Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
By Kirill Boychenko - Sep 24, 2025
@opentelemetry/plugin-http
Advanced tools
OpenTelemetry HTTP Instrumentation for Node.js
This module provides automatic instrumentation for http.
For automatic instrumentation see the @opentelemetry/node package.
Installation
npm install --save @opentelemetry/plugin-http
Usage
OpenTelemetry HTTP Instrumentation allows the user to automatically collect trace data and export them to their backend of choice, to give observability to distributed systems.
To load a specific plugin (HTTP in this case), specify it in the Node Tracer's configuration.
const { NodeTracerProvider } = require('@opentelemetry/node');
const provider = new NodeTracerProvider({
plugins: {
http: {
enabled: true,
// You may use a package name or absolute path to the file.
path: '@opentelemetry/plugin-http',
// http plugin options
}
}
});
To load all of the supported plugins, use below approach. Each plugin is only loaded when the module that it patches is loaded; in other words, there is no computational overhead for listing plugins for unused modules.
const { NodeTracerProvider } = require('@opentelemetry/node');
const provider = new NodeTracerProvider();
See examples/http for a short example.
Http Plugin Options
Http plugin has few options available to choose from. You can set the following:
| Options | Type | Description |
|---|---|---|
applyCustomAttributesOnSpan | HttpCustomAttributeFunction | Function for adding custom attributes |
requestHook | HttpRequestCustomAttributeFunction | Function for adding custom attributes before request is handled |
responseHook | HttpResponseCustomAttributeFunction | Function for adding custom attributes before response is handled |
ignoreIncomingPaths | IgnoreMatcher[] | Http plugin will not trace all incoming requests that match paths |
ignoreOutgoingUrls | IgnoreMatcher[] | Http plugin will not trace all outgoing requests that match urls |
serverName | string | The primary server name of the matched virtual host. |
requireParentforOutgoingSpans | Boolean | Require that is a parent span to create new span for outgoing requests. |
requireParentforIncomingSpans | Boolean | Require that is a parent span to create new span for incoming requests. |
Useful links
- For more information on OpenTelemetry, visit: https://opentelemetry.io/
- For more about OpenTelemetry JavaScript: https://github.com/open-telemetry/opentelemetry-js
- For help or feedback on this project, join us in GitHub Discussions
License
Apache 2.0 - See LICENSE for more information.
0.18.2
:bug: (Bug Fix)
opentelemetry-api-metrics,opentelemetry-context-async-hooks,opentelemetry-context-zone-peer-dep,opentelemetry-core,opentelemetry-exporter-collector-grpc,opentelemetry-exporter-collector-proto,opentelemetry-exporter-collector,opentelemetry-exporter-jaeger,opentelemetry-exporter-prometheus,opentelemetry-exporter-zipkin,opentelemetry-grpc-utils,opentelemetry-instrumentation-fetch,opentelemetry-instrumentation-grpc,opentelemetry-instrumentation-http,opentelemetry-instrumentation-xml-http-request,opentelemetry-instrumentation,opentelemetry-metrics,opentelemetry-node,opentelemetry-plugin-grpc-js,opentelemetry-plugin-grpc,opentelemetry-plugin-http,opentelemetry-plugin-https,opentelemetry-propagator-b3,opentelemetry-propagator-jaeger,opentelemetry-resource-detector-aws,opentelemetry-resource-detector-gcp,opentelemetry-resources,opentelemetry-sdk-node,opentelemetry-shim-opentracing,opentelemetry-tracing,opentelemetry-web
Committers: 1
- Daniel Dyla (@dyladan)
FAQs
OpenTelemetry http automatic instrumentation package.
The npm package @opentelemetry/plugin-http receives a total of 5,319 weekly downloads. As such, @opentelemetry/plugin-http popularity was classified as popular.
We found that @opentelemetry/plugin-http demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Package last updated on 30 Mar 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025