Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@sentry/browser
Advanced tools
The @sentry/browser package is a JavaScript SDK for Sentry, which is an error tracking service that helps developers monitor and fix crashes in real time. The SDK hooks into the global error handling mechanisms of the browser and captures unhandled exceptions and other errors, providing rich context and insights into the underlying issues.
Error Tracking
This feature automatically captures JavaScript exceptions and sends them to Sentry for analysis and tracking. The code initializes Sentry with a DSN (Data Source Name) and sets up a global error handler to capture exceptions.
Sentry.init({ dsn: 'YOUR_DSN' });
window.onerror = function (errorMsg, url, lineNumber, column, errorObj) {
Sentry.captureException(errorObj);
return false;
}
Manual Error Reporting
This allows developers to manually report exceptions or errors to Sentry. The code block demonstrates how to catch an error in a try-catch block and manually send it to Sentry using the captureException method.
Sentry.init({ dsn: 'YOUR_DSN' });
try {
// Code that might fail
} catch (error) {
Sentry.captureException(error);
}
Performance Monitoring
This feature enables performance monitoring by capturing transactions and spans. The code initializes Sentry with a sample rate for transactions and demonstrates how to start and finish a transaction, which can be used to measure the performance of operations.
Sentry.init({ dsn: 'YOUR_DSN', tracesSampleRate: 1.0 });
const transaction = Sentry.startTransaction({ name: 'test transaction' });
// ... some code ...
transaction.finish();
Breadcrumbs
Breadcrumbs are a trail of events that happened prior to an issue. This feature allows you to record breadcrumbs manually. The code shows how to add a breadcrumb for an authentication event.
Sentry.init({ dsn: 'YOUR_DSN' });
Sentry.addBreadcrumb({
category: 'auth',
message: 'User authenticated',
level: Sentry.Severity.Info
});
User Feedback
This feature allows you to collect user feedback when an error occurs. The code initializes Sentry and then shows a dialog to the user to collect feedback for a specific event.
Sentry.init({ dsn: 'YOUR_DSN' });
Sentry.showReportDialog({ eventId: 'event_id' });
Bugsnag provides similar error tracking and monitoring capabilities as Sentry. It offers real-time error reporting and can be used to monitor application stability. Bugsnag also provides features for error diagnostics and supports multiple platforms.
Raygun is another error monitoring service that offers crash reporting with detailed diagnostics. It supports real-time error tracking and performance monitoring, and it can be used to identify and diagnose software errors and performance issues.
Rollbar offers real-time error tracking and is similar to Sentry in its capabilities. It includes features like telemetry, person tracking, and version tracking. Rollbar provides a comprehensive dashboard for monitoring and analyzing errors.
To use this SDK, call Sentry.init(options)
as early as possible after loading the page. This will initialize the SDK
and hook into the environment. Note that you can turn off almost all side effects using the respective options.
import * as Sentry from '@sentry/browser';
Sentry.init({
dsn: '__DSN__',
// ...
});
To set context information or send manual events, use the exported functions of @sentry/browser
. Note that these
functions will not perform any action before you have called Sentry.init()
:
import * as Sentry from '@sentry/browser';
// Set user information, as well as tags and further extras
Sentry.configureScope(scope => {
scope.setExtra('battery', 0.7);
scope.setTag('user_mode', 'admin');
scope.setUser({ id: '4711' });
// scope.clear();
});
// Add a breadcrumb for future events
Sentry.addBreadcrumb({
message: 'My Breadcrumb',
// ...
});
// Capture exceptions, messages or manual events
Sentry.captureMessage('Hello, world!');
Sentry.captureException(new Error('Good bye'));
Sentry.captureEvent({
message: 'Manual',
stacktrace: [
// ...
],
});
FAQs
Official Sentry SDK for browsers
The npm package @sentry/browser receives a total of 3,877,478 weekly downloads. As such, @sentry/browser popularity was classified as popular.
We found that @sentry/browser demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 11 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.