Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
d3-flame-graph
Advanced tools
A D3.js plugin that produces flame graphs from hierarchical data.
If you don't know what flame graphs are, check Brendan Gregg's post.
Flame graphs are a visualization of profiled software, allowing the most frequent code-paths to be identified quickly and accurately. They can be generated using my open source programs on github.com/brendangregg/FlameGraph, which create interactive SVGs.
Brendan Gregg
Click here to check the demo, and source.
Click here to check the differential flame graph demo, and source
Click here to check the animated assembly demo, and source
Click here to check the simplified demo on bl.ocks.org.
Just reference the CDN hosted CSS and JS files!
<head>
<link rel="stylesheet" type="text/css" href="https://cdn.jsdelivr.net/gh/spiermar/d3-flame-graph@2.0.3/dist/d3-flamegraph.css">
</head>
<body>
<div id="chart"></div>
<script type="text/javascript" src="https://d3js.org/d3.v4.min.js"></script>
<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/d3-tip/0.9.1/d3-tip.min.js"></script>
<script type="text/javascript" src="https://cdn.jsdelivr.net/gh/spiermar/d3-flame-graph@2.0.3/dist/d3-flamegraph.min.js"></script>
<script type="text/javascript">
var chart = flamegraph()
.width(960);
d3.json("data.json", function(error, data) {
if (error) return console.warn(error);
d3.select("#chart")
.datum(data)
.call(chart);
});
</script>
</body>
Make sure Node and npm installed on your system.
Install the d3-flame-graph plugin.
$ npm install d3-flame-graph --save
And use it!
<head>
<link rel="stylesheet" type="text/css" href="node_modules/d3-flame-graph/dist/d3-flamegraph.css">
</head>
<body>
<div id="chart"></div>
<script type="text/javascript" src="node_modules/d3/d3.js"></script>
<script type="text/javascript" src="node_modules/d3-tip/index.js"></script>
<script type="text/javascript" src="node_modules/d3-flame-graph/dist/d3-flamegraph.js"></script>
<script type="text/javascript">
var chart = flamegraph()
.width(960);
d3.json("data.json", function(error, data) {
if (error) return console.warn(error);
d3.select("#chart")
.datum(data)
.call(chart);
});
</script>
</body>
More detailed examples in the /examples directory.
Input stack is a simple hierarchical data structure in JSON format.
{
"name": "<name>",
"value": <value>,
"children": [
<Object>
]
}
The burn CLI tool can convert multiple file formats to this hierarchical data structure.
Internally, the data is transformed into a d3 hierarchy.
Functions like onClick
, label
and zoom
expose individual entries as hierarchy Nodes, which wrap the provided data and add more properties:
{
"data": <original user-provided object>,
"parent": <another hierarchy node>,
"children": [
<hierarchy node>
],
"x1": <double>, // x2 - x1 is the size of this node, as a fraction of the root.
"x2": <double>
}
This is a breaking change from previous versions of d3-flame-graph, which were based on version 3 of the d3 library. See d3-hierarchy.
# flamegraph()
Create a new Flame Graph.
# flamegraph.selfValue([enabled])
Defines if the plugin should use the self value logic to calculate the node value for the Flame Graph frame size. If set to true
, it will assume the node value from the input callgraph represents only the internal node value, or self value, not the sum of all children. If set to false
it will assume the value includes the chidren values too. Defaults to false
if not explicitely set, which if the same behavior 1.x had.
# flamegraph.width([size])
Graph width in px. Defaults to 960px if not set. If size is specified, it will set the graph width, otherwise it will return the current graph width.
# flamegraph.height([size])
Graph height in px. Defaults to the number of cell rows times cellHeight if not set. If size is specified, it will set the cell height, otherwise it will return the current graph height. If minHeight is specified, and higher than the provided or calculated values, it will override height.
# flamegraph.minHeight([size])
Minumum graph height in px. If size is specified, and higher than the provided or calculated height, it will override it.
# flamegraph.cellHeight([size])
Cell height in px. Defaults to 18px if not set. If size is specified, it will set the cell height, otherwise it will return the current cell height.
# flamegraph.minFrameSize([size])
Minimum size of a frame, in px, to be displayed in the flame graph. Defaults to 0px if not set. If size is specified, it will set the minimum frame size, otherwise it will return the current minimum frame size.
# flamegraph.title([title])
Title displayed on top of graph. Defaults to empty if not set. If title is specified, it will set the title displayed on the graph, otherwise it will return the current title.
# flamegraph.tooltip([enabled])
Enables/disables display of tooltips on frames. Defaults to true if not set. It can be set to a d3-tip configurable function, which will replace the default function and display a fully customized tooltip. Else, if a truthy value, uses a default label function. If a value is specified, it will enable/disable tooltips, otherwise it will return the current tooltip configuration.
Class should be specified in order to correctly render the tooltip. The default "d3-flame-graph-tip" is available for use too.
.attr('class', 'd3-flame-graph-tip')
See d3-tip for more details.
# flamegraph.transitionDuration([duration])
Specifies transition duration in milliseconds. The default duration is 750ms. If duration is not specified, returns the current transition duration.
See d3.duration.
# flamegraph.transitionEase([ease])
Specifies the transition easing function. The default easing function is d3.easeCubic
.
See d3-ease.
# flamegraph.label([function])
Adds a function that returns a formatted label. Example:
flamegraph.label(function(d) {
return "name: " + d.name + ", value: " + d.value;
});
# flamegraph.sort([enabled])
Enables/disables sorting of children frames. Defaults to true if not set to sort in ascending order by frame's name. If set to a function, the function takes two frames (a,b) and returns -1 if frame a is less than b, 1 if greater, or 0 if equal. If a value is specified, it will enable/disable sorting, otherwise it will return the current sort configuration.
# flamegraph.inverted([inverted])
Invert the flame graph direction. A top-down visualization of the flame graph, also known as icicle plot. Defaults to false if not set. If a value is specified, it will enable/disable the inverted flame graphs direction, otherwise it will return the current inverted configuration.
# flamegraph.differential([differential])
Use the differential color hash. Frames are sized according to their value
but colored based on the delta
property. Blue for negative numbers, red for positive numbers.
# flamegraph.elided([elided])
Use the elided color hash to show elided frames in a differential heat map. The elided color hash is cold / blue to differentiate from the regular warm palette.
# flamegraph.resetZoom()
Resets the zoom so that everything is visible.
# flamegraph.onClick([function])
Adds a function that will be called when the user clicks on a frame. Example:
flamegraph.onClick(function (d) {
console.info("You clicked on frame "+ d.data.name);
});
If called with no arguments, onClick
will return the click handler.
# flamegraph.setDetailsElement([element])
Sets the element that should be updated with the focused sample details text. Example:
<div id="details">
</div>
flamegraph.setDetailsElement(document.getElementById("details"));
If called with no arguments, setDetailsElement
will return the current details element.
# flamegraph.setDetailsHandler([function])
Sets the handler function that is called when the details
element needs to be updated. The function receives a single paramenter, the details text to be set. Example:
flamegraph.setDetailsHandler(
function (d) {
if (detailsElement) {
if (d) {
detailsElement.innerHTML = d
} else {
if (searchSum) {
setSearchDetails()
} else {
detailsElement.innerHTML = ''
}
}
}
}
);
If not set, setDetailsHandler
will default to the above function.
If called with no arguments, setDetailsHandler
will reset the details handler function.
# flamegraph.setSearchHandler([function])
Sets the handler function that is called when search results are returned. The function receives a three paramenters, the search results array, the search sample sum, and root value, Example:
flamegraph.setSearchHandler(
function (searchResults, searchSum, totalValue) {
if (detailsElement) { detailsElement.innerHTML = `${searchSum} of ${totalValue} samples (${format('.3f')(100 * (searchSum / totalValue), 3)}%)`}
}
);
If not set, setSearchHandler
will default to the above function.
If called with no arguments, setSearchHandler
will reset the search handler function.
# flamegraph.setColorMapper([function])
Replaces the built-in node color hash function. Function takes two arguments, the node data structure and the original color string for that node. It must return a color string. Example:
// Purple if highlighted, otherwise the original color
flamegraph.setColorMapper(function(d, originalColor) {
return d.highlight ? "#E600E6" : originalColor;
});
If called with no arguments, setColorMapper
will reset the color hash function.
# flamegraph.setSearchMatch([function])
Replaces the built-in node search match function. Function takes two arguments, the node data structure and the search term. It must return a boolean. Example:
flamegraph.setSearchMatch(function(d, term) {
// Non-regex implementation of the search function
return d.data.name.indexOf(term) != 0;
})
If called with no arguments, setSearchMatch
will return reset the search
match function.
# flamegraph.merge(samples)
Merges the current nodes with the given nodes.
# flamegraph.update(samples)
Updates (replaces) the current set of nodes with the given nodes.
# flamegraph.destroy()
Removes the flamegraph.
All API functions will return the flame graph object if no other behavior is specified in the function details.
For bugs, questions and discussions please use the GitHub Issues.
We love contributions! But in order to avoid total chaos, we have a few guidelines.
If you found a bug, have questions or feature requests, don't hesitate to open an issue.
If you're working on an issue, please comment on it so we can assign you to it.
If you have code to submit, follow the general pull request format. Fork the repo, make your changes, and submit a pull request.
This plugin uses Webpack as build system. It includes a development server with live refresh on any changes. To start it, just execute the serve
npm script.
$ git clone https://github.com/spiermar/d3-flame-graph.git
$ cd d3-flame-graph
$ npm install
$ npm run serve
A standalone template with all JavaScript and CSS inlined gets built at dist/templates/d3-flamegraph-base.html
.
It contains a placeholder /** @flamegraph_params **/
which needs to be replaced with the stacks in the format described in Input Format.
Copyright 2018 Martin Spier. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the “License”); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an “AS IS” BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
FAQs
A d3.js library to produce flame graphs.
The npm package d3-flame-graph receives a total of 19,781 weekly downloads. As such, d3-flame-graph popularity was classified as popular.
We found that d3-flame-graph demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.