
Security News
/Research
Wallet-Draining npm Package Impersonates Nodemailer to Hijack Crypto Transactions
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
@opentelemetry/plugin-express
Advanced tools
OpenTelemetry express automatic instrumentation package.
This module provides automatic instrumentation for express
.
For automatic instrumentation see the @opentelemetry/node package.
npm install --save @opentelemetry/plugin-express
^4.0.0
OpenTelemetry Express Instrumentation allows the user to automatically collect trace data and export them to their backend of choice, to give observability to distributed systems.
To load a specific plugin (express in this case), specify it in the registerInstrumentations's configuration.
const { NodeTracerProvider } = require('@opentelemetry/node');
const { registerInstrumentations } = require('@opentelemetry/instrumentation');
const provider = new NodeTracerProvider();
provider.register();
registerInstrumentations({
instrumentations: [
{
plugins: {
express: {
enabled: true,
// You may use a package name or absolute path to the file.
path: '@opentelemetry/plugin-express',
}
}
},
],
tracerProvider: provider,
});
To load all the supported plugins, use below approach. Each plugin is only loaded when the module that it patches is loaded; in other words, there is no computational overhead for listing plugins for unused modules.
const { NodeTracerProvider } = require('@opentelemetry/node');
const { registerInstrumentations } = require('@opentelemetry/instrumentation');
const provider = new NodeTracerProvider();
provider.register();
registerInstrumentations({
tracerProvider: provider,
});
See examples/express for a short example.
Because of the way express works, it's hard to correctly compute the time taken by asynchronous middlewares and request handlers. For this reason, the time you'll see reported for asynchronous middlewares and request handlers will only represent the synchronous execution time, and not any asynchronous work.
Express plugin has few options available to choose from. You can set the following:
Options | Type | Description |
---|---|---|
ignoreLayers | IgnoreMatcher[] | Express plugin will not trace all layers that match. |
ignoreLayersType | ExpressLayerType[] | Express plugin will ignore the layers that match based on their type. |
For reference, here are the three different layer type:
router
is the name of express.Router()
middleware
request_handler
is the name for anything thats not a router or a middleware.Apache 2.0 - See LICENSE for more information.
0.15.0
auto-instrumentation-web
auto-instrumentation-node
opentelemetry-instrumentation-hapi
opentelemetry-instrumentation-koa
opentelemetry-instrumentation-mysql
opentelemetry-instrumentation-net
opentelemetry-host-metrics
opentelemetry-host-metrics
, opentelemetry-test-utils
FAQs
OpenTelemetry express automatic instrumentation package.
The npm package @opentelemetry/plugin-express receives a total of 2,324 weekly downloads. As such, @opentelemetry/plugin-express popularity was classified as popular.
We found that @opentelemetry/plugin-express demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.