Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@opentelemetry/context-zone-peer-dep
Advanced tools
OpenTelemetry Context Zone with peer dependency for zone.js
@opentelemetry/context-zone-peer-dep is a package that provides context management capabilities using Zone.js. It is part of the OpenTelemetry project, which is a set of APIs, libraries, agents, and instrumentation to provide observability for applications.
Context Management
This feature allows you to manage context using Zone.js. The code sample demonstrates how to set the global context manager to use ZoneContextManager, create a new context, and run a function within that context.
const { context, setGlobalContextManager } = require('@opentelemetry/api');
const { ZoneContextManager } = require('@opentelemetry/context-zone-peer-dep');
// Set the global context manager to use ZoneContextManager
setGlobalContextManager(new ZoneContextManager());
// Create a new context
const ctx = context.active().setValue('key', 'value');
// Run a function within the context
context.with(ctx, () => {
console.log(context.active().getValue('key')); // Outputs: 'value'
});
@opentelemetry/context-async-hooks provides context management using Node.js async_hooks. It is similar to @opentelemetry/context-zone-peer-dep but is designed for use in Node.js environments, leveraging the async_hooks API for context propagation.
zone.js is a library that provides execution context tracking for JavaScript. It is the underlying library used by @opentelemetry/context-zone-peer-dep for context management. While zone.js is more general-purpose, @opentelemetry/context-zone-peer-dep integrates it specifically for OpenTelemetry context management.
This module provides Zone Context Manager with a peer dependency for zone-js for Web applications. If you use Angular you already have the zone-js and you should use this package. If you don't have your own zone-js please use @opentelemetry/context-zone
Please note that due to an issue with zone.js
, the ZoneContextManager
does not work with JS code targeting ES2017+
.
In order to use the ZoneContextManager
, please transpile back to ES2015
.
npm install --save @opentelemetry/context-zone-peer-dep
import { context, trace } from '@opentelemetry/api';
import {
ConsoleSpanExporter,
SimpleSpanProcessor,
WebTracerProvider,
} from '@opentelemetry/sdk-trace-web';
import { ZoneContextManager } from '@opentelemetry/context-zone-peer-dep';
const providerWithZone = new WebTracerProvider({
spanProcessors: [new SimpleSpanProcessor(new ConsoleSpanExporter())]
});
providerWithZone.register({
contextManager: new ZoneContextManager()
});
// Example how the ZoneContextManager keeps the reference to the correct context during async operations
const webTracerWithZone = providerWithZone.getTracer('default');
const span1 = webTracerWithZone.startSpan('foo1');
context.with(trace.setSpan(context.active(), span1, () => {
console.log('Current span is span1', trace.getSpan(context.active()) === span1);
setTimeout(() => {
const span2 = webTracerWithZone.startSpan('foo2');
console.log('Current span is span1', trace.getSpan(context.active()) === span1);
context.with(trace.setSpan(context.active(), span2, () => {
console.log('Current span is span2', trace.getSpan(context.active()) === span2);
setTimeout(() => {
console.log('Current span is span2', trace.getSpan(context.active()) === span2);
}, 500);
});
// there is a timeout which still keeps span2 active
console.log('Current span is span2', trace.getSpan(context.active()) === span2);
}, 500);
console.log('Current span is span1', trace.getSpan(context.active()) === span1);
});
Apache 2.0 - See LICENSE for more information.
1.29.0
FAQs
OpenTelemetry Context Zone with peer dependency for zone.js
The npm package @opentelemetry/context-zone-peer-dep receives a total of 187,935 weekly downloads. As such, @opentelemetry/context-zone-peer-dep popularity was classified as popular.
We found that @opentelemetry/context-zone-peer-dep demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.