Security News
Deno 2.6 + Socket: Supply Chain Defense In Your CLI
Deno 2.6 introduces deno audit with a new --socket flag that plugs directly into Socket to bring supply chain security checks into the Deno CLI.
By Sarah Gooding - Dec 12, 2025
🚨 Shai-Hulud Strikes Again:834 Packages Compromised.Technical Analysis →
@opentelemetry/plugin-https
Advanced tools
OpenTelemetry HTTPS Instrumentation for Node.js
This module provides automatic instrumentation for https.
For automatic instrumentation see the @opentelemetry/node package.
Installation
npm install --save @opentelemetry/plugin-https
Usage
OpenTelemetry HTTPS Instrumentation allows the user to automatically collect trace data and export them to their backend of choice, to give observability to distributed systems.
To load a specific plugin (HTTPS in this case), specify it in the Node Tracer's configuration.
const { NodeTracerProvider } = require('@opentelemetry/node');
const provider = new NodeTracerProvider({
plugins: {
https: {
enabled: true,
// You may use a package name or absolute path to the file.
path: '@opentelemetry/plugin-https',
// https plugin options
}
}
});
To load all of the supported plugins, use below approach. Each plugin is only loaded when the module that it patches is loaded; in other words, there is no computational overhead for listing plugins for unused modules.
const { NodeTracerProvider } = require('@opentelemetry/node');
const provider = new NodeTracerProvider();
See examples/https for a short example.
Https Plugin Options
Https plugin has few options available to choose from. You can set the following:
| Options | Type | Description |
|---|---|---|
applyCustomAttributesOnSpan | HttpCustomAttributeFunction | Function for adding custom attributes |
ignoreIncomingPaths | IgnoreMatcher[] | Http plugin will not trace all incoming requests that match paths |
ignoreOutgoingUrls | IgnoreMatcher[] | Http plugin will not trace all outgoing requests that match urls |
Useful links
- For more information on OpenTelemetry, visit: https://opentelemetry.io/
- For more about OpenTelemetry JavaScript: https://github.com/open-telemetry/opentelemetry-js
- For help or feedback on this project, join us in GitHub Discussions
License
Apache 2.0 - See LICENSE for more information.
FAQs
OpenTelemetry https automatic instrumentation package.
The npm package @opentelemetry/plugin-https receives a total of 4,042 weekly downloads. As such, @opentelemetry/plugin-https popularity was classified as popular.
We found that @opentelemetry/plugin-https demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Package last updated on 30 Mar 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
New React Server Components Vulnerabilities: DoS and Source Code Exposure
New DoS and source code exposure bugs in React Server Components and Next.js: what’s affected and how to update safely.
By Sarah Gooding - Dec 12, 2025
Security News
Software Engineering Daily Podcast: Feross on AI, Open Source, and Supply Chain Risk
Socket CEO Feross Aboukhadijeh joins Software Engineering Daily to discuss modern software supply chain attacks and rising AI-driven security risks.
By Sarah Gooding - Dec 11, 2025