Gathering detailed insights and metrics for @newrelic/superagent
Gathering detailed insights and metrics for @newrelic/superagent
New Relic SuperAgent instrumentation for the Node Agent
Installations
npm install @newrelic/superagentDeveloper Guide
BETA
Typescript
No
Module System
N/A
Min. Node Version
>=16.0
Node Version
20.8.1
NPM Version
10.1.0
Score
99.5
Supply Chain
93.9
Quality
75.6
Maintenance
100
Vulnerability
87.6
License
Releases
9
Languages
2
JavaScript
Shell
JavaScript (92.79%)
Shell (7.21%)
Developer
newrelic
Download Statistics
Total Downloads
169,612,894
Last Day
59,333
Last Week
312,502
Last Month
1,283,344
Last Year
21,680,185
GitHub Statistics
Apache-2.0 License
254 Commits
13 Forks
14 Watchers
13 Branches
36 Contributors
Updated on Apr 24, 2024
Maintainers
1
Package Meta Information
Latest Version
7.0.1
Package Id
@newrelic/superagent@7.0.1
Unpacked Size
391.70 kB
Size
40.70 kB
File Count
10
NPM Version
10.1.0
Node Version
20.8.1
Published on
Oct 25, 2023
Total Downloads
Cumulative downloads
Total Downloads
169,612,894
New Relic SuperAgent instrumentation
New Relic's official SuperAgent framework instrumentation for use with the New Relic Node.js agent.
This module is a dependency of the agent and is installed by default when you install the agent.
Installation and Getting Started
This package is a dependency of the the Node.js Agent, and should not need to install it manually.
For more information, please see the agent installation guide and compatibility and requirements.
Our API and developer documentation for writing instrumentation will be of help. We particularly recommend the tutorials and various "shim" API documentation.
Testing
The module includes a suite of unit and functional tests which should be used to verify that your changes don't break existing functionality.
All tests are stored in tests/ and are written using
Node-Tap with the extension .tap.js.
To run the full suite, run: npm test.
Individual test scripts include:
npm run unit
npm run versioned
Support
Should you need assistance with New Relic products, you are in good hands with several support channels.
If the issue has been confirmed as a bug or is a feature request, please file a GitHub issue.
Support Channels
- New Relic Documentation: Comprehensive guidance for using our platform
- New Relic Community: The best place to engage in troubleshooting questions
- New Relic Developer: Resources for building a custom observability applications
- New Relic University: A range of online training for New Relic users of every level
- New Relic Technical Support 24/7/365 ticketed support. Read more about our Technical Support Offerings.
Privacy
At New Relic we take your privacy and the security of your information seriously, and are committed to protecting your information. We must emphasize the importance of not sharing personal data in public forums, and ask all users to scrub logs and diagnostic information for sensitive information, whether personal, proprietary, or otherwise.
We define “Personal Data” as any information relating to an identified or identifiable individual, including, for example, your name, phone number, post code or zip code, Device ID, IP address and email address.
For more information, review New Relic’s General Data Privacy Notice.
Contribute
We encourage your contributions to improve the superagent instrumentation module! Keep in mind when you submit your pull request, you'll need to sign the CLA via the click-through using CLA-Assistant. You only have to sign the CLA one time per project.
If you have any questions, or to execute our corporate CLA, required if your contribution is on behalf of a company, please drop us an email at opensource@newrelic.com.
A note about vulnerabilities
As noted in our security policy, New Relic is committed to the privacy and security of our customers and their data. We believe that providing coordinated disclosure by security researchers and engaging with the security community are important means to achieve our security goals.
If you believe you have found a security vulnerability in this project or any of New Relic's products or websites, we welcome and greatly appreciate you reporting it to New Relic through HackerOne.
If you would like to contribute to this project, review these guidelines.
To all contributors, we thank you! Without your contribution, this project would not be what it is today. We also host a community project page dedicated to New Relic SuperAgent (Node).
License
New Relic SuperAgent instrumentation is licensed under the Apache 2.0 License.
New Relic SuperAgent instrumentation also uses source code from third-party libraries. You can find full details on which libraries are used and the terms under which they are licensed in the third-party notices document.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
all changesets reviewed
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0
Reason
security policy file detected
Details
- Info: security policy file detected: github.com/newrelic/.github/SECURITY.md:1
- Info: Found linked content: github.com/newrelic/.github/SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/newrelic/.github/SECURITY.md:1
- Info: Found text in security policy: github.com/newrelic/.github/SECURITY.md:1
Reason
branch protection is not maximal on development and all release branches
Details
- Info: 'allow deletion' disabled on branch 'main'
- Info: 'force pushes' disabled on branch 'main'
- Warn: 'branch protection settings apply to administrators' is disabled on branch 'main'
- Info: 'stale review dismissal' is required to merge on branch 'main'
- Warn: required approving review count is 1 on branch 'main'
- Warn: codeowners review is not required on branch 'main'
- Warn: 'last push approval' is disabled on branch 'main'
- Info: status check found to merge onto on branch 'main'
- Info: PRs are required in order to make changes on branch 'main'
Reason
project is archived
Details
- Warn: Repository is archived.
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/add-to-board.yml:1
- Warn: no topLevel permission defined: .github/workflows/ci-workflow.yml:1
- Warn: no topLevel permission defined: .github/workflows/create-release.yml:1
- Warn: no topLevel permission defined: .github/workflows/prepare-release.yml:1
- Warn: no topLevel permission defined: .github/workflows/repolinter.yml:1
- Info: no jobLevel write permissions found
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-workflow.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/newrelic/node-newrelic-superagent/ci-workflow.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-workflow.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/newrelic/node-newrelic-superagent/ci-workflow.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-workflow.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/newrelic/node-newrelic-superagent/ci-workflow.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-workflow.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/newrelic/node-newrelic-superagent/ci-workflow.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-workflow.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/newrelic/node-newrelic-superagent/ci-workflow.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-workflow.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/newrelic/node-newrelic-superagent/ci-workflow.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-workflow.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/newrelic/node-newrelic-superagent/ci-workflow.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-workflow.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/newrelic/node-newrelic-superagent/ci-workflow.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/repolinter.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/newrelic/node-newrelic-superagent/repolinter.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/repolinter.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/newrelic/node-newrelic-superagent/repolinter.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/repolinter.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/newrelic/node-newrelic-superagent/repolinter.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/validate-pr.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/newrelic/node-newrelic-superagent/validate-pr.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/validate-pr.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/newrelic/node-newrelic-superagent/validate-pr.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/validate-pr.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/newrelic/node-newrelic-superagent/validate-pr.yml/main?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/ci-workflow.yml:41
- Warn: npmCommand not pinned by hash: .github/workflows/ci-workflow.yml:66
- Warn: npmCommand not pinned by hash: .github/workflows/ci-workflow.yml:21
- Info: 0 out of 8 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 6 third-party GitHubAction dependencies pinned
- Info: 0 out of 3 npmCommand dependencies pinned
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 30 are checked with a SAST tool
Reason
15 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-7v5v-9h63-cj86
- Warn: Project is vulnerable to: GHSA-8hc4-vh64-cxmj
- Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-rxrc-rgv4-jpvx
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-pq67-2wwv-3xjx
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Score
4.5
/10
Last Scanned on 2025-04-28
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More