Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
apollo-reporting-protobuf
Advanced tools
The apollo-reporting-protobuf package is designed for use with Apollo GraphQL services. It provides functionality for generating, serializing, and deserializing Protocol Buffers (protobuf) definitions related to Apollo's usage reporting. This is particularly useful for Apollo Server operators who want to send detailed performance metrics and usage information to Apollo Studio in a highly efficient and compact format.
Generating Trace Reports
This feature allows you to generate trace reports for individual operations. These traces can include detailed performance metrics, such as resolver execution times, which are useful for debugging and optimization.
const { Trace } = require('apollo-reporting-protobuf');
const trace = new Trace();
trace.startTime = Date.now();
// Populate trace with details of the operation
trace.endTime = Date.now();
Serializing Trace Reports
This feature enables the serialization of trace reports into a compact binary format using Protocol Buffers. This is useful for efficiently transmitting data to Apollo Studio or other analysis tools.
const { Trace } = require('apollo-reporting-protobuf');
const trace = new Trace();
// Assume trace is populated
const serializedTrace = Trace.encode(trace).finish();
Deserializing Trace Reports
This feature allows for the deserialization of previously serialized trace reports. This is useful for analyzing or processing trace data received in a compact binary format.
const { Trace } = require('apollo-reporting-protobuf');
const serializedTrace = /* binary data */;
const trace = Trace.decode(serializedTrace);
protobufjs is a more general-purpose package for working with Protocol Buffers in JavaScript. Unlike apollo-reporting-protobuf, which is tailored specifically for Apollo's usage reporting, protobufjs provides a broader set of tools for defining, serializing, and deserializing protobufs. It can be used for a wide range of applications beyond GraphQL reporting.
apollo-reporting-protobuf
Note: The Apollo usage reporting API is subject to change. We strongly encourage developers to contact Apollo support at
support@apollographql.com
to discuss their use case prior to building their own reporting agent using this module.
This module provides JavaScript/TypeScript
Protocol buffer definitions
for the Apollo usage reporting API. These definitions are generated for
consumption from the reports.proto
file which is defined internally within
Apollo.
Note: Due to a dependency on Unix tools (e.g.
bash
,grep
, etc.), the development of this module requires a Unix system. There is no reason why this can't be avoided, the time just hasn't been taken to make those changes. We'd happily accept a PR which makes the appropriate changes!
Currently, this package generates a majority of its code with
protobufjs
based on the
reports.proto
file. The output is generated with the prepare
npm script.
The root of the repository provides the devDependencies
necessary to build
these definitions (e.g. pbjs
, pbts
, protobuf
, etc.) and the prepare
npm script is invoked programmatically via the monorepo tooling (e.g. Lerna)
thanks to this module's postinstall
script. Therefore, when making
changes to this module, npx lerna run prepare
should be run from the root
of this monorepo in order to update the definitions in this module.
FAQs
Protobuf format for Apollo usage reporting
The npm package apollo-reporting-protobuf receives a total of 882,566 weekly downloads. As such, apollo-reporting-protobuf popularity was classified as popular.
We found that apollo-reporting-protobuf demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.