@pager/metrics-client
Advanced tools
Comparing version 4.0.0 to 4.1.0
@@ -19,3 +19,8 @@ 'use strict'; | ||
path: Joi.array().items(Joi.string()).single() | ||
}).unknown() | ||
}).unknown(), | ||
health: Joi.object({ | ||
path: Joi.array().items(Joi.string()).single(), | ||
auth: Joi.any(), | ||
response: Joi.object().unknown() | ||
}) | ||
}, | ||
@@ -27,2 +32,9 @@ defaults: { | ||
path: '/metrics' | ||
}, | ||
health: { | ||
path: ['/health', '/healthcheck'], | ||
response: { | ||
ver: process.env.npm_package_version, | ||
sha: process.env.VCS_REF | ||
} | ||
} | ||
@@ -72,3 +84,3 @@ }, | ||
server.events.on('request', (request) => { | ||
server.ext('onRequest', (request, h) => { | ||
@@ -78,2 +90,4 @@ request.plugins.metrics = { | ||
}; | ||
return h.continue; | ||
}); | ||
@@ -131,2 +145,24 @@ | ||
for (const path of settings.health.path) { | ||
server.route({ | ||
method: 'GET', path, options: { | ||
auth: !!settings.health.auth, | ||
handler: (request, h) => h.response(settings.health.response), | ||
response: { | ||
schema: Joi.object({ | ||
ver: Joi.string().regex(/[0-9]+(\.[0-9]+)*/).default('0.0.0'), | ||
sha: Joi.string().alphanum().length(7).default('plzSet1') | ||
}), | ||
modify: true, | ||
options: { | ||
allowUnknown: true, | ||
stripUnknown: false, | ||
convert: true | ||
} | ||
}, | ||
tags: ['health'] | ||
} | ||
}); | ||
} | ||
} | ||
@@ -133,0 +169,0 @@ }; |
{ | ||
"name": "@pager/metrics-client", | ||
"version": "4.0.0", | ||
"version": "4.1.0", | ||
"description": "Hapi-centric Prometheus Plugin and optional endpoint", | ||
@@ -13,2 +13,5 @@ "main": "lib/index.js", | ||
}, | ||
"engines": { | ||
"node": ">=10" | ||
}, | ||
"author": "", | ||
@@ -24,3 +27,3 @@ "license": "ISC", | ||
"joi": "14.x.x", | ||
"prom-client": "11.2.x" | ||
"prom-client": "11.3.x" | ||
}, | ||
@@ -27,0 +30,0 @@ "devDependencies": { |
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
19481
472
0
2
+ Addedprom-client@11.3.0(transitive)
- Removedprom-client@11.2.1(transitive)
Updatedprom-client@11.3.x