Research
Security News
Malicious PyPI Package ‘pycord-self’ Targets Discord Developers with Token Theft and Backdoor Exploit
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
@opentelemetry/api-metrics
Advanced tools
This package provides everything needed to interact with the unstable OpenTelemetry Metrics API, including all TypeScript interfaces, enums, and no-op implementations. It is intended for use both on the server and in the browser.
The metrics API is considered alpha software and there is no guarantee of stability or long-term support. When the API is stabilized, it will be made available and supported long-term in the @opentelemetry/api
package and this package will be deprecated.
To get started you need to install the SDK and instrumentations, create a MeterProvider, and register it with the API.
$ # Install metrics dependencies
$ npm install \
@opentelemetry/api-metrics \
@opentelemetry/sdk-metrics-base \
@opentelemetry/exporter-prometheus # add exporters as needed
Note: this example is for node.js. See examples/tracer-web for a browser example.
Before any other module in your application is loaded, you must initialize the global tracer and meter providers. If you fail to initialize a provider, no-op implementations will be provided to any library which acquires them from the API.
To collect traces and metrics, you will have to tell the SDK where to export telemetry data to. This example uses Jaeger and Prometheus, but exporters exist for other tracing backends. If you're not sure if there is an exporter for your tracing backend, contact your tracing provider.
const api = require("@opentelemetry/api-metrics");
const { MeterProvider } = require("@opentelemetry/sdk-metrics-base");
const { PrometheusExporter } = require("@opentelemetry/exporter-prometheus");
const meterProvider = new MeterProvider({
// The Prometheus exporter runs an HTTP server which
// the Prometheus backend scrapes to collect metrics.
exporter: new PrometheusExporter({ startServer: true }),
interval: 1000,
});
/**
* Registering the provider with the API allows it to be discovered
* and used by instrumentation libraries.
*/
api.metrics.setGlobalMeterProvider(meterProvider);
Because the npm installer and node module resolution algorithm could potentially allow two or more copies of any given package to exist within the same node_modules
structure, the OpenTelemetry API takes advantage of a variable on the global
object to store the global API. When an API method in the API package is called, it checks if this global
API exists and proxies calls to it if and only if it is a compatible API version. This means if a package has a dependency on an OpenTelemetry API version which is not compatible with the API used by the end user, the package will receive a no-op implementation of the API.
If you are writing an instrumentation library, or prefer to call the API methods directly rather than using the register
method on the Tracer/Meter Provider, OpenTelemetry provides direct access to the underlying API methods through the @opentelemetry/api-metrics
package. API entry points are defined as global singleton objects trace
, metrics
, propagation
, and context
which contain methods used to initialize SDK implementations and acquire resources from the API.
const api = require("@opentelemetry/api-metrics");
/* Initialize MeterProvider */
api.metrics.setGlobalMeterProvider(meterProvider);
/* returns meterProvider (no-op if a working provider has not been initialized) */
api.metrics.getMeterProvider();
/* returns a meter from the registered global meter provider (no-op if a working provider has not been initialized) */
api.metrics.getMeter(name, version);
Apache 2.0 - See LICENSE for more information.
1.0.1 / Experimental 0.27.0
opentelemetry-core
opentelemetry-core
opentelemetry-semantic-conventions
opentelemetry-core
, opentelemetry-sdk-trace-base
opentelemetry-core
opentelemetry-exporter-zipkin
opentelemetry-core
opentelemetry-sdk-trace-base
, opentelemetry-sdk-trace-node
, opentelemetry-sdk-trace-web
opentelemetry-context-async-hooks
, opentelemetry-context-zone-peer-dep
, opentelemetry-core
, opentelemetry-exporter-jaeger
, opentelemetry-exporter-zipkin
, opentelemetry-propagator-b3
, opentelemetry-propagator-jaeger
, opentelemetry-resources
, opentelemetry-sdk-trace-base
, opentelemetry-sdk-trace-node
, opentelemetry-sdk-trace-web
, opentelemetry-shim-opentracing
opentelemetry-core
FAQs
Public metrics API for OpenTelemetry
The npm package @opentelemetry/api-metrics receives a total of 626,509 weekly downloads. As such, @opentelemetry/api-metrics popularity was classified as popular.
We found that @opentelemetry/api-metrics demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
Security News
The UK is proposing a bold ban on ransomware payments by public entities to disrupt cybercrime, protect critical services, and lead global cybersecurity efforts.
Security News
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.