Security News
New Python Packaging Proposal Aims to Solve Phantom Dependency Problem with SBOMs
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
@sentry/hub
Advanced tools
The @sentry/hub package is part of the Sentry SDK for JavaScript. It is responsible for managing scopes, breadcrumbs, and client instances. It allows for the isolation of data through the use of multiple hubs and scopes, which is useful in complex applications where different parts of the application might need to report different pieces of context or breadcrumbs.
Managing Scopes
This feature allows you to manage scopes, which are used to hold contextual data such as tags, extra information, and breadcrumbs. You can push and pop scopes to control the context data that is sent with events.
{"const { Hub, Scope } = require('@sentry/hub');
const hub = new Hub();
const scope = new Scope();
scope.setExtra('user_id', '12345');
hub.pushScope(scope);
// Perform operations within this scope
hub.popScope(); // Revert to the previous scope"}
Managing Breadcrumbs
Breadcrumbs are a way to record events that happened prior to an issue. This feature allows you to add breadcrumbs to the current scope, which can then be sent along with error reports to help diagnose issues.
{"const { Hub } = require('@sentry/hub');
const hub = new Hub();
hub.addBreadcrumb({
message: 'User clicked a button',
category: 'user-interaction',
level: 'info'
});
// This breadcrumb will be attached to the next captured event"}
Isolating Clients
This feature allows you to create isolated instances of Sentry clients. Each client can have its own configuration and integrations, and you can use multiple clients within the same application for different purposes.
{"const { Hub, Integrations } = require('@sentry/hub');
const Sentry = require('@sentry/node');
const client = new Sentry.NodeClient({
dsn: 'your dsn',
integrations: [new Integrations.Http({ tracing: true })]
});
const hub = new Hub(client);
// You can now use this hub to capture events and manage scopes with the associated client"}
Winston is a multi-transport async logging library for Node.js. While it is not a direct alternative to @sentry/hub, it provides similar functionality in terms of logging and managing contextual information. Unlike @sentry/hub, winston focuses on general-purpose logging and does not specialize in error tracking and reporting.
Bunyan is a simple and fast JSON logging library for Node.js services. Like winston, it is more focused on logging rather than error tracking. It does not have the concept of scopes and hubs but provides a way to log structured data and create child loggers with bound contextual information.
Pino is a very low overhead Node.js logger. It provides similar logging capabilities to winston and bunyan but emphasizes performance. Pino does not have the advanced error tracking and context management features of @sentry/hub but is a good choice for applications where performance is critical.
This package provides the Hub
and Scope
for all JavaScript related SDKs.
FAQs
Sentry hub which handles global state managment.
The npm package @sentry/hub receives a total of 1,336,884 weekly downloads. As such, @sentry/hub popularity was classified as popular.
We found that @sentry/hub demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 11 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
Security News
Socket CEO Feross Aboukhadijeh discusses open source security challenges, including zero-day attacks and supply chain risks, on the Cyber Security Council podcast.
Security News
Research
Socket researchers uncover how threat actors weaponize Out-of-Band Application Security Testing (OAST) techniques across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.