Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
@opentelemetry/instrumentation-cassandra-driver
Advanced tools
@opentelemetry/instrumentation-cassandra-driver
OpenTelemetry instrumentation for `cassandra-driver` database client library for Apache Cassandra
OpenTelemetry instrumentation for cassandra-driver
This module provides automatic instrumentation for the injection of trace context to cassandra-driver, which may be loaded using the @opentelemetry/sdk-trace-node package and is included in the @opentelemetry/auto-instrumentations-node bundle.
If total installation size is not constrained, it is recommended to use the @opentelemetry/auto-instrumentations-node bundle with @opentelemetry/sdk-node for the most seamless instrumentation experience.
Compatible with OpenTelemetry JS API and SDK 1.0+.
Installation
npm install --save @opentelemetry/instrumentation-cassandra-driver
Supported Versions
cassandra-driverversions>=4.4.0 <5
Usage
const { NodeTracerProvider } = require('@opentelemetry/sdk-trace-node');
const { CassandraDriverInstrumentation } = require('@opentelemetry/instrumentation-cassandra-driver');
const { registerInstrumentations } = require('@opentelemetry/instrumentation');
const provider = new NodeTracerProvider();
provider.register();
registerInstrumentations({
instrumentations: [
new CassandraDriverInstrumentation(),
// other instrumentations
],
});
const cassandra = require('cassandra-driver');
const client = new cassandra.Client({ ... });
await client.execute('select * from foo');
Instrumentation options
| Option | Type | Default | Description |
|---|---|---|---|
enhancedDatabaseReporting | boolean | false | Whether to include database queries with spans. These can contain sensitive information when using unescaped parameters - i.e. insert into persons (name) values ('Bob') instead of insert into persons (name) values (?). |
responseHook | CassandraDriverResponseCustomAttributeFunction | undefined | Hook for adding custom attributes before response is handled |
maxQueryLength | number | 65536 | If enhancedDatabaseReporting is enabled, limits the attached query strings to this length. |
Semantic Conventions
This package uses @opentelemetry/semantic-conventions version 1.22+, which implements Semantic Convention Version 1.7.0
Attributes collected:
| Attribute | Short Description |
|---|---|
db.name | This attribute is used to report the name of the database being accessed. |
db.statement | The database statement being executed. |
db.system | An identifier for the database management system (DBMS) product being used. |
db.user | Username for accessing the database. |
net.peer.name | Remote hostname or similar. |
net.peer.port | Remote port number. |
Useful links
- For more information on OpenTelemetry, visit: https://opentelemetry.io/
- For more about OpenTelemetry JavaScript: https://github.com/open-telemetry/opentelemetry-js
- For help or feedback on this project, join us in GitHub Discussions
License
Apache 2.0 - See LICENSE for more information.
FAQs
OpenTelemetry instrumentation for `cassandra-driver` database client library for Apache Cassandra
The npm package @opentelemetry/instrumentation-cassandra-driver receives a total of 1,163,873 weekly downloads. As such, @opentelemetry/instrumentation-cassandra-driver popularity was classified as popular.
We found that @opentelemetry/instrumentation-cassandra-driver demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Package last updated on 17 Dec 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025