aws-xray-sdk-koa2
Advanced tools
aws-xray-sdk-koa2 - npm Package Compare versions
Comparing version 0.0.1-security to 3.2.0
| { | ||
| "name": "aws-xray-sdk-koa2", | ||
| "version": "0.0.1-security", | ||
| "description": "publish", | ||
| "repository": "npm/security-holder" | ||
| "version": "3.2.0", | ||
| "description": "AWS X-Ray Middleware for koa (Javascript)", | ||
| "author": "Amazon Web Services", | ||
| "contributors": [ | ||
| "Sandra McMullen <mcmuls@amazon.com>", | ||
| "Eric Swann <eric.swann@q2ebanking.com>" | ||
| ], | ||
| "main": "lib/index.js", | ||
| "files": [ | ||
| "lib" | ||
| ], | ||
| "types": "lib/index.d.ts", | ||
| "scripts": { | ||
| "lint": "eslint .", | ||
| "lint:fix": "eslint --fix ./src", | ||
| "test": "mocha --recursive --exit ./test/ -R spec && tsd", | ||
| "test-d": "tsd" | ||
| }, | ||
| "engines": { | ||
| "node": ">= 10.x" | ||
| }, | ||
| "peerDependencies": { | ||
| "aws-xray-sdk-core": "^3.2.0", | ||
| "koa": "^2.0.0" | ||
| }, | ||
| "devDependencies": { | ||
| "@types/chai": "^4.2.12", | ||
| "@types/koa": "^2.11.3", | ||
| "@types/mocha": "^8.0.0", | ||
| "@types/node": "^10.17.28", | ||
| "@types/sinon": "^9.0.4", | ||
| "@types/sinon-chai": "^3.2.4", | ||
| "aws-sdk": "^2.304.0", | ||
| "aws-xray-sdk-core": "3.2.0", | ||
| "chai": "^4.2.0", | ||
| "eslint": "^7.5.0", | ||
| "eslint-config-prettier": "^6.11.0", | ||
| "eslint-config-semistandard": "^15.0.1", | ||
| "eslint-config-standard": "^14.1.1", | ||
| "eslint-plugin-import": "^2.22.0", | ||
| "eslint-plugin-mocha": "^7.0.1", | ||
| "eslint-plugin-node": "^11.1.0", | ||
| "eslint-plugin-prettier": "^3.1.4", | ||
| "eslint-plugin-promise": "^4.2.1", | ||
| "eslint-plugin-standard": "^4.0.1", | ||
| "koa": "^2.13.0", | ||
| "mocha": "^8.0.1", | ||
| "prettier": "^2.0.5", | ||
| "sinon": "^9.0.2", | ||
| "sinon-chai": "^3.5.0", | ||
| "tsd": "^0.13.1" | ||
| }, | ||
| "keywords": [ | ||
| "amazon", | ||
| "api", | ||
| "aws", | ||
| "koa", | ||
| "xray", | ||
| "x-ray", | ||
| "x ray" | ||
| ], | ||
| "directories": { | ||
| "lib": "lib" | ||
| }, | ||
| "license": "Apache-2.0", | ||
| "repository": "https://github.com/aws/aws-xray-sdk-node/tree/sdk_contrib/koa", | ||
| "gitHead": "bd2a8f2554c3969a2b47afb59c1a7085b54f3cd8" | ||
| } |
@@ -1,9 +0,65 @@ | ||
| # Security holding package | ||
| This package name is not currently in use, but was formerly occupied | ||
| by another package. To avoid malicious use, npm is hanging on to the | ||
| package name, but loosely, and we'll probably give it to you if you | ||
| want it. | ||
| ## Requirements | ||
| You may adopt this package by contacting support@npmjs.com and | ||
| requesting the name. | ||
| AWS X-Ray SDK Core (aws-xray-sdk-core) | ||
| Koa 2.x or greater | ||
| ## AWS X-Ray and Koa | ||
| The AWS X-Ray Koa package automatically records information for incoming and outgoing | ||
| requests and responses, via the middleware functions in this package. To configure sampling, | ||
| dynamic naming, and more see the [set up section](https://github.com/aws/aws-xray-sdk-node/tree/master/packages/core#setup). | ||
| The AWS X-Ray SDK Core has two modes - `manual` and `automatic`. | ||
| Automatic mode uses the `cls-hooked` package and automatically | ||
| tracks the current segment and subsegment. This is the default mode. | ||
| Manual mode requires that you pass around the segment reference. | ||
| In automatic mode, you can get the current segment/subsegment at any time: | ||
| var segment = AWSXRay.getSegment(); | ||
| In manual mode, you can get the base segment off of the context object: | ||
| var segment = ctx.segment; | ||
| ## Middleware Usage | ||
| The Koa X-Ray SDK provides one middlewares: `xrayKoa.openSegment(<name>)`. | ||
| This middleware will wrap all of the defined routes that you'd like to trace. | ||
| In automatic mode, the `openSegment` middleware *must* be the last middleware added | ||
| before defining routes, otherwise issues with the `cls-hooked` | ||
| context may occur. | ||
| ## Automatic mode examples | ||
| ```js | ||
| var AWSXRay = require('aws-xray-sdk-core'); | ||
| var xrayKoa = require('aws-xray-sdk-koa2'); | ||
| var app = new Koa(); | ||
| //... | ||
| app.use(xrayKoa.openSegment('defaultName')); | ||
| router.get('/myRoute', (ctx) => { | ||
| const segment = AWSXRay.getSegment(); | ||
| //Do whatever | ||
| }); | ||
| ``` | ||
| ## Manual mode examples | ||
| ```js | ||
| var AWSXRay = require('aws-xray-sdk-core'); | ||
| var xrayKoa = require('aws-xray-sdk-koa2'); | ||
| var app = new Koa(); | ||
| //... | ||
| var AWSXRay = require('aws-xray-sdk'); | ||
| app.use(xrayKoa.openSegment('defaultName')); //Required at the start of your routes | ||
| router.get('/myRoute', (ctx) => { | ||
| const segment = ctx.segment; | ||
| //Do whatever | ||
| }); | ||
| ``` | ||
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
Unidentified License
License(Experimental) Something that seems like a license was found, but its contents could not be matched with a known license.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Known malware
Supply chain riskThis package is malware. We have asked the package registry to remove it.
Found 1 instance in 1 package
Empty package
Supply chain riskPackage does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.
Found 1 instance in 1 package
No contributors or author data
MaintenancePackage does not specify a list of contributors or an author in package.json.
Found 1 instance in 1 package
No License Found
License(Experimental) License information could not be found.
Found 1 instance in 1 package
No repository
Supply chain riskPackage does not have a linked source code repository. Without this field, a package will have no reference to the location of the source code use to generate the package.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by3960.87%
18680
- Number of package files
- increased by300%
8
- Lines of code
- increased byInfinity%
101
- Number of low maintenance alerts
- decreased by-50%
1
- Number of low quality alerts
- decreased by-50%
1
- Number of lines in readme file
- increased by560%
66
- Number of critical supply chain risk alerts
- decreased by-100%
0
Worsened metrics
- Dependency count
- increased byInfinity%
2
- Dev dependency count
- increased byInfinity%
25
- License quality
- decreased by-20%
80