New Relic Koa instrumentation for the Node Agent
Installations
npm install @newrelic/koaDeveloper Guide
Typescript
No
Module System
N/A
Min. Node Version
>=16.0.0
Node Version
20.11.1
NPM Version
10.2.4
Score
99.5
Supply Chain
99.5
Quality
76.7
Maintenance
100
Vulnerability
87.6
License
Releases
Contributors
Unable to fetch Contributors
Languages
JavaScript (99.27%)
Shell (0.73%)
validate.email 🚀
Verify real, reachable, and deliverable emails with instant MX records, SMTP checks, and disposable email detection.
Developer
newrelic
Download Statistics
Total Downloads
174,523,875
Last Day
65,851
Last Week
345,350
Last Month
1,519,745
Last Year
25,880,000
GitHub Statistics
Apache-2.0 License
14 Stars
449 Commits
24 Forks
14 Watchers
24 Branches
42 Contributors
Updated on Apr 24, 2024
Maintainers
Package Meta Information
Latest Version
9.1.0
Package Id
@newrelic/koa@9.1.0
Unpacked Size
412.65 kB
Size
46.18 kB
File Count
13
NPM Version
10.2.4
Node Version
20.11.1
Published on
Apr 01, 2024
Oops! Something went wrong.
New Relic Koa instrumentation
New Relic's official Koa framework instrumentation for use with the New Relic Node.js agent.
This module is a dependency of the agent and is installed by default when you install the agent.
Installation
This package is a dependency of the the Node Agent, and the average user should not need to install it manually.
For more information, please see the agent installation guide.
Getting Started
Our API and developer documentation for writing instrumentation will be of help. We particularly recommend the tutorials and various "shim" API documentation.
Usage
In addition to the Koa framework, we support additional specific routing modules.
Supported Routing Modules
- @koa/router
- koa-router
- koa-route
For more information, please see the agent compatibility and requirements.
Testing
The module includes a suite of unit and functional tests which should be used to verify that your changes don't break existing functionality.
All tests are stored in tests/ and are written using
Tap with the extension .tap.js.
To run the full suite, run: npm test.
Individual test scripts include:
npm run unit
npm run versioned
Support
Should you need assistance with New Relic products, you are in good hands with several support channels.
If the issue has been confirmed as a bug or is a feature request, please file a GitHub issue.
Support Channels
- New Relic Documentation: Comprehensive guidance for using our platform
- New Relic Community: The best place to engage in troubleshooting questions
- New Relic Developer: Resources for building a custom observability applications
- New Relic University: A range of online training for New Relic users of every level
- New Relic Technical Support 24/7/365 ticketed support. Read more about our Technical Support Offerings.
Privacy
At New Relic we take your privacy and the security of your information seriously, and are committed to protecting your information. We must emphasize the importance of not sharing personal data in public forums, and ask all users to scrub logs and diagnostic information for sensitive information, whether personal, proprietary, or otherwise.
We define “Personal Data” as any information relating to an identified or identifiable individual, including, for example, your name, phone number, post code or zip code, Device ID, IP address and email address.
For more information, review New Relic’s General Data Privacy Notice.
Contribute
We encourage your contributions to improve the koa instrumentation module! Keep in mind when you submit your pull request, you'll need to sign the CLA via the click-through using CLA-Assistant. You only have to sign the CLA one time per project.
If you have any questions, or to execute our corporate CLA, required if your contribution is on behalf of a company, please drop us an email at opensource@newrelic.com.
A note about vulnerabilities
As noted in our security policy, New Relic is committed to the privacy and security of our customers and their data. We believe that providing coordinated disclosure by security researchers and engaging with the security community are important means to achieve our security goals.
If you believe you have found a security vulnerability in this project or any of New Relic's products or websites, we welcome and greatly appreciate you reporting it to New Relic through HackerOne.
If you would like to contribute to this project, review these guidelines.
To all contributors, we thank you! Without your contribution, this project would not be what it is today. We also host a community project page dedicated to New Relic Koa (Node).
License
New Relic Koa instrumentation is licensed under the Apache 2.0 License.
New Relic Koa instrumentation also uses source code from third-party libraries. You can find full details on which libraries are used and the terms under which they are licensed in the third-party notices document.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0
Reason
security policy file detected
Details
- Info: security policy file detected: github.com/newrelic/.github/SECURITY.md:1
- Info: Found linked content: github.com/newrelic/.github/SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/newrelic/.github/SECURITY.md:1
- Info: Found text in security policy: github.com/newrelic/.github/SECURITY.md:1
Reason
Found 10/12 approved changesets -- score normalized to 8
Reason
branch protection is not maximal on development and all release branches
Details
- Info: 'allow deletion' disabled on branch 'main'
- Info: 'force pushes' disabled on branch 'main'
- Warn: 'branch protection settings apply to administrators' is disabled on branch 'main'
- Info: 'stale review dismissal' is required to merge on branch 'main'
- Warn: required approving review count is 1 on branch 'main'
- Warn: codeowners review is not required on branch 'main'
- Warn: 'last push approval' is disabled on branch 'main'
- Info: status check found to merge onto on branch 'main'
- Info: PRs are required in order to make changes on branch 'main'
Reason
SAST tool is not run on all commits -- score normalized to 4
Details
- Warn: 13 commits out of 28 are checked with a SAST tool
Reason
project is archived
Details
- Warn: Repository is archived.
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-workflow.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/newrelic/node-newrelic-koa/ci-workflow.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-workflow.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/newrelic/node-newrelic-koa/ci-workflow.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-workflow.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/newrelic/node-newrelic-koa/ci-workflow.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-workflow.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/newrelic/node-newrelic-koa/ci-workflow.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-workflow.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/newrelic/node-newrelic-koa/ci-workflow.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-workflow.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/newrelic/node-newrelic-koa/ci-workflow.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-workflow.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/newrelic/node-newrelic-koa/ci-workflow.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-workflow.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/newrelic/node-newrelic-koa/ci-workflow.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/repolinter.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/newrelic/node-newrelic-koa/repolinter.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/repolinter.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/newrelic/node-newrelic-koa/repolinter.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/repolinter.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/newrelic/node-newrelic-koa/repolinter.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/validate-pr.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/newrelic/node-newrelic-koa/validate-pr.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/validate-pr.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/newrelic/node-newrelic-koa/validate-pr.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/validate-pr.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/newrelic/node-newrelic-koa/validate-pr.yml/main?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/ci-workflow.yml:21
- Warn: npmCommand not pinned by hash: .github/workflows/ci-workflow.yml:41
- Warn: npmCommand not pinned by hash: .github/workflows/ci-workflow.yml:66
- Info: 0 out of 8 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 6 third-party GitHubAction dependencies pinned
- Info: 0 out of 3 npmCommand dependencies pinned
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/add-to-board.yml:1
- Warn: no topLevel permission defined: .github/workflows/ci-workflow.yml:1
- Warn: no topLevel permission defined: .github/workflows/create-release.yml:1
- Warn: no topLevel permission defined: .github/workflows/prepare-release.yml:1
- Warn: no topLevel permission defined: .github/workflows/repolinter.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
12 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-7v5v-9h63-cj86
- Warn: Project is vulnerable to: GHSA-8hc4-vh64-cxmj
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-593f-38f6-jp5m
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-rxrc-rgv4-jpvx
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Score
4.6
/10
Last Scanned on 2025-03-03
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn MoreOther packages similar to @newrelic/koa
koa-newrelic
Koa middleware to allow Newrelic monitor Koa applications
koa-router-newrelic
``koa-router-newrelic`` sets the transation name(s) matched by ``koa-router``.
koa-newrelic-route
Explicity set a name to each newrelic transaction according to the matching Koa route
koa-router-newrelic-grouper
middleware for Newrelic APM route grouping for apps using koa-router