Research
Security News
Kill Switch Hidden in npm Packages Typosquatting Chalk and Chokidar
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
@microsoft/applicationinsights-common
Advanced tools
Microsoft Application Insights Common JavaScript Library
@microsoft/applicationinsights-common is a package that provides common functionalities and types used by the Application Insights JavaScript SDK. It includes telemetry types, enums, and utility functions that are essential for tracking and monitoring web applications.
Telemetry Types
This feature provides various telemetry types such as EventTelemetry and ExceptionTelemetry, which are used to log different kinds of telemetry data.
const { EventTelemetry, ExceptionTelemetry } = require('@microsoft/applicationinsights-common');
const eventTelemetry = new EventTelemetry('myEvent');
const exceptionTelemetry = new ExceptionTelemetry(new Error('Something went wrong'));
console.log(eventTelemetry);
console.log(exceptionTelemetry);
Enums
This feature includes enums like SeverityLevel, which can be used to categorize the severity of telemetry data.
const { SeverityLevel } = require('@microsoft/applicationinsights-common');
console.log(SeverityLevel.Critical);
console.log(SeverityLevel.Warning);
Utility Functions
This feature provides utility functions such as Util.isArray and Util.isString, which are helpful for type checking and other common operations.
const { Util } = require('@microsoft/applicationinsights-common');
const isArray = Util.isArray([1, 2, 3]);
const isString = Util.isString('hello');
console.log(isArray); // true
console.log(isString); // true
The 'applicationinsights' package is the main Application Insights SDK for Node.js. It provides comprehensive functionalities for tracking and monitoring Node.js applications, including telemetry collection, dependency tracking, and performance monitoring. It is more feature-rich compared to @microsoft/applicationinsights-common, which focuses on common types and utilities.
Winston is a popular logging library for Node.js. It provides a flexible and extensible logging system with support for multiple transports, log levels, and formats. While it does not offer the same telemetry-specific features as @microsoft/applicationinsights-common, it is widely used for general logging purposes.
Log4js is another logging library for Node.js, inspired by the Java log4j library. It offers a variety of appenders for different logging outputs and supports log levels and configuration. Similar to winston, it focuses on general logging rather than telemetry data.
Common library for the Application Insights Javascript SDK
See Breaking Changes
npm install -g grunt-cli
npm install
npm run build --silent
npm run test
This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.microsoft.com.
When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repositories using our CLA.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.
As this SDK is designed to enable applications to perform data collection which is sent to the Microsoft collection endpoints the following is required to identify our privacy statement.
The software may collect information about you and your use of the software and send it to Microsoft. Microsoft may use this information to provide services and improve our products and services. You may turn off the telemetry as described in the repository. There are also some features in the software that may enable you and Microsoft to collect data from users of your applications. If you use these features, you must comply with applicable law, including providing appropriate notices to users of your applications together with a copy of Microsoft’s privacy statement. Our privacy statement is located at https://go.microsoft.com/fwlink/?LinkID=824704. You can learn more about data collection and use in the help documentation and our privacy statement. Your use of the software operates as your consent to these practices.
This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft’s Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party’s policies.
FAQs
Microsoft Application Insights Common JavaScript Library
The npm package @microsoft/applicationinsights-common receives a total of 499,123 weekly downloads. As such, @microsoft/applicationinsights-common popularity was classified as popular.
We found that @microsoft/applicationinsights-common demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.