The dd-trace npm package is a Node.js APM (Application Performance Monitoring) client for Datadog. It allows you to monitor the performance of your Node.js applications, providing insights into the runtime and helping you to diagnose and optimize your code.
Tracing
This feature allows you to trace the execution of your application, marking and timing various operations within your code. You can tag spans with metadata and monitor the performance of individual requests or tasks.
const tracer = require('dd-trace').init();
// Instrument a function
tracer.trace('web.request', (span) => {
// Do some work
span.setTag('http.status_code', 200);
});Automatic Instrumentation
dd-trace can automatically instrument popular libraries and frameworks such as Express, Koa, GraphQL, and many others. This means that you can get insights into how these libraries are performing without having to manually instrument code.
const tracer = require('dd-trace').init();
// Automatically instruments supported libraries
const express = require('express');
const app = express();
app.get('/', (req, res) => res.send('Hello World!'));
app.listen(3000);Custom Tags and Metrics
You can add custom tags and metrics to your traces to provide additional context and granularity. This can be useful for filtering and searching through your traces in the Datadog APM interface.
const tracer = require('dd-trace').init();
// Add custom tags to a span
tracer.trace('web.request', (span) => {
span.setTag('my_tag', 'my_value');
span.setMetric('my_metric', 100);
});Distributed Tracing
Distributed tracing allows you to trace requests as they move across different services and components in your system. This is essential for understanding the performance of microservices architectures.
const tracer = require('dd-trace').init();
// Continue a trace across asynchronous boundaries
async function part1() {
return tracer.trace('part1', async () => {
// Do something
});
}
async function part2() {
return tracer.trace('part2', async (span) => {
// Do something else
span.context().toTraceId();
});
}New Relic's APM tool is similar to dd-trace in that it provides performance monitoring and tracing for Node.js applications. It offers a wide range of features for monitoring application health and is known for its user-friendly interface. However, it is a different product with its own set of integrations and pricing model.
Elastic APM Node.js Agent is part of the Elastic APM suite, which integrates with the Elastic Stack (Elasticsearch, Kibana, etc.). It provides similar functionalities for monitoring Node.js applications, including distributed tracing and performance metrics. It is more focused on integration with the Elastic ecosystem.
Zipkin is an open-source distributed tracing system. It provides features to gather timing data needed to troubleshoot latency problems in service architectures. While it supports various programming languages, it requires more manual setup and configuration compared to dd-trace.
dd-trace: Node.js APM Tracer Library
dd-trace is an npm package that you can install in your Node.js application to capture APM (Application Performance Monitoring) data. In Datadog terminology this library is called a Tracer. This data is then sent off to a process which collects and aggregates the data, called an Agent. Finally the data is sent off to the Datadog servers where it's stored and made available for querying in a myriad of ways, such as displaying in a dashboard or triggering alerts.
Most of the documentation for dd-trace is available on these webpages:
| Release Line | Latest Version | Node.js | Status | Initial Release | End of Life |
|---|---|---|---|---|---|
v1 |  | >= v12 | End of Life | 2021-07-13 | 2022-02-25 |
v2 |  | >= v12 | End of Life | 2022-01-28 | 2023-08-15 |
v3 |  | >= v14 | Maintenance | 2022-08-15 | 2024-05-15 |
v4 |  | >= v16 | Maintenance | 2023-05-12 | 2025-01-11 |
v5 |  | >= v18 | Current | 2024-01-11 | Unknown |
We currently maintain three release lines, namely v5, v4 and v3.
Features and bug fixes that are merged are released to the v5 line and, if appropriate, also the v4 & v3 line.
For any new projects it is recommended to use the v5 release line:
$ npm install dd-trace
$ yarn add dd-trace
However, existing projects that already use the v4 & v3 release line, or projects that need to support EOL versions of Node.js, may continue to use these release lines.
This is done by specifying the version when installing the package.
$ npm install dd-trace@4
$ yarn add dd-trace@4
Any backwards-breaking functionality that is introduced into the library will result in an increase of the major version of the library and therefore a new release line. Such releases are kept to a minimum to reduce the pain of upgrading the library.
When a new release line is introduced the previous release line then enters maintenance mode where it will receive updates for the next year. Once that year is up the release line enters End of Life and will not receive new updates. The library also follows the Node.js LTS lifecycle wherein new release lines drop compatibility with Node.js versions that reach end of life (with the maintenance release line still receiving updates for a year).
For more information about library versioning and compatibility, see the NodeJS Compatibility Requirements page.
Changes associated with each individual release are documented on the GitHub Releases screen.
Before contributing to this open source project, read our CONTRIBUTING.md.
Since this project supports multiple Node versions, using a version manager such as nvm is recommended.
We use yarn for its workspace functionality, so make sure to install that as well.
To install dependencies once you have Node and yarn installed, run:
$ yarn
Before running plugin tests, the data stores need to be running. The easiest way to start all of them is to use the provided docker-compose configuration:
$ docker-compose up -d -V --remove-orphans --force-recreate
$ yarn services
Note The
couchbase,grpcandoracledbinstrumentations rely on native modules that do not compile on ARM64 devices (for example M1/M2 Mac) - their tests cannot be run locally on these devices.
There are several types of unit tests, for various types of components. The following commands may be useful:
# Tracer core tests (i.e. testing `packages/dd-trace`)
$ yarn test:trace:core
# "Core" library tests (i.e. testing `packages/datadog-core`
$ yarn test:core
# Instrumentations tests (i.e. testing `packages/datadog-instrumentations`
$ yarn test:instrumentations
Several other components have test commands as well. See package.json for
details.
To test plugins (i.e. components in packages/datadog-plugin-XXXX
directories, set the PLUGINS environment variable to the plugin you're
interested in, and use yarn test:plugins. If you need to test multiple
plugins you may separate then with a pipe (|) delimiter. Here's an
example testing the express and bluebird plugins:
PLUGINS="express|bluebird" yarn test:plugins
To run the memory leak tests, use:
$ yarn leak:core
# or
$ yarn leak:plugins
We use ESLint to make sure that new code conforms to our coding standards.
To run the linter, use:
$ yarn lint
Warning
ESM support has been temporarily disabled starting from Node 20 as significant changes are in progress.
ESM support is currently in the experimental stages, while CJS has been supported
since inception. This means that code loaded using require() should work fine
but code loaded using import might not always work.
Use the following command to enable experimental ESM support with your application:
node --loader dd-trace/loader-hook.mjs entrypoint.js
Our microbenchmarks live in benchmark/sirun. Each directory in there
corresponds to a specific benchmark test and its variants, which are used to
track regressions and improvements over time.
In addition to those, when two or more approaches must be compared, please write
a benchmark in the benchmark/index.js module so that we can keep track of the
most efficient algorithm. To run your benchmark, use:
$ yarn bench
Note that there is a separate Lambda project, datadog-lambda-js, that is responsible for enabling metrics and distributed tracing when your application runs on Lambda.
That project does depend on the dd-trace package but also adds a lot of Lambda-related niceties.
If you find any issues specific to Lambda integrations then the issues may get solved quicker if they're added to that repository.
That said, even if your application runs on Lambda, any core instrumentation issues not related to Lambda itself may be better served by opening an issue in this repository.
Regardless of where you open the issue, someone at Datadog will try to help.
Generally, dd-trace works by intercepting require() calls that a Node.js application makes when loading modules. This includes modules that are built-in to Node.js, like the fs module for accessing the filesystem, as well as modules installed from the npm registry, like the pg database module.
Also generally, bundlers work by crawling all of the require() calls that an application makes to files on disk, replacing the require() calls with custom code, and then concatenating all of the resulting JavaScript into one "bundled" file. When a built-in module is loaded, like require('fs'), that call can then remain the same in the resulting bundle.
Fundamentally APM tools like dd-trace stop working at this point. Perhaps they continue to intercept the calls for built-in modules but don't intercept calls to third party libraries. This means that by default when you bundle a dd-trace app with a bundler it is likely to capture information about disk access (via fs) and outbound HTTP requests (via http), but will otherwise omit calls to third party libraries (like extracting incoming request route information for the express framework or showing which query is run for the mysql database client).
To get around this, one can treat all third party modules, or at least third party modules that the APM needs to instrument, as being "external" to the bundler. With this setting the instrumented modules remain on disk and continue to be loaded via require() while the non-instrumented modules are bundled. Sadly this results in a build with many extraneous files and starts to defeat the purpose of bundling.
For these reasons it's necessary to have custom-built bundler plugins. Such plugins are able to instruct the bundler on how to behave, injecting intermediary code and otherwise intercepting the "translated" require() calls. The result is that many more packages are then included in the bundled JavaScript file. Some applications can have 100% of modules bundled, however native modules still need to remain external to the bundle.
This library provides experimental ESBuild support in the form of an ESBuild plugin. Require the dd-trace/esbuild module when building your bundle to enable the plugin.
Here's an example of how one might use dd-trace with ESBuild:
const ddPlugin = require('dd-trace/esbuild')
const esbuild = require('esbuild')
esbuild.build({
entryPoints: ['app.js'],
bundle: true,
outfile: 'out.js',
plugins: [ddPlugin],
platform: 'node', // allows built-in modules to be required
target: ['node18']
}).catch((err) => {
console.error(err)
process.exit(1)
})
If you have found a security issue, please contact the security team directly at security@datadoghq.com.
FAQs
Datadog APM tracing client for JavaScript
We found that dd-trace demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team uncovered a malicious Python package typosquatting the popular 'fabric' SSH library, silently exfiltrating AWS credentials from unsuspecting developers.
Security News
At its inaugural meeting, the JSR Working Group outlined plans for an open governance model and a roadmap to enhance JavaScript package management.
Security News
Research
An advanced npm supply chain attack is leveraging Ethereum smart contracts for decentralized, persistent malware control, evading traditional defenses.