Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
aws-xray-sdk
Advanced tools
The aws-xray-sdk is an npm package that provides tools for integrating AWS X-Ray tracing into your Node.js applications. AWS X-Ray helps developers analyze and debug distributed applications, such as those built using a microservices architecture. The SDK allows you to trace requests as they travel through your application, providing insights into performance bottlenecks and errors.
Automatic Instrumentation
This feature allows you to automatically capture HTTP and HTTPS requests made by your application. The SDK wraps the native HTTP and HTTPS modules to capture and record data about outgoing requests.
const AWSXRay = require('aws-xray-sdk');
const http = AWSXRay.captureHTTPs(require('http'));
const https = AWSXRay.captureHTTPs(require('https'));
http.get('http://www.example.com', (res) => {
res.on('data', (chunk) => {
console.log(`BODY: ${chunk}`);
});
res.on('end', () => {
console.log('No more data in response.');
});
});
Manual Instrumentation
This feature allows you to manually create and manage subsegments within your code. You can add annotations and metadata to these subsegments to provide additional context for your traces.
const AWSXRay = require('aws-xray-sdk');
AWSXRay.captureFunc('annotations', function(subsegment) {
subsegment.addAnnotation('userId', '12345');
subsegment.addMetadata('key', 'value');
});
Middleware Integration
This feature allows you to integrate AWS X-Ray with popular web frameworks like Express. The SDK provides middleware that automatically creates and closes segments for incoming HTTP requests.
const AWSXRay = require('aws-xray-sdk');
const express = require('express');
const app = express();
app.use(AWSXRay.express.openSegment('MyApp'));
app.get('/', function (req, res) {
res.send('Hello World!');
});
app.use(AWSXRay.express.closeSegment());
app.listen(3000);
Jaeger is an open-source end-to-end distributed tracing tool originally developed by Uber Technologies. The jaeger-client npm package allows you to instrument your Node.js applications to send trace data to a Jaeger backend. Unlike aws-xray-sdk, Jaeger is designed to work with the Jaeger tracing system and provides more flexibility in terms of deployment and configuration.
captureAWS
or captureAWSClient
)captureMySQL
)capturePostgres
)The AWS X-Ray SDK automatically records information for incoming and outgoing requests and responses (via middleware), as well as local data such as function calls, time, variables (via metadata and annotations), even EC2 instance data (via plugins).
Although the AWS X-Ray SDK was originally intended to capture request/response data on a web app, the SDK provides functionality for use cases outside this as well. The SDK exposes the 'Segment' and 'Subsegment' objects to create your own capturing mechanisms, middleware, etc.
This package includes the following AWS X-Ray packages.
aws-xray-sdk-core
aws-xray-sdk-express
aws-xray-sdk-postgres
aws-xray-sdk-mysql
The core package contains the base SDK functionality. Please see the aws-xray-sdk-core README.md for more details.
FAQs
AWS X-Ray SDK for Javascript
The npm package aws-xray-sdk receives a total of 222,841 weekly downloads. As such, aws-xray-sdk popularity was classified as popular.
We found that aws-xray-sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 24 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.