Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@microsoft/applicationinsights-cfgsync-js
Advanced tools
Microsoft Application Insights CfgSync Plugin
Application Insights CfgSync Plugin enables configuration change communication among mutiple instances. Refer to our GitHub page for more details on getting started.
Name | Type | Default | Description |
---|---|---|---|
syncMode | ICfgSyncMode [Optional] | Broadcast | Sync mode of current instance. If set to None , current instance will NOT receive or broadcast config changes. If set to Broadcast , current instance will ONLY broadcast changes. If set to Receive , instance will ONLY receive config changes but NOT broadcast config changes. |
customEvtName | string [Optional] | ai_cfgsync | Event name for sending or listening to configuration change details. |
cfgUrl | string [Optional] | null | CDN endpoint for fetching configuration. If cfgUrl is defined, instance will NOT listen to core configuration changes. Details defined in the CDN endpoint should follow ICfgSyncCdnConfig interface. |
blkCdnCfg | boolean [Optional] | false | Determines if fetching the CDN endpoint should be blocked or not. |
onCfgChangeReceive | function [Optional] | null | Overrides callback function to handle event details when changes are received via event listener. |
overrideSyncFn | function [Optional] | null | Overrides sync() function to broadcast changes. |
overrideFetchFn | function [Optional] | null | Overrides fetch function to get config from cfgUrl when cfgUrl is defined. |
nonOverrideConfigs | NonOverrideCfg [Optional] | {instrumentationKey: true, connectionString: true, endpointUrl: true } | When current instance is set with syncMode: Receive , config fields under nonOverrideConfigs will NOT be changed by any confif details sent out from other instances. NOTE: this config will be ONLY applied during initialization, so it won't be changed dynamically. |
scheduleFetchTimeout | number [Optional] | 30 mins | Identifies the time interval (in milliseconds) for fetching config details from cfgUrl when cfgUrl is defined. If set to 0, the fetch operation will only be called once during initialization. |
This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.microsoft.com.
When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repositories using our CLA.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.
As this SDK is designed to enable applications to perform data collection which is sent to the Microsoft collection endpoints the following is required to identify our privacy statement.
The software may collect information about you and your use of the software and send it to Microsoft. Microsoft may use this information to provide services and improve our products and services. You may turn off the telemetry as described in the repository. There are also some features in the software that may enable you and Microsoft to collect data from users of your applications. If you use these features, you must comply with applicable law, including providing appropriate notices to users of your applications together with a copy of Microsoft’s privacy statement. Our privacy statement is located at https://go.microsoft.com/fwlink/?LinkID=824704. You can learn more about data collection and use in the help documentation and our privacy statement. Your use of the software operates as your consent to these practices.
This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft’s Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party’s policies.
FAQs
Microsoft Application Insights CfgSync Plugin
We found that @microsoft/applicationinsights-cfgsync-js demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.