
Security News
PolinRider: North Korea-Linked Supply Chain Campaign Expands Across Open Source Ecosystems
PolinRider expands across npm, Packagist, Go modules, and Chrome extensions, using hidden loaders to target developer environments.
hyper-dht-prometheus
Advanced tools
A bridge to scrape Prometheus metrics from self-registering services, all using direct, end-to-end encrypted peer-to-peer connections (not http).
Service discovery is done with a decentralised hash table (HyperDHT). This means that both this service and the clients it scrapes can live behind a firewall and need no reverse proy nor DNS entries.
An advantage is the small amount of configuration required. Clients register themselves with the hyper-dht-prometheus service, so no manual list of targets needs to be maintained. All a client needs to register itself, is the hyper-dht-prometheus service's public key, and a shared secret.
hyper-dht-prometheus is meant to be deployed alongside Prometheus. It manages a single targets.json file referenced from the main prometheus configuration (See prometheus/prometheus.yml for an example).
The hyper-dht-prometheus service fulfils two complementary roles:
targets.json file with aliases to all services which Prometheus should scrape.Configuration is done through environment variables:
HYPER_DHT_PROM_KEY_PAIR_SEED: 32-byte seed passed to HyperDHT.keyPair(), set as hex or z32. Set this to have a consistent public key (otherwise random, which is only useful for tests).HYPER_DHT_PROM_SHARED_SECRET: 32-byte secret key, set as hex or z32.HYPER_DHT_PROM_LOG_LEVEL: defaults to infoHYPER_DHT_PROM_HTTP_PORT: port where the http server listens. Defaults to a random port.HYPER_DHT_PROM_HTTP_HOST: host where the http server listens. Defaults to 127.0.0.1Install:
npm i -g hyper-dht-prometheus
Run:
HYPER_DHT_PROM_PROMETHEUS_TARGETS_LOC=path/to/prometheus/targets.json HYPER_DHT_PROM_HTTP_PORT=30000 HYPER_DHT_PROM_SHARED_SECRET=<A 64 character hex string> hyper-dht-prometheus
npm test
Integration tests are also included:
npm run integration
Note: the integration tests run ./prep-integration-test.sh, which downloads Prometheus and copies the executable to the ./prometheus directory.
Forked on 2026-06-17 from https://gitlab.com/dcent-tech/dht-prometheus/, licensed under Apache-2.0. See NOTICE.
FAQs
Bridge to scrape Prometheus metrics fully peer to peer
We found that hyper-dht-prometheus demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Security News
PolinRider expands across npm, Packagist, Go modules, and Chrome extensions, using hidden loaders to target developer environments.

Security News
Open source attacks are accelerating as AI coding agents pull in dependencies faster, with less human review.

Research
/Security News
Malicious Chrome and Firefox extensions posed as free VPNs while stealing clipboard data through later extension updates.