the following phases:
requestCount
)requestSummary
)phase
)parse
execution timevalidate
execution timecontextBuilding
execution timeexecute
execution timeYou can also customize each phase reporter, and add custom metadata and labels to the metrics.
yarn add prom-client @envelop/prometheus
import { execute, parse, specifiedRules, subscribe, validate } from 'graphql'
import { envelop, useEngine } from '@envelop/core'
import { usePrometheus } from '@envelop/prometheus'
const getEnveloped = envelop({
plugins: [
useEngine({ parse, validate, specifiedRules, execute, subscribe }),
// ... other plugins ...
usePrometheus({
// all optional, and by default, all set to false, please opt-in to the metrics you wish to get
requestCount: true, // requires `execute` to be true as well
requestSummary: true, // requires `execute` to be true as well
parse: true,
validate: true,
contextBuilding: true,
execute: true,
errors: true,
resolvers: true, // requires "execute" to be `true` as well
resolversWhitelist: ['Mutation.*', 'Query.user'], // reports metrics als for these resolvers, leave `undefined` to report all fields
deprecatedFields: true,
registry: myRegistry // If you are using a custom prom-client registry, please set it here
})
]
})
Note: Tracing resolvers using
resolvers: true
might have a performance impact on your GraphQL runtime. Please consider to test it locally first and then decide if it's needed.
You can customize the prom-client
Registry
object if you are using a custom one, by passing it
along with the configuration object:
import { execute, parse, specifiedRules, subscribe, validate } from 'graphql'
import { Registry } from 'prom-client'
import { envelop, useEngine } from '@envelop/core'
const myRegistry = new Registry()
const getEnveloped = envelop({
plugins: [
useEngine({ parse, validate, specifiedRules, execute, subscribe }),
// ... other plugins ...
usePrometheus({
// ... config ...
registry: myRegistry
})
]
})
Note: if you are using custom
prom-client
instances, you need to make sure to pass your registry there as well.
If you wish to disable introspection logging, you can use skipIntrospection: true
in your config
object.
prom-client
instancesEach tracing field supports custom prom-client
objects, and custom labels
a metadata, you can
create a custom extraction function for every Histogram
/ Summary
/ Counter
:
import { execute, parse, specifiedRules, subscribe, validate } from 'graphql'
import { Histogram, register as registry } from 'prom-client'
import { envelop, useEngine } from '@envelop/core'
import { createHistogram, usePrometheus } from '@envelop/prometheus'
const getEnveloped = envelop({
plugins: [
useEngine({ parse, validate, specifiedRules, execute, subscribe }),
// ... other plugins ...
usePrometheus({
// all optional, and by default, all set to false, please opt-in to the metrics you wish to get
parse: createHistogram({
registry: registry // make sure to add your custom registry, if you are not using the default one
histogram: new Histogram({
name: 'my_custom_name',
help: 'HELP ME',
labelNames: ['opText'] as const,
}),
fillLabelsFn: params => {
// if you wish to fill your `labels` with metadata, you can use the params in order to get access to things like DocumentNode, operationName, operationType, `error` (for error metrics) and `info` (for resolvers metrics)
return {
opText: print(params.document)
}
}
})
})
]
})
Due to Prometheus client API limitations, if this plugin is initialized multiple times, only the metrics configuration of the first initialization will be applied.
If necessary, use a different registry instance for each plugin instance, or clear the registry before plugin initialization.
function usePrometheusWithRegistry() {
// create a new registry instance for each plugin instance
const registry = new Registry()
// or just clear the registry if you use only on plugin instance at a time
registry.clear()
return usePrometheus({
registry,
...
})
}
Keep in mind that this implies potential data loss in pull mode if some data is produced between last pull and the re-initialization of the plugin.
FAQs
This plugin tracks the complete execution flow, and reports metrics using Prometheus tracing (based on `prom-client`).
The npm package @envelop/prometheus receives a total of 6,233 weekly downloads. As such, @envelop/prometheus popularity was classified as popular.
We found that @envelop/prometheus demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.
Research
Security News
Socket researchers have discovered multiple malicious npm packages targeting Solana private keys, abusing Gmail to exfiltrate the data and drain Solana wallets.
Security News
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.