New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@instana/shared-metrics

Package Overview
Dependencies
Maintainers
3
Versions
198
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@instana/shared-metrics - npm Package Compare versions

Comparing version 1.132.1 to 1.132.2

6

package.json
{
"name": "@instana/shared-metrics",
"version": "1.132.1",
"version": "1.132.2",
"description": "Internal metrics plug-in package for Node.js monitoring with Instana",

@@ -62,3 +62,3 @@ "author": {

"dependencies": {
"@instana/core": "1.132.1",
"@instana/core": "1.132.2",
"detect-libc": "^1.0.3",

@@ -82,3 +82,3 @@ "event-loop-lag": "^1.4.0",

},
"gitHead": "ce288441e8995f5bd326c50ae8f467d27fc689cf"
"gitHead": "05a4a392340c90788ed075cc205e5b5858ebb815"
}

117

src/util/DependencyDistanceCalculator.js

@@ -60,2 +60,5 @@ /*

}
if (typeof packageJsonPath !== 'string') {
return;
}

@@ -70,35 +73,48 @@ // For each package.json that we find in the dependency tree, we initially increase the global count down latch

// Read the associated package.json and parse it.
fs.readFile(packageJsonPath, { encoding: 'utf8' }, (err, contents) => {
if (err) {
logger.debug(
'Failed to calculate transitive distances for some dependencies, could not read package.json file at %s: %s.',
packageJsonPath,
err.message
);
try {
fs.readFile(packageJsonPath, { encoding: 'utf8' }, (err, contents) => {
if (err) {
logger.debug(
'Failed to calculate transitive distances for some dependencies, could not read package.json file at ' +
'%s: %s.',
packageJsonPath,
err.message
);
// If we cannot parse the package.json or if it does not exist, we need to decrement by 3 immediately because we
// increment the latch by 3 for each node (see above).
this.globalCountDownLatchAllPackages.countDown(3);
return;
}
// If we cannot parse the package.json or if it does not exist, we need to decrement by 3 immediately because
// we increment the latch by 3 for each node (see above).
this.globalCountDownLatchAllPackages.countDown(3);
return;
}
let parsedPackageJson;
try {
parsedPackageJson = JSON.parse(contents);
} catch (parseErr) {
logger.debug(
'Failed to calculate transitive distances for some dependencies, could not parse package.json file at %s: %s',
packageJsonPath,
parseErr.message
);
this.globalCountDownLatchAllPackages.countDown(3);
return;
}
let parsedPackageJson;
try {
parsedPackageJson = JSON.parse(contents);
} catch (parseErr) {
logger.debug(
'Failed to calculate transitive distances for some dependencies, could not parse package.json file at ' +
'%s: %s',
packageJsonPath,
parseErr.message
);
this.globalCountDownLatchAllPackages.countDown(3);
return;
}
// Each call to _calculateDistancesForOneType is guaranteed to decrease the global count down latch by exactly
// one, to offset the increment of 3 that we did for this node in the dependency tree initially.
this._calculateDistancesForOneType(parsedPackageJson.dependencies, distance);
this._calculateDistancesForOneType(parsedPackageJson.peerDependencies, distance);
this._calculateDistancesForOneType(parsedPackageJson.optionalDependencies, distance);
});
// Each call to _calculateDistancesForOneType is guaranteed to decrease the global count down latch by exactly
// one, to offset the increment of 3 that we did for this node in the dependency tree initially.
this._calculateDistancesForOneType(parsedPackageJson.dependencies, distance);
this._calculateDistancesForOneType(parsedPackageJson.peerDependencies, distance);
this._calculateDistancesForOneType(parsedPackageJson.optionalDependencies, distance);
});
} catch (fsReadFileErr) {
// This catch-block is for synchronous errors from fs.readFile, which can also happen in addition to the callback
// being called with an error.
logger.debug(
'Failed to calculate transitive distances for some dependencies, synchronous error from fs.readFile for %s:',
packageJsonPath,
fsReadFileErr
);
this.globalCountDownLatchAllPackages.countDown(3);
}
}

@@ -191,2 +207,10 @@

}
if (typeof packageJsonPath !== 'string') {
localCountDownLatchForThisNode.countDown();
logger.debug(
`Ignoring failure to find the package.json file for dependency ${dependency} for dependency distance ` +
`calculation (package.json path is ${packageJsonPath}/${typeof packageJsonPath}).`
);
return;
}

@@ -211,19 +235,26 @@ // Recurse one level deeper and queue the next package.json path for analysis.

*/
function findPackageJsonFor(dir, callback) {
const pathToCheck = path.join(dir, 'package.json');
fs.stat(pathToCheck, (err, stats) => {
if (err) {
if (err.code === 'ENOENT') {
try {
fs.stat(pathToCheck, (err, stats) => {
if (err) {
if (err.code === 'ENOENT') {
return searchInParentDir(dir, findPackageJsonFor, callback);
} else {
return process.nextTick(callback, err, null);
}
}
if (stats.isFile()) {
return process.nextTick(callback, null, pathToCheck);
} else {
return searchInParentDir(dir, findPackageJsonFor, callback);
} else {
return process.nextTick(callback, err, null);
}
}
if (stats.isFile()) {
return process.nextTick(callback, null, pathToCheck);
} else {
return searchInParentDir(dir, findPackageJsonFor, callback);
}
});
});
} catch (fsStatErr) {
// This catch-block is for synchronous errors from fs.stat, which can also happen in addition to the callback being
// called with an error. The error will be logged in _handleTransitiveDependency.
return process.nextTick(callback, fsStatErr, null);
}
}

@@ -230,0 +261,0 @@

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc