sandbox-debugger
Advanced tools
Debug a Node.js process anywhere using chrome://inspect or node-inspect
| node debug port 9229 | ⟷ | sandbox debug client | ⟷ | sandbox debug broker |
|---|
Interactive debugging using inspect, debug the same way you do with a local process.
Supports a Node.js process running
How it works?
Node opens a websocket when in debug mode, both the sandbox server and client work by piping the websocket data via the broker.
The server is used as a gatekeeper for the debug messages.
npx sandbox-debugger-server
or
ᐅ docker run \
--name sandbox-debugger \
-ti \
--rm \
-p 9229:9229 \
jameskyburz/sandbox-debugger
The server will output
Debug server started!
- To debug a new process:
export DEBUG_PROXY=xxx.xxx.x.xxx:9229
node index.js
- To debug an existing process:
export DEBUG_PROXY=xxx.xxx.x.xxx:9229
export DEBUG_PID=<pid of node process>
npx sandbox-debugger
- Find pid of first running Node.js process
ps ax |
grep 'no[d]e ' |
awk '{print $1}' |
head -n 1
- Allow remote access to me:
npx ngrok http 9229
Using ngrok you can tunnel to the locally running broker from for example aws lambda.
npx ngrok http 9229
// index.js
require('sandbox-debugger')
debugger
console.log('all done')
# DEBUG_PROXY is ip:port to sandbox broker
DEBUG_PROXY=ip:port node index.js
# DEBUG_PROXY is ip:port to sandbox broker
# DEBUG_PID is pid of process to debug
DEBUG_PROXY=ip:port DEBUG_PID=x npx sandbox-debugger
Environment variable DEBUG_PROXY needs to point to the ngrok address including the port part :80.
The easiest way to debug lambda is to edit the code in aws console.
https://unpkg.com/sandbox-debugger@latest/dist/index.js to debug.jsrequire('./debug.js') instead of sandbox-debuggeror
Use a lambda layer containing the sandbox-debugger, you can publish your own for node 12 here and also node 10 here.
FAQs
sandbox debugger client for node
The npm package sandbox-debugger receives a total of 93 weekly downloads. As such, sandbox-debugger popularity was classified as not popular.
We found that sandbox-debugger demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
npm confirmed a tooling bug incorrectly marked several one-character packages as security holders and said it was working on a rollback.
Research
/Security News
Newer packages in this compromise use native extensions and .pth loaders to execute JavaScript stealers in developer environments.
Research
Socket found 37 malicious PyPI wheels that abuse Python startup hooks to launch a Bun-powered credential stealer tied to Mini Shai-Hulud/Miasma.