Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@opentelemetry/api-events
Advanced tools
This package provides everything needed to interact with the unstable OpenTelemetry Events API, including all TypeScript interfaces, enums, and no-op implementations. It is intended for use both on the server and in the browser.
The events API is considered alpha software and there is no guarantee of stability or long-term support. When the API is stabilized, it will be made available and supported long-term in the @opentelemetry/api
package and this package will be deprecated.
Purposefully left blank until SDK is available.
Because the npm installer and node module resolution algorithm could potentially allow two or more copies of any given package to exist within the same node_modules
structure, the OpenTelemetry API takes advantage of a variable on the global
object to store the global API. When an API method in the API package is called, it checks if this global
API exists and proxies calls to it if and only if it is a compatible API version. This means if a package has a dependency on an OpenTelemetry API version which is not compatible with the API used by the end user, the package will receive a no-op implementation of the API.
If you are writing an instrumentation library, or prefer to call the API methods directly rather than using the register
method on the Tracer/Meter/Logger Provider, OpenTelemetry provides direct access to the underlying API methods through the @opentelemetry/api-events
package. API entry points are defined as global singleton objects trace
, metrics
, logs
, events
, propagation
, and context
which contain methods used to initialize SDK implementations and acquire resources from the API.
const api = require("@opentelemetry/api-events");
/* A specific implementation of EventEmitterProvider comes from an SDK */
const eventEmitterProvider = createEventEmitterProvider();
/* Initialize EventEmitterProvider */
api.events.setGlobalEventEmitterProvider(eventEmitterProvider);
/* returns eventEmitterProvider (no-op if a working provider has not been initialized) */
api.events.getEventEmitterProvider();
/* returns an event emitter from the registered global event emitter provider (no-op if a working provider has not been initialized) */
const eventEmitter = api.events.getEventEmitter(name, version);
// logging an event in an instrumentation library
eventEmitter.emit({ name: 'event-name', domain: 'event-domain' });
Apache 2.0 - See LICENSE for more information.
FAQs
Public events API for OpenTelemetry
We found that @opentelemetry/api-events demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.