Security News
New Python Packaging Proposal Aims to Solve Phantom Dependency Problem with SBOMs
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
@opentelemetry/semantic-conventions
Advanced tools
The @opentelemetry/semantic-conventions package provides standardized naming and semantic conventions for attributes in OpenTelemetry. These conventions help ensure that telemetry data is consistent, interpretable, and analyzable across different systems and services. The package includes constants for resource attributes, span attributes, and event names that are recommended by the OpenTelemetry specification.
Resource Attributes
Defines standard attributes to be used for service resources, allowing you to annotate your telemetry data with information about the service instance.
{"service.name": 'my-service', "service.version": '1.0.0', "service.instance.id": 'instance-123'}
Span Attributes
Provides a set of standard attributes for spans, which represent individual operations within a trace. These attributes can be used to add metadata about the operation, such as HTTP method, URL, and status code.
{"http.method": 'GET', "http.url": 'https://example.com', "http.status_code": 200}
Event Names
Includes standardized event names for logging exceptions, messages, and metrics within spans. This helps in categorizing and querying telemetry events.
"exception", "message", "metric"
Elastic APM Node.js Agent is a real user monitoring library that provides similar functionality to OpenTelemetry. It allows you to instrument your Node.js applications to track performance metrics and errors. While it also adheres to certain conventions, it is tailored to work with the Elastic Stack, and may not be as flexible as OpenTelemetry in terms of vendor neutrality.
Jaeger client libraries provide features for distributed tracing similar to OpenTelemetry. They offer their own set of conventions for tracing data. While Jaeger is compatible with OpenTelemetry through exporters, its native conventions are not the same as those defined by OpenTelemetry's semantic conventions.
Semantic Convention constants for use with the OpenTelemetry SDK/APIs. This document defines standard attributes for traces.
npm install --save @opentelemetry/semantic-conventions
import { GeneralAttribute } from '@opentelemetry/semantic-conventions';
const span = tracer.startSpan().startSpan(spanName, spanOptions)
.setAttributes({
[GeneralAttribute.NET_PEER_HOSTNAME]: 'localhost',
});
Apache 2.0 - See LICENSE for more information.
FAQs
OpenTelemetry semantic conventions
The npm package @opentelemetry/semantic-conventions receives a total of 8,990,449 weekly downloads. As such, @opentelemetry/semantic-conventions popularity was classified as popular.
We found that @opentelemetry/semantic-conventions demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
Security News
Socket CEO Feross Aboukhadijeh discusses open source security challenges, including zero-day attacks and supply chain risks, on the Cyber Security Council podcast.
Security News
Research
Socket researchers uncover how threat actors weaponize Out-of-Band Application Security Testing (OAST) techniques across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.