Research
Security News
Kill Switch Hidden in npm Packages Typosquatting Chalk and Chokidar
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
@microsoft/applicationinsights-dependencies-js
Advanced tools
Microsoft Application Insights XHR dependencies plugin
@microsoft/applicationinsights-dependencies-js is a JavaScript library that provides automatic collection of dependency telemetry for applications using Application Insights. It helps in tracking HTTP dependencies and AJAX calls, allowing developers to monitor the performance and reliability of their web applications.
Track HTTP Dependencies
This feature allows you to track HTTP dependencies automatically. By integrating the AjaxPlugin with Application Insights, you can monitor all HTTP requests made by your application.
const { ApplicationInsights } = require('@microsoft/applicationinsights-web');
const { AjaxPlugin } = require('@microsoft/applicationinsights-dependencies-js');
const appInsights = new ApplicationInsights({
config: {
instrumentationKey: 'YOUR_INSTRUMENTATION_KEY',
extensions: [new AjaxPlugin()]
}
});
appInsights.loadAppInsights();
appInsights.trackPageView();
Track AJAX Calls
This feature allows you to track AJAX calls made by your application. The AjaxPlugin automatically captures and logs these calls, providing insights into the performance and reliability of your AJAX requests.
const { ApplicationInsights } = require('@microsoft/applicationinsights-web');
const { AjaxPlugin } = require('@microsoft/applicationinsights-dependencies-js');
const appInsights = new ApplicationInsights({
config: {
instrumentationKey: 'YOUR_INSTRUMENTATION_KEY',
extensions: [new AjaxPlugin()]
}
});
appInsights.loadAppInsights();
// Example AJAX call
const xhr = new XMLHttpRequest();
xhr.open('GET', 'https://api.example.com/data', true);
xhr.send();
Axios is a popular promise-based HTTP client for the browser and Node.js. While it does not provide automatic telemetry collection like @microsoft/applicationinsights-dependencies-js, it is often used in conjunction with monitoring tools to manually track HTTP requests.
Fetch-mock is a library for mocking HTTP requests made using the Fetch API. It is useful for testing and development purposes but does not provide automatic telemetry collection. It can be used alongside monitoring tools to simulate and track HTTP requests.
Superagent is a small, progressive client-side HTTP request library. It provides a flexible API for making HTTP requests but does not include built-in telemetry collection. Developers often use it with other monitoring tools to track and log HTTP requests.
Dependencies Plugin for the Application Insights Javascript SDK
npm install -g grunt-cli
npm install
npm run build
npm run test
This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.microsoft.com.
When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.
FAQs
Microsoft Application Insights XHR dependencies plugin
The npm package @microsoft/applicationinsights-dependencies-js receives a total of 307,115 weekly downloads. As such, @microsoft/applicationinsights-dependencies-js popularity was classified as popular.
We found that @microsoft/applicationinsights-dependencies-js demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.