npmpackage.info

Gathering detailed insights and metrics for @opentelemetry/plugin-express

Other packages similar to @opentelemetry/plugin-express

@aspecto/opentelemetry-plugin-express

0.0.99

enhanced open telemetry instrumentation for the `express` web framework

vmarchaud-ot-plugin-express

0.6.3

OpenTelemetry express automatic instrumentation package.

Gathering detailed insights and metrics for @opentelemetry/plugin-express

@opentelemetry/plugin-express - 0.15.0 | npmpackage.info

@opentelemetry/plugin-express

OpenTelemetry instrumentation for JavaScript modules

0.15.0

805

Apache-2.0

TypeScript

10.27 kB

2,351,084 7.1

Installations

npm install @opentelemetry/plugin-express

Developer Guide

BETA

Typescript

Yes

Module System

CommonJS

Min. Node Version

>=8.0.0

Node Version

14.8.0

NPM Version

lerna/3.22.1/node@v14.8.0+x64 (darwin)

Score

83.5

Supply Chain

98.1

Quality

79.3

Maintenance

100

Vulnerability

100

License

Pull Requests

Open

33

Total

2,046

Closed

484

Merged

1,529

Issues

Open

189

Total

865

Closed

676

Releases

1,906

instrumentation-restify: v0.48.1

instrumentation-restify-v0.48.1

Updated on Jun 12, 2025

instrumentation-redis: v0.49.1

instrumentation-redis-v0.49.1

Updated on Jun 12, 2025

instrumentation-net: v0.46.1

instrumentation-net-v0.46.1

Updated on Jun 12, 2025

instrumentation-mongodb: v0.55.1

instrumentation-mongodb-v0.55.1

Updated on Jun 12, 2025

instrumentation-koa: v0.50.1

instrumentation-koa-v0.50.1

Updated on Jun 12, 2025

instrumentation-hapi: v0.49.0

instrumentation-hapi-v0.49.0

Updated on Jun 12, 2025

View All 1,906 releases

Languages

TypeScript

JavaScript

Shell

TypeScript (97.58%)

JavaScript (2.42%)

Shell (0.01%)

Developer

open-telemetry

Download Statistics

Total Downloads

2,351,084

Last Day

182

Last Week

4,336

Last Month

16,910

Last Year

190,081

GitHub Statistics

Apache-2.0 License

805 Stars

2,357 Commits

584 Forks

16 Watchers

8 Branches

293 Contributors

Updated on Jul 02, 2025

Bundle Size

41.58 kB

Minified

10.27 kB

Minified + Gzipped

Bundlephobia

Maintainers

View All 293 Contributors

Package Meta Information

Latest Version

0.15.0

Package Id

@opentelemetry/plugin-express@0.15.0

Size

10.89 kB

NPM Version

lerna/3.22.1/node@v14.8.0+x64 (darwin)

Node Version

14.8.0

Published on

Apr 05, 2021

Total Downloads

Cumulative downloads

Total Downloads

2,351,084

Last Day

-41.3%

182

Compared to previous day

Last Week

-11.3%

4,336

Compared to previous week

Last Month

13.1%

16,910

Compared to previous month

Last Year

-25.1%

190,081

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

OpenTelemetry Express Instrumentation for Node.js

This module provides automatic instrumentation for express.

For automatic instrumentation see the @opentelemetry/node package.

Installation

1npm install --save @opentelemetry/plugin-express

Supported Versions

^4.0.0

Usage

OpenTelemetry Express Instrumentation allows the user to automatically collect trace data and export them to their backend of choice, to give observability to distributed systems.

To load a specific plugin (express in this case), specify it in the registerInstrumentations's configuration.

1const { NodeTracerProvider } = require('@opentelemetry/node');
2const { registerInstrumentations } = require('@opentelemetry/instrumentation');
3
4const provider = new NodeTracerProvider();
5provider.register();
6
7registerInstrumentations({
8  instrumentations: [
9    {
10      plugins: {
11        express: {
12          enabled: true,
13          // You may use a package name or absolute path to the file.
14          path: '@opentelemetry/plugin-express',
15        }
16      }
17    },
18  ],
19  tracerProvider: provider,
20});
21

To load all the supported plugins, use below approach. Each plugin is only loaded when the module that it patches is loaded; in other words, there is no computational overhead for listing plugins for unused modules.

1const { NodeTracerProvider } = require('@opentelemetry/node');
2const { registerInstrumentations } = require('@opentelemetry/instrumentation');
3
4const provider = new NodeTracerProvider();
5provider.register();
6registerInstrumentations({
7  tracerProvider: provider,
8});

See examples/express for a short example.

Caveats

Because of the way express works, it's hard to correctly compute the time taken by asynchronous middlewares and request handlers. For this reason, the time you'll see reported for asynchronous middlewares and request handlers will only represent the synchronous execution time, and not any asynchronous work.

Express Plugin Options

Express plugin has few options available to choose from. You can set the following:

Options	Type	Description
`ignoreLayers`	`IgnoreMatcher[]`	Express plugin will not trace all layers that match.
`ignoreLayersType`	`ExpressLayerType[]`	Express plugin will ignore the layers that match based on their type.

For reference, here are the three different layer type:

router is the name of express.Router()
middleware
request_handler is the name for anything thats not a router or a middleware.

Useful links

For more information on OpenTelemetry, visit: https://opentelemetry.io/
For more about OpenTelemetry JavaScript: https://github.com/open-telemetry/opentelemetry-js
For help or feedback on this project, join us in GitHub Discussions

License

Apache 2.0 - See LICENSE for more information.

No vulnerabilities found.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

10

Maintained

Determines if the project is "actively maintained".

10

Dependency-Update-Tool

Determines if the project uses a dependency update tool.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

License

Determines if the project has defined a license.

10

Security-Policy

Determines if the project has published a security policy.

10

SAST

Determines if the project uses static code analysis.

10

CI-Tests

Determines if the project runs tests before pull requests are merged.

10

Contributors

Determines if the project has a set of contributors from multiple organizations (e.g., companies).

8

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

5

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 5

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/close-stale.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/close-stale.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/close-stale.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/close-stale.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/close-stale.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/close-stale.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/codeql-analysis.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/component-owners.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/component-owners.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/label-prs.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/label-prs.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/label-prs.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/label-prs.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/peer-api.yaml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/peer-api.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-title.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/pr-title.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-please-validate.yaml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/release-please-validate.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-please.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/release-please.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-please.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/release-please.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-please.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/release-please.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-please.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/release-please.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-all-versions.pr.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/test-all-versions.pr.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-all-versions.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/test-all-versions.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-all-versions.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/test-all-versions.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-all-versions.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/test-all-versions.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-all-versions.yml:160: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/test-all-versions.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-all-versions.yml:163: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/test-all-versions.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-all-versions.yml:169: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/test-all-versions.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-test.yml:214: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/unit-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-test.yml:217: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/unit-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-test.yml:223: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/unit-test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/unit-test.yml:232: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/unit-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-test.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/unit-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-test.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/unit-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-test.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/unit-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-test.yml:173: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/unit-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-test.yml:176: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/unit-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-test.yml:182: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/unit-test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/unit-test.yml:196: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/unit-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-otel-deps.yaml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/update-otel-deps.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-otel-deps.yaml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/open-telemetry/opentelemetry-js-contrib/update-otel-deps.yaml/main?enable=pin
Warn: npmCommand not pinned by hash: .github/workflows/release-please-validate.yaml:20
Warn: npmCommand not pinned by hash: .github/workflows/release-please.yml:53
Warn: npmCommand not pinned by hash: .github/workflows/update-otel-deps.yaml:35
Info: 4 out of 39 GitHub-owned GitHubAction dependencies pinned
Info: 3 out of 7 third-party GitHubAction dependencies pinned
Info: 10 out of 13 npmCommand dependencies pinned

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Fuzzing

Determines if the project uses fuzzing.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Score

7.1

/10

Last Scanned on 2025-07-02T21:47:05Z

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More

Other packages similar to @opentelemetry/plugin-express

Other packages similar to @opentelemetry/plugin-express

@opentelemetry/plugin-express

Installations

Developer Guide

Yes

CommonJS

>=8.0.0

14.8.0

lerna/3.22.1/node@v14.8.0+x64 (darwin)

Score

Pull Requests

33

2,046

484

1,529

Issues

189

865

676

Releases

Languages

Developer

Download Statistics

GitHub Statistics

Bundle Size

41.58 kB

10.27 kB

Maintainers

Package Meta Information

Total Downloads

2,351,084

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

Dev Dependencies

OpenTelemetry Express Instrumentation for Node.js

Installation

Supported Versions

Usage

Caveats

Express Plugin Options

Useful links

License

10

10

10

10

10

10

10

10

10

10

8

5

0

0

0

0

7.1

/10