Security News
How Threat Actors are Abusing GitHub’s File Upload Feature to Host Malware
GitHub is susceptible to a CDN flaw that allows attackers to host malware on any public repository.
longjohn
Advanced tools
Readme
Long stack traces for node.js with configurable call trace length
I wrote this while trying to add long-stack-traces to my server and realizing that there were issues with support of EventEmitter::removeListener. The node HTTP Server will begin to leak callbacks and any of your own code that relies on removing listeners would not work as anticipated.
So what to do... I stole the code and rewrote it. I've added support for removeListener along with the ability to cut off the number of async calls the library will trace. I hope you like it!
Please thank tlrobinson for the initial implementation!
Longjohn collects a large amount of data in order to provide useful stack traces. While it is very helpful in development and testing environments, it is not recommended to use longjohn in production. The data collection puts a lot of strain on V8's garbage collector and can greatly slow down heavily-loaded applications.
Just npm install it!
$ npm install longjohn
To use longjohn, require it in your code (probably in some initialization code). That's all!
if (process.env.NODE_ENV !== 'production'){
require('longjohn');
}
// ... your code
longjohn.async_trace_limit = 5; // defaults to 10
longjohn.async_trace_limit = -1; // unlimited
longjohn.empty_frame = 'ASYNC CALLBACK'; // defaults to '---------------------------------------------'
As of version 0.2.9 longjonn supports source maps. Just compile your code down to javascript with source map support and run like normal.
For coffee-script, this would look like:
$ coffee --map --compile script.coffee
FAQs
Long stack traces for node.js inspired by https://github.com/tlrobinson/long-stack-traces
The npm package longjohn receives a total of 153,567 weekly downloads. As such, longjohn popularity was classified as popular.
We found that longjohn demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub is susceptible to a CDN flaw that allows attackers to host malware on any public repository.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.