New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
iopipe - npm Package Compare versions
Comparing version 1.4.0 to 1.5.0
| { | ||
| "name": "iopipe", | ||
| "version": "1.4.0", | ||
| "description": "IOpipe Lambda Analytics & Tracing Agent", | ||
| "main": "dist/iopipe.js", | ||
| "version": "1.5.0", | ||
| "private": false, | ||
| "description": "The IOpipe agent and plugins", | ||
| "main": "index.js", | ||
| "scripts": { | ||
| "acceptance": "npm run acceptanceDeploy && npm run acceptanceLocal && node acceptance/invoke", | ||
| "acceptanceDeploy": "sls deploy", | ||
| "acceptanceLocalCallback": "sls invoke local -f callback", | ||
| "acceptanceLocalContextSuccess": "sls invoke local -f contextSuccess", | ||
| "acceptanceLocalContextDone": "sls invoke local -f contextDone", | ||
| "acceptanceLocal": "npm run acceptanceLocalCallback && npm run acceptanceLocalContextSuccess && npm run acceptanceLocalContextDone", | ||
| "build": "npm run webpack", | ||
| "eslint": "eslint src spec acceptance", | ||
| "jest": "jest", | ||
| "prepare": "npm run build", | ||
| "prepublishOnly": "npm run build", | ||
| "test": "npm run eslint && npm run build && npm run jest && npm run testIndividualProjects", | ||
| "testIndividualProjects": "npm run projectTestPackageJsonConfig && npm run projectTestRcFileConfig", | ||
| "projectTestPackageJsonConfig": "npm run test --prefix testProjects/packageJsonConfig", | ||
| "projectTestRcFileConfig": "npm run test --prefix testProjects/rcFileConfig", | ||
| "webpack": "webpack --progress --profile --colors" | ||
| "test": "jest" | ||
| }, | ||
| "repository": { | ||
| "type": "git", | ||
| "url": "git+https://github.com/iopipe/iopipe.git" | ||
| "url": "git+https://github.com/iopipe/iopipe-js.git" | ||
| }, | ||
| "files": [ | ||
| "dist/" | ||
| ], | ||
| "keywords": [ | ||
@@ -38,3 +21,4 @@ "serverless", | ||
| "tracing", | ||
| "distributed tracing" | ||
| "distributed tracing", | ||
| "profiling" | ||
| ], | ||
@@ -44,50 +28,16 @@ "author": "IOpipe <dev@iopipe.com>", | ||
| "bugs": { | ||
| "url": "https://github.com/iopipe/iopipe/issues" | ||
| "url": "https://github.com/iopipe/iopipe-js/issues" | ||
| }, | ||
| "homepage": "https://github.com/iopipe/iopipe#readme", | ||
| "homepage": "https://github.com/iopipe/the-meta-package#readme", | ||
| "engines": { | ||
| "node": ">=4.3.2" | ||
| }, | ||
| "dependencies": { | ||
| "@iopipe/config": "^0.3.0", | ||
| "@iopipe/core": "^1.5.0" | ||
| }, | ||
| "devDependencies": { | ||
| "@iopipe/trace": "^0.3.0", | ||
| "aws-lambda-mock-context": "^3.0.0", | ||
| "aws-sdk": "^2.164.0", | ||
| "babel-core": "^6.25.0", | ||
| "babel-eslint": "^7.2.3", | ||
| "babel-loader": "^7.1.1", | ||
| "babel-plugin-transform-runtime": "^6.23.0", | ||
| "babel-preset-env": "^1.6.0", | ||
| "babel-runtime": "^6.26.0", | ||
| "coveralls": "^2.11.12", | ||
| "delay": "^2.0.0", | ||
| "eslint": "^3.12.2", | ||
| "eslint-plugin-jasmine": "^2.5.0", | ||
| "eslint-plugin-jest": "^20.0.3", | ||
| "eslint-plugin-prettier": "^2.1.2", | ||
| "flat": "^2.0.1", | ||
| "is-ip": "^2.0.0", | ||
| "istanbul": "^0.4.4", | ||
| "jest": "^20.0.4", | ||
| "lodash": "^4.17.4", | ||
| "lodash.every": "^4.6.0", | ||
| "pre-commit": "^1.2.2", | ||
| "prettier": "^1.5.2", | ||
| "serverless": "^1.24.1", | ||
| "webpack": "^3.2.0", | ||
| "webpack-bundle-analyzer": "^2.9.1", | ||
| "webpack-node-externals": "^1.6.0" | ||
| }, | ||
| "pre-commit": [ | ||
| "test" | ||
| ], | ||
| "jest": { | ||
| "testPathIgnorePatterns": [ | ||
| "node_modules/", | ||
| "dist/", | ||
| "testProjects/" | ||
| ] | ||
| }, | ||
| "dependencies": { | ||
| "cosmiconfig": "^3.1.0" | ||
| "jest": "^22.1.4", | ||
| "lodash": "^4.17.4" | ||
| } | ||
| } |
112
README.md
@@ -1,115 +0,43 @@ | ||
| IOpipe Analytics & Distributed Tracing Agent | ||
| -------------------------------------------- | ||
| [](https://coveralls.io/github/iopipe/iopipe?branch=master) | ||
| [](https://badge.fury.io/js/iopipe) | ||
| [](https://github.com/prettier/prettier) | ||
| IOpipe Agent & Tracing Plugin | ||
| ----------------------------- | ||
| This package provides analytics and distributed tracing for event-driven applications running on AWS Lambda. | ||
| [](https://badge.fury.io/js/%40iopipe%2Fiopipe) | ||
| [](https://iopipe-community.slack.com/) | ||
| This package provides the IOpipe agent and the tracing plugin pre-bundled. | ||
| # Installation & usage | ||
| Install by requiring this module, passing it an object with your project token ([register for access](https://www.iopipe.com)), and it will automatically monitor and collect metrics from your applications running on AWS Lambda. | ||
| Install via npm: | ||
| If you are using the Serverless Framework to deploy your lambdas, check out our [serverless plugin](https://github.com/iopipe/serverless-plugin-iopipe). | ||
| Example: | ||
| ```js | ||
| const iopipeLib = require('iopipe'); | ||
| const iopipe = iopipeLib({ token: 'PROJECT_TOKEN' }); | ||
| exports.handler = iopipe((event, context) => { | ||
| context.succeed('This is my serverless function!'); | ||
| }); | ||
| ```bash | ||
| npm install --save @iopipe/iopipe | ||
| ``` | ||
| # Configuration | ||
| Or via yarn: | ||
| ## Methods | ||
| You can configure your iopipe setup through one or more different methods - that can be mixed, providing a config chain. The current methods are listed below, in order of precendence. The module instantiation object overrides all other config values (if values are provided). | ||
| 1. Module instantiation object | ||
| 2. IOPIPE_* environment variables | ||
| 3. [An iopipe package.json entry](#packagejson-configuration) | ||
| 4. Default values | ||
| ## Options | ||
| #### `token` (string: required) | ||
| If not supplied, the environment variable `$IOPIPE_TOKEN` will be used if present. [Find your project token](https://dashboard.iopipe.com/install) | ||
| #### `timeoutWindow` (int: optional = 150) | ||
| By default, IOpipe will capture timeouts by exiting your function 150ms early from the AWS configured timeout, to allow time for reporting. You can disable this feature by setting `timeoutWindow` to `0` in your configuration. If not supplied, the environment variable `$IOPIPE_TIMEOUT_WINDOW` will be used if present. | ||
| ```js | ||
| const iopipe = require('iopipe')({ token: 'PROJECT_TOKEN', timeoutWindow: 0}) | ||
| ```bash | ||
| yarn add @iopipe/iopipe | ||
| ``` | ||
| #### `debug` (bool: optional = false) | ||
| Then require this module, passing it an object with your project token ([register for access](https://www.iopipe.com)), and it will automatically monitor and collect metrics from your applications running on AWS Lambda. | ||
| Debug mode will log all data sent to IOpipe servers to STDOUT. This is also a good way to evaluate the sort of data that IOpipe is receiving from your application. If not supplied, the environment variable `$IOPIPE_DEBUG` will be used if present. | ||
| If you are using the Serverless Framework to deploy your lambdas, check out our [serverless plugin](https://github.com/iopipe/serverless-plugin-iopipe). | ||
| ```js | ||
| const iopipe = require('iopipe')({ | ||
| token: 'PROJECT_TOKEN', | ||
| debug: true | ||
| }); | ||
| exports.handler = iopipe((event, context, callback) => { | ||
| // Do things here. We'll log info to STDOUT. | ||
| }); | ||
| ``` | ||
| #### `plugins` (array: optional) | ||
| Plugins can extend the functionality of IOpipe in ways that best work for you. Just follow the guides for the plugins listed below for proper usage: | ||
| - [Trace Plugin](https://github.com/iopipe/iopipe-plugin-trace) | ||
| Example: | ||
| ```js | ||
| const tracePlugin = require('@iopipe/trace'); | ||
| const iopipe = require('@iopipe/iopipe')({ token: 'PROJECT_TOKEN' }); | ||
| const iopipe = require('iopipe')({ | ||
| token: 'PROJECT_TOKEN', | ||
| plugins: [tracePlugin()] | ||
| exports.handler = iopipe((event, context) => { | ||
| context.succeed('This is my serverless function!'); | ||
| }); | ||
| exports.handler = iopipe((event, context, callback) => { | ||
| // Run your fn here | ||
| }); | ||
| ``` | ||
| ## package.json Configuration | ||
| By default this package will enable the tracing plugin. For more information on how to use Iopipe and the tracing plugin, see the documentation below: | ||
| - [IOpipe Documentation](https://github.com/iopipe/iopipe-js-core#readme) | ||
| - [IOpipe Tracing Plugin Documentation](https://github.com/iopipe/iopipe-plugin-trace#readme) | ||
| You can configure iopipe within a package.json entry. [An example of that is here](https://github.com/iopipe/iopipe/blob/master/testProjects/packageJsonConfig/package.json#L10). Config options are the same as the module instantiation object, except for plugins. Plugins should be an array containing mixed-type values. A plugin value can be a: | ||
| - String that is the name of the plugin | ||
| - Or an array with plugin name first, and plugin options second | ||
| ```json | ||
| { | ||
| "name": "my-great-package", | ||
| "dependencies": { | ||
| "@iopipe/trace": "^0.2.0", | ||
| "@iopipe/profiler": "^0.1.0" | ||
| }, | ||
| "iopipe": { | ||
| "token": "wow_token", | ||
| "plugins": [ | ||
| "@iopipe/trace", | ||
| ["@iopipe/profiler", {"enabled": true}] | ||
| ] | ||
| } | ||
| } | ||
| ``` | ||
| **IMPORTANT**: You must install the plugins as dependencies for them to load properly in your environment. | ||
| # License | ||
| Apache 2.0 |
New alerts
Deprecated
MaintenanceThe maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
Fixed alerts
Network access
Supply chain riskThis module accesses the network.
Found 2 instances in 1 package
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 6 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Improved metrics
- Dev dependency count
- decreased by-92.59%
2
- Number of package files
- increased by100%
8
- Number of low supply chain risk alerts
- decreased by-92.31%
1
- Number of medium supply chain risk alerts
- decreased by-83.33%
1
Worsened metrics
- Total package byte prevSize
- decreased by-34.03%
108483
- Dependency count
- increased by100%
2
- Lines of code
- decreased by-99.46%
22
- Number of medium maintenance alerts
- increased byInfinity%
1
- Number of lines in readme file
- decreased by-62.07%
44
Dependency changes
+ Added@iopipe/config@^0.3.0
+ Added@iopipe/core@^1.5.0
+ Added@iopipe/config@0.3.0(transitive)
+ Added@iopipe/core@1.19.5(transitive)
+ Added@iopipe/trace@0.3.0(transitive)
+ Addedcosmiconfig@4.0.0(transitive)
+ Addeddecompress-response@4.2.1(transitive)
+ Addedjson-parse-better-errors@1.0.2(transitive)
+ Addedlodash.uniqby@4.7.0(transitive)
+ Addedmimic-response@2.1.0(transitive)
+ Addedonce@1.4.0(transitive)
+ Addedparse-json@4.0.0(transitive)
+ Addedperformance-node@0.2.0(transitive)
+ Addedsimple-concat@1.0.1(transitive)
+ Addedsimple-get@3.1.1(transitive)
+ Addedwrappy@1.0.2(transitive)
- Removedcosmiconfig@^3.1.0
- Removedcosmiconfig@3.1.0(transitive)
- Removedparse-json@3.0.0(transitive)