Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@tinkoff/browser-timings
Advanced tools
Lib for measure client browsers performance. Automatically collects performance data on page load.
Install npm package
npm i --save @tinkoff/browser-timings
import { browserTimings } from '@tinkoff/browser-timings';
window.addEventListener('load', () => {
setTimeout(() => {
// setTimeout is necessary in order to get metrics about loadEventEnd
const perfData = browserTimings();
}, 0);
});
After executing perfData
will contain client performance metrics which may be send to any external system for further analysis.
Call of the library should be executed only after page load in order to get actual data. Otherwise, it may return empty object without data.
export interface Timings {
/* Connection timing from client to server */
connection: number;
/* How much time backend was preparing response */
backend: number;
/* Page download to client */
pageDownload: number;
/* Timing of first paint for a page */
'first-paint': number;
/* Timing when DOM becomes interactive */
domInteractive: number;
/* DOM building is complete */
domComplete: number;
/* Page and every resource were loaded */
pageLoadTime: number;
/* Common information about resources and its loading time grouped by type */
download: {
html: TimingResource;
js: TimingResource;
css: TimingResource;
img: TimingResource;
font: TimingResource;
other: TimingResource;
};
}
interface TimingResource {
/* Timing of resource loading */
duration: number;
/* Byte-size measure of data used by resource */
encodedDecodeSize: number;
/* Byte-size measure of data transferred by network. Calculating difference between encodedDecodeSize - transferSize may reveal how much data where stored in browser cache */
transferSize: number;
}
FAQs
Lightweighted browser timings metrics exporter
We found that @tinkoff/browser-timings demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.