Security News
New Python Packaging Proposal Aims to Solve Phantom Dependency Problem with SBOMs
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
@opentelemetry/core
Advanced tools
OpenTelemetry Core provides default and no-op implementations of the OpenTelemetry types for trace and metrics
The @opentelemetry/core package is part of the OpenTelemetry project, which provides a set of APIs, libraries, agents, and instrumentation to provide observability for applications. Specifically, the core package includes fundamental building blocks for creating and managing telemetry data (metrics, traces, logs) and is designed to be used by other OpenTelemetry packages to create a complete observability framework.
Context Management
This feature allows for the propagation of context information across asynchronous operations in your application. The context is used to store and access current execution-specific data, such as active span in tracing.
const { context, ROOT_CONTEXT } = require('@opentelemetry/core');
const ctx = context.active();
const newContext = context.with(ROOT_CONTEXT, () => {});
Propagation
Propagation is used to transmit context (e.g., traces and correlations) across process boundaries. It includes utilities to inject and extract context information from carriers in various formats.
const { propagation, defaultTextMapGetter } = require('@opentelemetry/core');
const carrier = {};
const context = propagation.extract(ROOT_CONTEXT, carrier, defaultTextMapGetter);
Instrumentation
Instrumentation is a core part of OpenTelemetry, allowing developers to collect telemetry data (metrics, logs, and traces) from their applications. This feature provides diagnostic logging capabilities.
const { diag } = require('@opentelemetry/core');
diag.setLogger(new DiagConsoleLogger(), DiagLogLevel.INFO);
Jaeger client is a distributed tracing system. It's similar to @opentelemetry/core in that it provides tracing capabilities, but it's specifically designed for use with the Jaeger backend. Unlike OpenTelemetry, which aims to be vendor-neutral, Jaeger client is tailored for Jaeger.
Prom-client is a client for the Prometheus monitoring system, focusing on gathering metrics. It's similar to the metrics collection part of @opentelemetry/core but is specifically designed for use with Prometheus rather than being part of a broader observability framework.
This package provides default implementations of the OpenTelemetry API for trace and metrics. It's intended for use both on the server and in the browser.
OpenTelemetry provides a text-based approach to propagate context to remote services using the W3C Trace Context HTTP headers.
const api = require("@opentelemetry/api");
const { HttpTraceContextPropagator } = require("@opentelemetry/core");
/* Set Global Propagator */
api.propagation.setGlobalPropagator(new HttpTraceContextPropagator());
Combines multiple propagators into a single propagator.
This is used as a default Propagator
const api = require("@opentelemetry/api");
const { CompositePropagator } = require("@opentelemetry/core");
/* Set Global Propagator */
api.propagation.setGlobalPropagator(new CompositePropagator());
Provides a text-based approach to propagate baggage to remote services using the OpenTelemetry Baggage Propagation HTTP headers.
const api = require("@opentelemetry/api");
const { HttpBaggagePropagator } = require("@opentelemetry/core");
/* Set Global Propagator */
api.propagation.setGlobalPropagator(new HttpBaggagePropagator());
Sampler is used to make decisions on Span
sampling.
Samples every trace regardless of upstream sampling decisions.
This is used as a default Sampler
const { NodeTracerProvider } = require("@opentelemetry/node");
const { AlwaysOnSampler } = require("@opentelemetry/core");
const tracerProvider = new NodeTracerProvider({
sampler: new AlwaysOnSampler()
});
Doesn't sample any trace, regardless of upstream sampling decisions.
const { NodeTracerProvider } = require("@opentelemetry/node");
const { AlwaysOffSampler } = require("@opentelemetry/core");
const tracerProvider = new NodeTracerProvider({
sampler: new AlwaysOffSampler()
});
Samples some percentage of traces, calculated deterministically using the trace ID. Any trace that would be sampled at a given percentage will also be sampled at any higher percentage.
The TraceIDRatioSampler
may be used with the ParentBasedSampler
to respect the sampled flag of an incoming trace.
const { NodeTracerProvider } = require("@opentelemetry/node");
const { TraceIdRatioBasedSampler } = require("@opentelemetry/core");
const tracerProvider = new NodeTracerProvider({
// See details of ParentBasedSampler below
sampler: new ParentBasedSampler({
// Trace ID Ratio Sampler accepts a positional argument
// which represents the percentage of traces which should
// be sampled.
root: new TraceIdRatioBasedSampler(0.5)
});
});
ParentBased
helps distinguished between the
following cases:
sampled
flag true
sampled
flag false
sampled
flag true
sampled
flag false
Required parameters:
root(Sampler)
- Sampler called for spans with no parent (root spans)Optional parameters:
remoteParentSampled(Sampler)
(default: AlwaysOn
)remoteParentNotSampled(Sampler)
(default: AlwaysOff
)localParentSampled(Sampler)
(default: AlwaysOn
)localParentNotSampled(Sampler)
(default: AlwaysOff
)Parent | parent.isRemote() | parent.isSampled() | Invoke sampler |
---|---|---|---|
absent | n/a | n/a | root() |
present | true | true | remoteParentSampled() |
present | true | false | remoteParentNotSampled() |
present | false | true | localParentSampled() |
present | false | false | localParentNotSampled() |
const { NodeTracerProvider } = require("@opentelemetry/node");
const { ParentBasedSampler, AlwaysOffSampler, TraceIdRatioBasedSampler } = require("@opentelemetry/core");
const tracerProvider = new NodeTracerProvider({
sampler: new ParentBasedSampler({
// By default, the ParentBasedSampler will respect the parent span's sampling
// decision. This is configurable by providing a different sampler to use
// based on the situation. See configuration details above.
//
// This will delegate the sampling decision of all root traces (no parent)
// to the TraceIdRatioBasedSampler.
// See details of TraceIdRatioBasedSampler above.
root: new TraceIdRatioBasedSampler(0.5)
})
});
Apache 2.0 - See LICENSE for more information.
FAQs
OpenTelemetry Core provides constants and utilities shared by all OpenTelemetry SDK packages.
We found that @opentelemetry/core demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
Security News
Socket CEO Feross Aboukhadijeh discusses open source security challenges, including zero-day attacks and supply chain risks, on the Cyber Security Council podcast.
Security News
Research
Socket researchers uncover how threat actors weaponize Out-of-Band Application Security Testing (OAST) techniques across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.