securenow 5.6.1 → 5.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/NPM_README.md +65 -15
- package/README.md +72 -24
- package/cli/run.js +133 -0
- package/cli.js +22 -1
- package/docs/INDEX.md +14 -3
- package/docs/NUXT-GUIDE.md +166 -0
- package/nextjs-webpack-config.js +77 -0
- package/nuxt-server-plugin.mjs +400 -0
- package/nuxt.d.ts +60 -0
- package/nuxt.mjs +75 -0
- package/package.json +21 -4
- package/register.js +39 -4
- package/tracing.js +11 -6
package/register.js
CHANGED
|
@@ -1,14 +1,49 @@
|
|
|
1
|
-
// securenow/
|
|
1
|
+
// securenow/register.js — the only preload customers need:
|
|
2
|
+
// node --require securenow/register app.js
|
|
3
|
+
//
|
|
4
|
+
// For ESM apps ("type": "module"), this file auto-registers the
|
|
5
|
+
// OpenTelemetry ESM loader hook via module.register() (Node >=20.6).
|
|
6
|
+
// On older Node versions it falls back to a warning.
|
|
2
7
|
'use strict';
|
|
3
8
|
|
|
4
|
-
//
|
|
9
|
+
// 1. load .env before anything else
|
|
5
10
|
try {
|
|
6
11
|
require('dotenv').config();
|
|
7
12
|
console.log('[securenow] dotenv loaded from', process.env.DOTENV_CONFIG_PATH || '.env');
|
|
8
13
|
} catch (e) {
|
|
9
|
-
// dotenv is optional — only warn if it’s missing
|
|
10
14
|
console.warn('[securenow] dotenv not found or failed to load');
|
|
11
15
|
}
|
|
12
16
|
|
|
13
|
-
//
|
|
17
|
+
// 2. Auto-register the ESM loader hook so customers never need --import
|
|
18
|
+
(() => {
|
|
19
|
+
try {
|
|
20
|
+
const fs = require('fs');
|
|
21
|
+
const path = require('path');
|
|
22
|
+
const pkgPath = path.resolve(process.cwd(), 'package.json');
|
|
23
|
+
if (!fs.existsSync(pkgPath)) return;
|
|
24
|
+
|
|
25
|
+
const pkg = JSON.parse(fs.readFileSync(pkgPath, 'utf8'));
|
|
26
|
+
if (pkg.type !== 'module') return;
|
|
27
|
+
|
|
28
|
+
// Already registered via --import?
|
|
29
|
+
const execArgv = process.execArgv.join(' ');
|
|
30
|
+
if (execArgv.includes('hook.mjs') || execArgv.includes('import-in-the-middle')) return;
|
|
31
|
+
|
|
32
|
+
// Node >=20.6 exposes module.register() for programmatic ESM hooks
|
|
33
|
+
const mod = require('node:module');
|
|
34
|
+
if (typeof mod.register !== 'function') {
|
|
35
|
+
console.warn('[securenow] ESM app detected but Node %s lacks module.register().', process.version);
|
|
36
|
+
console.warn('[securenow] Upgrade to Node >=20.6 or add: --import @opentelemetry/instrumentation/hook.mjs');
|
|
37
|
+
return;
|
|
38
|
+
}
|
|
39
|
+
|
|
40
|
+
const { pathToFileURL } = require('node:url');
|
|
41
|
+
mod.register('@opentelemetry/instrumentation/hook.mjs', pathToFileURL(__filename));
|
|
42
|
+
console.log('[securenow] ESM loader hook auto-registered (module.register)');
|
|
43
|
+
} catch (_) {
|
|
44
|
+
// Non-fatal — tracing.js will show its own ESM warning if the hook is missing
|
|
45
|
+
}
|
|
46
|
+
})();
|
|
47
|
+
|
|
48
|
+
// 3. Run the OTel SDK setup
|
|
14
49
|
require('./tracing');
|
package/tracing.js
CHANGED
|
@@ -3,7 +3,9 @@
|
|
|
3
3
|
/**
|
|
4
4
|
* Preload with: node --require securenow/register app.js
|
|
5
5
|
*
|
|
6
|
-
*
|
|
6
|
+
* Works for both CJS and ESM apps. On Node >=20.6 the ESM loader hook is
|
|
7
|
+
* auto-registered via module.register() — no --import flag needed.
|
|
8
|
+
* On Node 18 with "type": "module", add the hook manually:
|
|
7
9
|
* node --import @opentelemetry/instrumentation/hook.mjs --require securenow/register app.js
|
|
8
10
|
*
|
|
9
11
|
* Env:
|
|
@@ -101,6 +103,9 @@ function redactGraphQLQuery(query, sensitiveFields = DEFAULT_SENSITIVE_FIELDS) {
|
|
|
101
103
|
}
|
|
102
104
|
|
|
103
105
|
// -------- ESM detection --------
|
|
106
|
+
// register.js auto-registers the hook via module.register() on Node >=20.6.
|
|
107
|
+
// This warning only fires if BOTH --import AND module.register() were skipped
|
|
108
|
+
// (e.g. Node 18, or require('securenow/tracing') called directly without register.js).
|
|
104
109
|
(() => {
|
|
105
110
|
try {
|
|
106
111
|
const fs = require('fs');
|
|
@@ -110,11 +115,11 @@ function redactGraphQLQuery(query, sensitiveFields = DEFAULT_SENSITIVE_FIELDS) {
|
|
|
110
115
|
const pkg = JSON.parse(fs.readFileSync(pkgPath, 'utf8'));
|
|
111
116
|
if (pkg.type === 'module') {
|
|
112
117
|
const execArgv = process.execArgv.join(' ');
|
|
113
|
-
const
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
console.warn('[securenow]
|
|
117
|
-
console.warn('[securenow]
|
|
118
|
+
const hasCliHook = execArgv.includes('hook.mjs') || execArgv.includes('import-in-the-middle');
|
|
119
|
+
const hasModuleRegister = typeof require('node:module').register === 'function';
|
|
120
|
+
if (!hasCliHook && !hasModuleRegister) {
|
|
121
|
+
console.warn('[securenow] ⚠️ ESM app detected ("type": "module") but no ESM loader hook available.');
|
|
122
|
+
console.warn('[securenow] Upgrade to Node >=20.6 (recommended) or add: --import @opentelemetry/instrumentation/hook.mjs');
|
|
118
123
|
}
|
|
119
124
|
}
|
|
120
125
|
}
|