Research
Security News
Kill Switch Hidden in npm Packages Typosquatting Chalk and Chokidar
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
@microsoft/applicationinsights-core-js
Advanced tools
Microsoft Application Insights Core Javascript SDK
@microsoft/applicationinsights-core-js is a core library for Application Insights, which is a part of the Azure Monitor suite. It provides the essential functionalities for collecting and sending telemetry data from your applications to Azure Monitor. This package is typically used as a base for other Application Insights SDKs and can be extended to include additional telemetry features.
Initialization
This code demonstrates how to initialize the Application Insights core library with a given instrumentation key. This is the first step to start collecting telemetry data.
const { ApplicationInsights } = require('@microsoft/applicationinsights-core-js');
const appInsights = new ApplicationInsights({ config: {
instrumentationKey: 'YOUR_INSTRUMENTATION_KEY'
}});
appInsights.loadAppInsights();
Custom Events
This code shows how to track custom events. Custom events can be used to log specific actions or occurrences in your application.
appInsights.trackEvent({ name: 'myCustomEvent', properties: { customProperty: 'customValue' } });
Custom Metrics
This code demonstrates how to track custom metrics. Custom metrics can be used to log numerical data points that are important for your application.
appInsights.trackMetric({ name: 'myCustomMetric', average: 42 });
Exception Tracking
This code shows how to track exceptions. Exception tracking is useful for logging errors and understanding the issues occurring in your application.
try {
throw new Error('Test error');
} catch (e) {
appInsights.trackException({ exception: e });
}
New Relic is a comprehensive monitoring and observability platform. It offers similar functionalities to Application Insights, such as custom event tracking, metrics, and error logging. However, New Relic provides a broader range of integrations and more advanced analytics features.
Datadog is another monitoring and analytics platform that provides similar functionalities, including custom event tracking, metrics, and error logging. Datadog is known for its extensive integrations and real-time monitoring capabilities.
Sentry is a popular error tracking and performance monitoring tool. It focuses more on error tracking and performance monitoring compared to Application Insights, which offers a broader range of telemetry data collection.
Important: If you are looking to add Application Insights to your website/app, please see the applicationinsights-web repository to learn how to get started.
Core SDK layer for next version of application insights javascript SDK.
See Breaking Changes
$ npm install
$ npm run build
$ npm run test
This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.microsoft.com.
When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repositories using our CLA.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.
As this SDK is designed to enable applications to perform data collection which is sent to the Microsoft collection endpoints the following is required to identify our privacy statement.
The software may collect information about you and your use of the software and send it to Microsoft. Microsoft may use this information to provide services and improve our products and services. You may turn off the telemetry as described in the repository. There are also some features in the software that may enable you and Microsoft to collect data from users of your applications. If you use these features, you must comply with applicable law, including providing appropriate notices to users of your applications together with a copy of Microsoft’s privacy statement. Our privacy statement is located at https://go.microsoft.com/fwlink/?LinkID=824704. You can learn more about data collection and use in the help documentation and our privacy statement. Your use of the software operates as your consent to these practices.
This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft’s Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party’s policies.
FAQs
Microsoft Application Insights Core Javascript SDK
The npm package @microsoft/applicationinsights-core-js receives a total of 258,299 weekly downloads. As such, @microsoft/applicationinsights-core-js popularity was classified as popular.
We found that @microsoft/applicationinsights-core-js demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.