@instana/autoprofile
Advanced tools
@instana/autoprofile - npm Package Compare versions
Comparing version 3.6.0 to 3.7.0
@@ -6,2 +6,9 @@ # Change Log | ||
| # [3.7.0](https://github.com/instana/nodejs/compare/v3.6.0...v3.7.0) (2024-05-03) | ||
| ### Features | ||
| - added support for Node v22 ([#1132](https://github.com/instana/nodejs/issues/1132)) ([6d08f43](https://github.com/instana/nodejs/commit/6d08f4359ecc6a936f68988609a311b2422b4f79)) | ||
| - **autoprofile:** added prebuilds for darwin/arm64 linux/arm64 linux/arm ([#1135](https://github.com/instana/nodejs/issues/1135)) ([26f85b0](https://github.com/instana/nodejs/commit/26f85b08984e1155ca1df63db28fb1c6adcf752e)) | ||
| # [3.6.0](https://github.com/instana/nodejs/compare/v3.5.0...v3.6.0) (2024-04-29) | ||
@@ -8,0 +15,0 @@ |
@@ -9,4 +9,6 @@ /* | ||
| const path = require('path'); | ||
| const pkg = require(path.join(__dirname, '/../package.json')); | ||
| const pkg = require(path.join(__dirname, '..', 'package.json')); | ||
| const os = require('os'); | ||
| const semver = require('semver'); | ||
| const nodeGypBuild = require('node-gyp-build'); | ||
| const Utils = require('./utils').Utils; | ||
@@ -25,4 +27,2 @@ const ProfileRecorder = require('./profile_recorder').ProfileRecorder; | ||
| this.version = pkg.version; | ||
| this.addon = undefined; | ||
@@ -91,11 +91,10 @@ | ||
| loadAddon(addonPath) { | ||
| loadAddon() { | ||
| try { | ||
| this.addon = require(addonPath); | ||
| return true; | ||
| // NOTE: will either load the prebuild or the build from build/release | ||
| // During the installation process the build is skipped if a prebuild exists. | ||
| this.addon = nodeGypBuild(path.join(__dirname, '..')); | ||
| } catch (err) { | ||
| // not found | ||
| this.error(`Could not load native autoprofiler addon: ${err.message}`); | ||
| } | ||
| return false; | ||
| } | ||
@@ -114,25 +113,7 @@ | ||
| if (!this.matchVersion('v4.0.0', null)) { | ||
| this.error('Supported Node.js version 4.0.0 or higher'); | ||
| if (!semver.satisfies(process.versions.node, pkg.engines.node)) { | ||
| this.error(`This node.js version ${process.versions.node} is not supported.`); | ||
| return; | ||
| } | ||
| // disable CPU profiler by default for 7.0.0-8.9.3 because of the memory leak. | ||
| if ( | ||
| this.options.disableCpuSampler === undefined && | ||
| (this.matchVersion('v7.0.0', 'v8.9.3') || this.matchVersion('v9.0.0', 'v9.2.1')) | ||
| ) { | ||
| this.log('CPU profiler disabled.'); | ||
| this.options.disableCpuSampler = true; | ||
| } | ||
| // disable allocation profiler by default up to version 8.5.0 because of segfaults. | ||
| if (this.options.disableAllocationSampler === undefined && this.matchVersion(null, 'v8.5.0')) { | ||
| this.log('Allocation profiler disabled.'); | ||
| this.options.disableAllocationSampler = true; | ||
| } | ||
| // load native addon | ||
| let addonFound = false; | ||
| const platform = os.platform(); | ||
@@ -151,25 +132,9 @@ const arch = process.arch; | ||
| let addonPath; | ||
| if (family) { | ||
| addonPath = path.join(__dirname, '..', 'addons', platform, arch, family, abi, 'autoprofile.node'); | ||
| } else { | ||
| addonPath = path.join(__dirname, '..', 'addons', platform, arch, abi, 'autoprofile.node'); | ||
| } | ||
| this.debug(`System: ${platform}, ${family}, ${arch}, ${abi}`); | ||
| this.loadAddon(); | ||
| if (this.loadAddon(addonPath)) { | ||
| addonFound = true; | ||
| this.log(`Using pre-built native addon from ${addonPath}.`); | ||
| } else { | ||
| this.log(`Could not find pre-built addon at ${addonPath}.`); | ||
| if (!this.addon) { | ||
| return; | ||
| } | ||
| if (!addonFound) { | ||
| if (this.loadAddon('../build/Release/autoprofile-addon.node')) { | ||
| this.log('Using built native addon.'); | ||
| } else { | ||
| this.error('Finding/loading of native addon failed. Profiler will not start.'); | ||
| return; | ||
| } | ||
| } | ||
| if (this.profilerDestroyed) { | ||
@@ -294,23 +259,2 @@ this.log('Destroyed profiler cannot be started'); | ||
| matchVersion(min, max) { | ||
| const versionRegexp = /v?(\d+)\.(\d+)\.(\d+)/; | ||
| let m = versionRegexp.exec(process.version); | ||
| const currN = 1e9 * parseInt(m[1], 10) + 1e6 * parseInt(m[2], 10) + 1e3 * parseInt(m[3], 10); | ||
| let minN = 0; | ||
| if (min) { | ||
| m = versionRegexp.exec(min); | ||
| minN = 1e9 * parseInt(m[1], 10) + 1e6 * parseInt(m[2], 10) + 1e3 * parseInt(m[3], 10); | ||
| } | ||
| let maxN = Infinity; | ||
| if (max) { | ||
| m = versionRegexp.exec(max); | ||
| maxN = 1e9 * parseInt(m[1], 10) + 1e6 * parseInt(m[2], 10) + 1e3 * parseInt(m[3], 10); | ||
| } | ||
| return currN >= minN && currN <= maxN; | ||
| } | ||
| debug(message) { | ||
@@ -317,0 +261,0 @@ this.getLogger().debug(message); |
@@ -41,7 +41,2 @@ /* | ||
| if (!this.profiler.matchVersion('v8.1.0', null)) { | ||
| this.profiler.log('Async sampler is supported starting Node.js v8.1.0'); | ||
| return false; | ||
| } | ||
| return true; | ||
@@ -48,0 +43,0 @@ } |
| { | ||
| "name": "@instana/autoprofile", | ||
| "version": "3.6.0", | ||
| "version": "3.7.0", | ||
| "description": "Automatic Node.js Profiler", | ||
@@ -27,9 +27,9 @@ "author": { | ||
| "scripts": { | ||
| "audit": "npm audit ----omit=dev", | ||
| "audit": "npm audit --omit=dev", | ||
| "node_modules:exists": "mkdir -p node_modules", | ||
| "install": "node node-gyp-fallback.js", | ||
| "test": "mocha --config=test/.mocharc.js --require test/hooks.js --sort $(find test -iname '*test.js')", | ||
| "install": "node-gyp-build", | ||
| "test": "mocha --config=test/.mocharc.js --require test/hooks.js --sort $(find test -iname '*test.js' -not -path '*node_modules*')", | ||
| "test:debug": "WITH_STDOUT=true npm run test", | ||
| "test:ci": "mocha --config=test/.mocharc.js --reporter mocha-multi-reporters --reporter-options configFile=reporter-config.json --require test/hooks.js 'test/**/*test.js'", | ||
| "lint": "eslint lib test precompile", | ||
| "test:ci": "echo \"******* Files to be tested:\n $CI_AUTOPROFILE_TEST_FILES\" && if [ -z \"${CI_AUTOPROFILE_TEST_FILES}\" ]; then echo \"No test files have been assigned to this CircleCI executor.\"; else mocha --config=test/.mocharc.js --reporter mocha-multi-reporters --reporter-options configFile=reporter-config.json --require test/hooks.js --sort ${CI_AUTOPROFILE_TEST_FILES}; fi", | ||
| "lint": "eslint lib test", | ||
| "verify": "npm run lint && npm test", | ||
@@ -53,6 +53,11 @@ "prettier": "prettier --write 'lib/**/*.js' 'test/**/*.js'" | ||
| "dependencies": { | ||
| "@instana/core": "3.6.0", | ||
| "@instana/core": "3.7.0", | ||
| "detect-libc": "^2.0.2", | ||
| "nan": "^2.14.2" | ||
| "nan": "^2.14.2", | ||
| "node-gyp-build": "^4.7.1", | ||
| "semver": "^7.5.4" | ||
| }, | ||
| "engines": { | ||
| "node": ">=14.0.0" | ||
| }, | ||
| "main": "index.js", | ||
@@ -62,5 +67,4 @@ "files": [ | ||
| "lib", | ||
| "addons/linux", | ||
| "prebuilds", | ||
| "binding.gyp", | ||
| "node-gyp-fallback.js", | ||
| "CHANGELOG.md" | ||
@@ -72,3 +76,3 @@ ], | ||
| "license": "BSD-3-Clause", | ||
| "gitHead": "7379a55fac8adc467e8acea4a454f6a8a457cb92" | ||
| "gitHead": "6f68ae11ab077147a8ad3420b2213462aeceb8c2" | ||
| } |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Native code
Supply chain riskContains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.
Found 17 instances in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Native code
Supply chain riskContains native code (e.g., compiled binaries or shared libraries). Including native code can obscure malicious behavior.
Found 12 instances in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by184.5%
1260331
- Number of package files
- increased by90.63%
61
- Number of low supply chain risk alerts
- decreased by-60%
2
- Published versions last week
- increased byInfinity%
1
Worsened metrics
- Dependency count
- increased by66.67%
5
- Lines of code
- decreased by-8.09%
1000
- Number of medium supply chain risk alerts
- increased by28.57%
18
Dependency changes
+ Addednode-gyp-build@^4.7.1
+ Addedsemver@^7.5.4
+ Added@instana/core@3.7.0(transitive)
+ Addednode-gyp-build@4.8.4(transitive)
- Removed@instana/core@3.6.0(transitive)
Updated@instana/core@3.7.0