npmpackage.info

Gathering detailed insights and metrics for dd-trace

Other packages similar to dd-trace

0-dd-trace-init-first-datadog-enabled

1.1.1

A package that initializes dd trace when the `DATADOG_ENABLED true` is an environment variable, (and is lexographically superior, so that it is sorted to be "first")

0-dd-trace-init-first-production

1.1.1

A package that initializes dd trace when the environment is production, (and is lexographically superior, so that it is sorted to be "first")

@datadog/libdatadog

0.2.2

Node.js binding for libdatadog

datadog-lambda-js

9.117.0

Lambda client library that supports hybrid tracing in node js

Gathering detailed insights and metrics for dd-trace

dd-trace

JavaScript APM Tracer

5.28.0

654

NOASSERTION

JavaScript

354.66 kB

372,960,288 7.3

Installations

npm install dd-trace

Score

Supply Chain

96.6

Quality

94.1

Maintenance

100

Vulnerability

85.3

License

Pull Requests

Open

111

Total

3,955

Closed

584

Merged

3,260

Issues

Open

177

Total

955

Closed

778

Releases

361

5.28.0

v5.28.0

Published on 26 Nov 2024

4.52.0

v4.52.0

Published on 26 Nov 2024

5.27.1

v5.27.1

Published on 22 Nov 2024

4.51.1

v4.51.1

Published on 22 Nov 2024

5.27.0

v5.27.0

Published on 21 Nov 2024

4.51.0

v4.51.0

Published on 21 Nov 2024

View all 361 releases

Developer

DataDog

Developer Guide

BETA

Module System

CommonJS

Min. Node Version

>=18

Typescript Support

No

Node Version

18.20.5

NPM Version

10.8.2 Statistics

654 Stars

2,952 Commits

309 Forks

583 Watching

224 Branches

441 Contributors

Updated on 28 Nov 2024

Bundle Size

1.27 MB

Minified

354.66 kB

Minified + Gzipped

Bundlephobia

Languages

JavaScript (99.68%)

Shell (0.13%)

HTML (0.1%)

Gherkin (0.04%)

Dockerfile (0.03%)

TypeScript (0.03%)

Total Downloads

Cumulative downloads

Total Downloads

372,960,288

Last day

-20.7%

520,690

Compared to previous day

Last week

0.2%

3,238,832

Compared to previous week

Last month

13,600,418

Compared to previous month

Last year

15.1%

125,418,239

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Versions

`dd-trace`: Node.js APM Tracer Library

dd-trace is an npm package that you can install in your Node.js application to capture APM (Application Performance Monitoring) data. In Datadog terminology this library is called a Tracer. This data is then sent off to a process which collects and aggregates the data, called an Agent. Finally the data is sent off to the Datadog servers where it's stored and made available for querying in a myriad of ways, such as displaying in a dashboard or triggering alerts.

Tracer, Agent, Datadog relationship diagram

Documentation

Most of the documentation for dd-trace is available on these webpages:

Tracing Node.js Applications - most project documentation, including setup instructions
Configuring the NodeJS Tracing Library - environment variables and config options
API Documentation - method signatures, plugin list, and some usage examples
APM Terms and Concepts - a glossary of concepts applicable across all languages

Version Release Lines and Maintenance

Release Line	Node.js	Status	Initial Release	End of Life
`v1`	`>= v12`	End of Life	2021-07-13	2022-02-25
`v2`	`>= v12`	End of Life	2022-01-28	2023-08-15
`v3`	`>= v14`	End of Life	2022-08-15	2024-05-15
`v4`	`>= v16`	Maintenance	2023-05-12	2025-01-11
`v5`	`>= v18`	Current	2024-01-11	Unknown

We currently maintain two release lines, namely v5, and v4. Features and bug fixes that are merged are released to the v5 line and, if appropriate, also v4.

For any new projects it is recommended to use the v5 release line:

1$ npm install dd-trace
2$ yarn add dd-trace

However, existing projects that already use the v4 release line, or projects that need to support EOL versions of Node.js, may continue to use these release lines. This is done by specifying the version when installing the package.

1$ npm install dd-trace@4
2$ yarn add dd-trace@4

Any backwards-breaking functionality that is introduced into the library will result in an increase of the major version of the library and therefore a new release line. Such releases are kept to a minimum to reduce the pain of upgrading the library.

When a new release line is introduced the previous release line then enters maintenance mode where it will receive updates for the next year. Once that year is up the release line enters End of Life and will not receive new updates. The library also follows the Node.js LTS lifecycle wherein new release lines drop compatibility with Node.js versions that reach end of life (with the maintenance release line still receiving updates for a year).

For more information about library versioning and compatibility, see the NodeJS Compatibility Requirements page.

Changes associated with each individual release are documented on the GitHub Releases screen.

Development and Contribution

Please read the CONTRIBUTING.md document before contributing to this open source project.

EcmaScript Modules (ESM) Support

ESM support requires an additional command-line argument. Use the following to enable experimental ESM support with your application:

Node.js < v20.6

1node --loader dd-trace/loader-hook.mjs entrypoint.js

Node.js >= v20.6

1node --import dd-trace/register.js entrypoint.js

Serverless / Lambda

Note that there is a separate Lambda project, datadog-lambda-js, that is responsible for enabling metrics and distributed tracing when your application runs on Lambda. That project does depend on the dd-trace package but also adds a lot of Lambda-related niceties. If you find any issues specific to Lambda integrations then the issues may get solved quicker if they're added to that repository. That said, even if your application runs on Lambda, any core instrumentation issues not related to Lambda itself may be better served by opening an issue in this repository. Regardless of where you open the issue, someone at Datadog will try to help.

Bundling

If you would like to trace your bundled application then please read this page on bundling and dd-trace. It includes information on how to use our ESBuild plugin and includes caveats for other bundlers.

Security Vulnerabilities

Please refer to the SECURITY.md document if you have found a security issue.

Datadog With OpenTelemetery

Please refer to the Node.js Custom Instrumentation using OpenTelemetry API document. It includes information on how to use the OpenTelemetry API with dd-trace-js.

Note that our internal implementation of the OpenTelemetry API is currently set within the version range >=1.0.0 <1.9.0. This range will be updated at a regular cadence therefore, we recommend updating your tracer to the latest release to ensure up to date support.

No vulnerabilities found.

10

Maintained

Determines if the project is "actively maintained".

10

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

10

Security-Policy

Determines if the project has published a security policy.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Packaging

Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.

10

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

9

License

Determines if the project has defined a license.

8

SAST

Determines if the project uses static code analysis.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

Reason

detected GitHub workflow tokens with excessive permissions

Details

Info: jobLevel 'checks' permission set to 'read': .github/workflows/all-green.yml:13
Info: jobLevel 'contents' permission set to 'read': .github/workflows/all-green.yml:14
Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql-analysis.yml:26
Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:27
Warn: jobLevel 'contents' permission set to 'write': .github/workflows/rebase-release-proposal.yml:19
Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release-3.yml:18
Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release-4.yml:18
Info: jobLevel 'pull-requests' permission set to 'read': .github/workflows/release-4.yml:19
Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release-dev.yml:11
Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release-latest.yml:18
Info: jobLevel 'pull-requests' permission set to 'read': .github/workflows/release-latest.yml:19
Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release-latest.yml:44
Info: jobLevel 'contents' permission set to 'read': .github/workflows/serverless-integration-test.yml:12
Warn: no topLevel permission defined: .github/workflows/all-green.yml:1
Warn: no topLevel permission defined: .github/workflows/appsec.yml:1
Warn: no topLevel permission defined: .github/workflows/ci-visibility-performance.yml:1
Warn: no topLevel permission defined: .github/workflows/codeql-analysis.yml:1
Warn: no topLevel permission defined: .github/workflows/core.yml:1
Warn: no topLevel permission defined: .github/workflows/datadog-static-analysis.yml:1
Warn: no topLevel permission defined: .github/workflows/debugger.yml:1
Warn: no topLevel permission defined: .github/workflows/lambda.yml:1
Warn: no topLevel permission defined: .github/workflows/llmobs.yml:1
Warn: no topLevel permission defined: .github/workflows/package-size.yml:1
Warn: no topLevel permission defined: .github/workflows/plugins.yml:1
Warn: no topLevel permission defined: .github/workflows/pr-labels.yml:1
Warn: no topLevel permission defined: .github/workflows/prepare-release-proposal.yml:1
Warn: no topLevel permission defined: .github/workflows/profiling.yml:1
Warn: no topLevel permission defined: .github/workflows/project.yml:1
Warn: no topLevel permission defined: .github/workflows/rebase-release-proposal.yml:1
Warn: no topLevel permission defined: .github/workflows/release-3.yml:1
Warn: no topLevel permission defined: .github/workflows/release-4.yml:1
Warn: no topLevel permission defined: .github/workflows/release-dev.yml:1
Warn: no topLevel permission defined: .github/workflows/release-latest.yml:1
Warn: no topLevel permission defined: .github/workflows/release-proposal.yml:1
Warn: no topLevel permission defined: .github/workflows/serverless-integration-test.yml:1
Warn: no topLevel permission defined: .github/workflows/system-tests.yml:1
Warn: no topLevel permission defined: .github/workflows/tracing.yml:1

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Warn: third-party GitHubAction not pinned by hash: .github/workflows/all-green.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/all-green.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/appsec.yml:195: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/appsec.yml:204: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/appsec.yml:248: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/appsec.yml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/appsec.yml:120: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/appsec.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/appsec.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/appsec.yml:141: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/appsec.yml:148: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/appsec.yml:161: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/appsec.yml:168: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/appsec.yml:219: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/appsec.yml:221: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/appsec.yml:229: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/appsec.yml:236: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/appsec.yml:243: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/appsec.yml:274: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/appsec.yml:281: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/appsec.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/appsec.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/appsec.yml:181: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/appsec.yml:188: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/appsec.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/appsec.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/appsec.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/appsec.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/appsec.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/appsec.yml:127: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/appsec.yml:134: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/appsec.yml:260: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/appsec.yml:267: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/appsec.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/appsec.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/appsec.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-visibility-performance.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/ci-visibility-performance.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/core.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/core.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/core.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/core.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/datadog-static-analysis.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/datadog-static-analysis.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/datadog-static-analysis.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/datadog-static-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/debugger.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/debugger.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/debugger.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/debugger.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lambda.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/lambda.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/lambda.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/lambda.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/llmobs.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/llmobs.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/llmobs.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/llmobs.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/llmobs.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/llmobs.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/llmobs.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/llmobs.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/package-size.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/package-size.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/package-size.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/package-size.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/package-size.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/package-size.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:213: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:275: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:464: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:668: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:298: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:302: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/plugins.yml:307: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:914: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:221: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:569: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/plugins.yml:579: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:598: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:229: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:512: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/plugins.yml:519: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:653: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:739: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/plugins.yml:751: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:970: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/plugins.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:237: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:637: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:781: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:830: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:831: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/plugins.yml:839: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:188: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:192: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/plugins.yml:198: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:345: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/plugins.yml:357: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:440: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:714: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:731: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:410: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:615: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:645: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:862: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/plugins.yml:873: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:1035: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:1003: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/plugins.yml:1012: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:1043: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:136: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:426: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:448: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:944: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:962: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:372: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/plugins.yml:380: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:456: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:475: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:479: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/plugins.yml:485: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:978: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/plugins.yml:986: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:145: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:205: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:492: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/plugins.yml:504: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:561: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:697: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:922: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:322: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:331: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/plugins.yml:338: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:418: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:553: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:683: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/plugins.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:1027: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:114: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:259: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/plugins.yml:268: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:314: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:545: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:905: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:128: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:402: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:629: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:767: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/plugins.yml:774: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:1019: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:846: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/plugins.yml:854: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:889: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:251: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:387: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:798: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:897: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/plugins.yml:936: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/plugins.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-labels.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/pr-labels.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prepare-release-proposal.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/prepare-release-proposal.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prepare-release-proposal.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/prepare-release-proposal.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/profiling.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/profiling.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/profiling.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/profiling.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/profiling.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/profiling.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/profiling.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/profiling.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/profiling.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/profiling.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/profiling.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/profiling.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/profiling.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/profiling.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/project.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/project.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/project.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/project.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/project.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/project.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/project.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/project.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/project.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/project.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/project.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/project.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/project.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/project.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/project.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/project.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/project.yml:116: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/project.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/project.yml:119: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/project.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/project.yml:137: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/project.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/project.yml:140: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/project.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/project.yml:150: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/project.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/project.yml:158: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/project.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rebase-release-proposal.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/rebase-release-proposal.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rebase-release-proposal.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/rebase-release-proposal.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-3.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/release-3.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-3.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/release-3.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-4.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/release-4.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-4.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/release-4.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-dev.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/release-dev.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-dev.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/release-dev.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-latest.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/release-latest.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-latest.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/release-latest.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-latest.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/release-latest.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-latest.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/release-latest.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-latest.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/release-latest.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-proposal.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/release-proposal.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-proposal.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/release-proposal.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/serverless-integration-test.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/serverless-integration-test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/serverless-integration-test.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/serverless-integration-test.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/serverless-integration-test.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/serverless-integration-test.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/serverless-integration-test.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/serverless-integration-test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/system-tests.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/system-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/system-tests.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/system-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/system-tests.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/system-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/system-tests.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/system-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/system-tests.yml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/system-tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tracing.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/tracing.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/tracing.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/tracing.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tracing.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/tracing.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/tracing.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/tracing.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tracing.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/tracing.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tracing.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/tracing.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/tracing.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/DataDog/dd-trace-js/tracing.yml/master?enable=pin
Warn: containerImage not pinned by hash: benchmark/sirun/Dockerfile:2: pin your Docker image by updating ubuntu:22.04 to ubuntu:22.04@sha256:0e5e4a57c2499249aafc3b40fcd541e9a456aab7296681a3994d631587203f97
Warn: pipCommand not pinned by hash: benchmark/sirun/Dockerfile:14
Warn: downloadThenRun not pinned by hash: benchmark/sirun/Dockerfile:15
Warn: downloadThenRun not pinned by hash: benchmark/sirun/Dockerfile:30-38
Warn: npmCommand not pinned by hash: .gitlab/prepare-oci-package.sh:11
Warn: npmCommand not pinned by hash: benchmark/sirun/runall.sh:20
Warn: npmCommand not pinned by hash: .github/workflows/prepare-release-proposal.yml:48
Warn: npmCommand not pinned by hash: .github/workflows/release-proposal.yml:16
Info: 0 out of 152 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 51 third-party GitHubAction dependencies pinned
Info: 0 out of 1 containerImage dependencies pinned
Info: 0 out of 1 pipCommand dependencies pinned
Info: 0 out of 2 downloadThenRun dependencies pinned
Info: 1 out of 5 npmCommand dependencies pinned

0

Fuzzing

Determines if the project uses fuzzing.

Score

7.3

/10

Last Scanned on 2024-11-25

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More

Other packages similar to dd-trace

Other packages similar to dd-trace

dd-trace

Installations

Score

Pull Requests

111

3,955

584

3,260

Issues

177

955

778

Releases

Developer

Developer Guide

CommonJS

>=18

No

18.20.5

10.8.2

Statistics

Bundle Size

1.27 MB

354.66 kB

Languages

Total Downloads

372,960,288

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

Dev Dependencies

dd-trace: Node.js APM Tracer Library

Documentation

Version Release Lines and Maintenance

Development and Contribution

EcmaScript Modules (ESM) Support

Serverless / Lambda

Bundling

Security Vulnerabilities

Datadog With OpenTelemetery

10

10

10

10

10

10

10

9

8

0

0

0

0

7.3

/10

`dd-trace`: Node.js APM Tracer Library