Security News
pnpm 10.0.0 Blocks Lifecycle Scripts by Default
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
@microsoft/applicationinsights-dependencies-js
Advanced tools
Microsoft Application Insights XHR dependencies plugin
@microsoft/applicationinsights-dependencies-js is a JavaScript library that provides automatic collection of dependency telemetry for applications using Application Insights. It helps in tracking HTTP dependencies and AJAX calls, allowing developers to monitor the performance and reliability of their web applications.
Track HTTP Dependencies
This feature allows you to track HTTP dependencies automatically. By integrating the AjaxPlugin with Application Insights, you can monitor all HTTP requests made by your application.
const { ApplicationInsights } = require('@microsoft/applicationinsights-web');
const { AjaxPlugin } = require('@microsoft/applicationinsights-dependencies-js');
const appInsights = new ApplicationInsights({
config: {
instrumentationKey: 'YOUR_INSTRUMENTATION_KEY',
extensions: [new AjaxPlugin()]
}
});
appInsights.loadAppInsights();
appInsights.trackPageView();
Track AJAX Calls
This feature allows you to track AJAX calls made by your application. The AjaxPlugin automatically captures and logs these calls, providing insights into the performance and reliability of your AJAX requests.
const { ApplicationInsights } = require('@microsoft/applicationinsights-web');
const { AjaxPlugin } = require('@microsoft/applicationinsights-dependencies-js');
const appInsights = new ApplicationInsights({
config: {
instrumentationKey: 'YOUR_INSTRUMENTATION_KEY',
extensions: [new AjaxPlugin()]
}
});
appInsights.loadAppInsights();
// Example AJAX call
const xhr = new XMLHttpRequest();
xhr.open('GET', 'https://api.example.com/data', true);
xhr.send();
Axios is a popular promise-based HTTP client for the browser and Node.js. While it does not provide automatic telemetry collection like @microsoft/applicationinsights-dependencies-js, it is often used in conjunction with monitoring tools to manually track HTTP requests.
Fetch-mock is a library for mocking HTTP requests made using the Fetch API. It is useful for testing and development purposes but does not provide automatic telemetry collection. It can be used alongside monitoring tools to simulate and track HTTP requests.
Superagent is a small, progressive client-side HTTP request library. It provides a flexible API for making HTTP requests but does not include built-in telemetry collection. Developers often use it with other monitoring tools to track and log HTTP requests.
Dependencies Plugin for the Application Insights Javascript SDK
npm install -g grunt-cli
npm install
npm run build --silent
npm run test
import { ApplicationInsights } from '@microsoft/applicationinsights-web';
import { AjaxPlugin } from '@microsoft/applicationinsights-dependencies-js';
const dependencyPlugin = new AjaxPlugin();
const appInsights = new ApplicationInsights({
config: {
connectionString: 'InstrumentationKey=YOUR_INSTRUMENTATION_KEY_GOES_HERE',
extensions: [dependencyPlugin],
extensionConfig: {
[dependencyPlugin.identifier]: {
ignoreHeaders:[
"Authorization",
"X-API-Key",
"WWW-Authenticate"
]
}
}
}
});
appInsights.loadAppInsights();
appInsights.trackPageView(); // Manually call trackPageView to establish the current user/session/pageview
This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.microsoft.com.
When you submit a pull request, a CLA-bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., label, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repositories using our CLA.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.
As this SDK is designed to enable applications to perform data collection which is sent to the Microsoft collection endpoints the following is required to identify our privacy statement.
The software may collect information about you and your use of the software and send it to Microsoft. Microsoft may use this information to provide services and improve our products and services. You may turn off the telemetry as described in the repository. There are also some features in the software that may enable you and Microsoft to collect data from users of your applications. If you use these features, you must comply with applicable law, including providing appropriate notices to users of your applications together with a copy of Microsoft’s privacy statement. Our privacy statement is located at https://go.microsoft.com/fwlink/?LinkID=824704. You can learn more about data collection and use in the help documentation and our privacy statement. Your use of the software operates as your consent to these practices.
This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft’s Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party’s policies.
FAQs
Microsoft Application Insights XHR dependencies plugin
We found that @microsoft/applicationinsights-dependencies-js demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.
Research
Security News
Socket researchers have discovered multiple malicious npm packages targeting Solana private keys, abusing Gmail to exfiltrate the data and drain Solana wallets.