Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
By Kirill Boychenko - Sep 24, 2025
lighthouse-plugin-soft-navigation
Advanced tools
lighthouse-plugin-soft-navigation
Lighthouse plugin that reports metrics such as LCP and FCP from a soft navigation.
Lighthouse Soft Navigation Plugin
This is a plugin for Lighthouse that measures metrics such as FCP and LCP in a soft navigation.
Definition
A soft navigation is a same-document navigation triggered by user interaction that mutates the DOM and updates the page URL (e.g. using the history API). You can read more about the definition of a soft navigation over in WICG/softnavigations.
Requirements
Warning These features are necessary for this plugin to work but they are experimental and therefore subject to change without warning. I will try to keep the plugin and requirements up to date as things change.
- Use the latest Chrome Canary.
- Launch Chrome with
--enable-experimental-web-platform-featuresto enable soft navigation measurement.
Installation
Install with npm or yarn. Make sure Lighthouse and Puppeteer are installed as well.
npm install lighthouse puppeteer lighthouse-plugin-soft-navigation
yarn add lighthouse puppeteer lighthouse-plugin-soft-navigation
Usage
Include this plugin in your Lighthouse config so Lighthouse timespan mode can audit interactions that trigger a soft navigation.
import fs from 'fs';
import puppeteer from 'puppeteer';
import {startFlow} from 'lighthouse';
const browser = await puppeteer.launch({
headless: false,
args: ['--enable-experimental-web-platform-features'],
// Make sure you are using the latest Chrome Canary.
executablePath: '/path/to/chrome'
});
const page = await browser.newPage();
const config = {
extends: 'lighthouse:default',
plugins: ['lighthouse-plugin-soft-navigation'],
}
const flow = await startFlow(page, {config});
// This will trigger a hard navigation.
// This step will be like any normal navigation in the report.
await flow.navigate('https://example.com');
// Clicking `a.link` will trigger a soft navigation.
// This step will include soft navigation metrics from the plugin in the report.
await flow.startTimespan();
await page.click('a.link');
await flow.endTimespan();
const report = await flow.generateReport();
fs.saveFileSync('report.html', report);
FAQs
Package last updated on 04 Apr 2023
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025