Security News
Input Validation Vulnerabilities Dominate MITRE's 2024 CWE Top 25 List
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
auto-trace
Advanced tools
A library that fixes all your stack trace problems.
This library helps transform garbage errors into beautiful objects filled with insight and understanding. This is especially useful for apps that use an error reporting service such as bug-snag or sentry.
Error:[object Object]
)Resource File
return $http
.get()
.then()
.catch(catchAsyncStacktrace(extraContext))
Observable
return observable
.then()
.catch(catchAsyncStacktrace(extraContext))
There are two parts to the error life cycle
new Error()
throw err
These events do not always occur at the same time. $http is an example of this. Since $http makes an async request, an error stacktrace will contain the call stack of the invoker as the request comes in (this is the syncStacktrace). Often the more useful stacktrace is the call stack as the request went out Controller->Service->Resource
(this is the asyncStacktrace).
catchError
is a wrapper around asyncStacktrace
which returns a method that will handle error processing and throwing. Pass this as your onError arg in RxJS subscriptions or as a callback in catch.
RxJS Subscription example:
myObs.subscribe(onComplete, catchError())
If a callback is provided then that will be called and the error will have to be thrown manually:
myObs.subscribe(onComplete, catchError((error, throwError) => {
error.showToast = false
throwError(error)
}))
The asynchronous stacktrace is often the most useful, in the case of http requests, this is the stacktrace as the request is going out.
Returns a function that will wrap the caught response in an error object that contains the asynchronous stacktrace. Will append extraContext
and call callback with wrapped error. This should be called as a function so that return value function will be passed into the catch statement.
callback
(optional) function that will be called with the wrapped errorextraContext
(optional) String or Object that will be stringified and appended to the error messagereturn $http
.get()
.then()
.catch(asyncStacktrace(callback, {state: 'extra info'}))
Returns a function that will wrap caught response in an error object that contains the asynchronous stacktrace. Will append extraContext
and throw the wrapped error. This should be called as a function so that return value function will be passed into the catch statement (see example).
extraContext
(optional) String or Object that will be stringified and appended to the error messageThis function uses setTimeout(() => {throw err})
to throw the error.
The error will be caught be window.onerror and can be logged by reporting services like sentry and bugsnag, but will not disrupt normal code execution (and cannot be caught elsewhere within the app).
This is especially helpful when working in angular land - as throwing an error within a promise catch handler will cause a rootScope:digest
Error.
return $http
.get()
.then()
.catch(catchAsyncStacktrace({state: 'extra info'}))
In the case of http requests, the synchronous stacktrace is the stacktrace as the request is response comes in. This is the normal, but less useful, stack-trace included by response errors. Often this trace follows the application function that serviced the request.
First order function, will wrap caught response in an error object that contains the asynchronous stacktrace and return the wrapped error. This should be passed (not called) as a function into the catch statement.
return $http
.get()
.then()
.catch(syncStacktrace)
First order function, will wrap caught response in an error object that contains the asynchronous stacktrace and throw the wrapped error. This should be passed (not called) as a function into the catch statement (see example).
This function uses setTimeout(() => {throw err})
to throw the error.
The error will be caught be window.onerror and can be logged by reporting services like sentry and bugsnag, but will not disrupt normal code execution (and cannot be caught elsewhere within the app).
This is especially helpful when working in angular land - as throwing an error within a promise catch handler will cause a rootScope:digest
Error.
return $http
.get()
.then()
.catch(catchSyncStacktrace)
Looking for more useful information about your errors? Wish you had the data from both parts of the error life cycle. Look no further! Middlewares allow you to create higher order functions that will execute in both life cycle contexts.
Adds global middleware function that will be called on all autoTrace errors.
Middlewares must be of the form asyncErr => syncRawErr => errToReturn
asyncErr
is an Error object with the Async stacktracesyncRawErr
is the rawError passed to the handler, this could be any type of object (make sure to perform a type check).errToReturn
will passed as the syncRawErr to the next middleware, and finally wrapped in an error object (if needed) and thrown (or passed into a callback).Deletes all global middleware functions.
Let's say you want to record how long it takes for a request to fail. This requires context surrounding when the error was created and when the error was thrown.
const middleware = asyncErr => {
const startTime = new Date()
return syncErr => {
const errorTime = new Date() - startTime;
if(typeof syncErr === Error)
syncErr.message += ' -TimeToFail: ' + errorTime
else
syncErr = new Error(JSON.stringify(syncErr) + ' -TimeToFail: ' + errorTime)
return syncErr
}
}
addGlobalMiddleware(middleware);
Resource File
const extraContext = '-More info'
return $http
.get()
.then()
.catch(throwAsyncStacktrace(extraContext))
This will create Error: {message: 'original error message -TimeToFail: 10s -More info', trace: ...}
npm install auto-trace
FAQs
A library that fixes all your stack trace problems.
The npm package auto-trace receives a total of 31 weekly downloads. As such, auto-trace popularity was classified as not popular.
We found that auto-trace demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 13 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.