npmpackage.info

Gathering detailed insights and metrics for express-rtracer

Other packages similar to express-rtracer

cls-rtracer

2.6.3

Express & Koa middlewares and Fastify & Hapi plugins for CLS-based request id generation, batteries included

@cjanietz/cls-rtracer

2.6.0

Express & Koa middlewares and Fastify & Hapi plugins for CLS-based request id generation, batteries included

Gathering detailed insights and metrics for express-rtracer

express-rtracer - 1.0.1 | npmpackage.info

express-rtracer

Express Request Tracer - a middleware for CLS-based request id generation, batteries included

1.0.1

MIT

JavaScript

11.13 kB

2,391 1.7

Installations

npm install express-rtracer

Developer Guide

BETA

Typescript

No

Module System

CommonJS

Min. Node Version

>=8.0.0 - <10.0.0 || >=10.4.0

Node Version

10.13.0

NPM Version

6.4.1 Score

62.5

Supply Chain

98.7

Quality

73.8

Maintenance

100

Vulnerability

100

License

Pull Requests

Open

0

Total

0

Closed

0

Issues

Open

0

Total

0

Closed

0

Releases

Unable to fetch releases

Languages

JavaScript

JavaScript (100%)

Developer

puzpuzpuz

Download Statistics

Total Downloads

2,391

Last Day

Last Week

Last Month

Last Year

119

GitHub Statistics

MIT License

8 Stars

11 Commits

1 Branches

1 Contributors

Updated on Oct 30, 2022

Bundle Size

41.47 kB

Minified

11.13 kB

Minified + Gzipped

Bundlephobia

Maintainers

View All 1 Contributors

Package Meta Information

Latest Version

1.0.1

Package Id

express-rtracer@1.0.1

Unpacked Size

7.79 kB

Size

3.53 kB

File Count

NPM Version

6.4.1

Node Version

10.13.0

Total Downloads

Cumulative downloads

Total Downloads

2,391

Last Day

Compared to previous day

Last Week

Compared to previous week

Last Month

250%

Compared to previous month

Last Year

-1.7%

119

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

cls-hooked uuid

Dev Dependencies

coveralls express jest standard supertest winston

Deprecated: use cls-rtracer instead

express-rtracer

Express Request Tracer - a middleware for CLS-based request id generation, batteries included. An out-of-the-box solution for adding request id into your logs.

Automatically generates a UUID value as the id for each request and stores it in Continuation-Local Storage (CLS, see cls-hooked). If the request contains X-Request-Id header, uses its value instead. Allows to obtain the generated id anywhere in your routes later and use it for logging or any other purposes.

How to use it

Install:

1npm install --save express-rtracer

Use the middleware provided by the library before the first middleware that needs to have access to request ids. Note that some middlewares, e.g. body-parser or express-jwt, may cause CLS context to get lost. To avoid such issues, you should use any third party middleware that does not need access to request ids before you use this middleware.

1const express = require('express')
2const rTracer = require('express-rtracer')
3
4const app = express()
5// any third party middleware that does not need access to request ids goes here
6// ...
7
8app.use(rTracer.middleware())
9// you can override default middleware config:
10// app.use(rTracer.middleware({
11//   headerName: 'X-Your-Request-Header'
12// }))
13
14// all code starting from here has access to request ids

Obtain request id in middlewares on the incoming request:

1// an example middleware for a generic find entity endpoint
2app.get('/api/v1/entity/{id}', (req, res, next) => {
3  entityService.find(req.params.id)
4    .then((entity) => {
5      // you can obtain the request id here
6      const requestId = rTracer.id()
7      logger.log(`requestId: ${requestId}`)
8      
9      res.json(entity)
10    })
11    .catch(next)
12})

You can access the same request id from code that does not have access to the Express req object.

1// an imaginary entity-service.js
2async function find (entityId) {
3  // you can obtain the request id here
4  const requestId = rTracer.id()
5  // ...
6}

Integration with loggers

The main use case for this library is request id generation and logging automation. You can integrate with any logger library in a single place and get request ids in logs across your Express application.

Without having a request id, as a correlation value, in your logs, you will not be able to determine which log entries belong to the process of handling the same request. You could generate a request id manually and store it in the Express req object, but then you will have to explicitly pass req into all other modules on the route. And express-rtracer comes to the rescue!

Let's consider integration with winston, one of most popular logging libraries.

1const { createLogger, format, transports } = require('winston')
2const { combine, timestamp, printf } = format
3
4// a custom format that outputs request id
5const rTracerFormat = printf((info) => {
6  const rid = rTracer.id()
7  return rid
8    ? `${info.timestamp} [request-id:${rid}]: ${info.message}`
9    : `${info.timestamp}: ${info.message}`
10})
11
12const logger = createLogger({
13  format: combine(
14    timestamp(),
15    rTracerFormat
16  ),
17  transports: [new transports.Console()]
18})

A complete example is available in /examples/winston.js file.

Middleware configuration

These are the available config options for the middleware(options) function. Options are optional.

1{
2  // Respect request header flag (default: true).
3  // If set to true, the middleware will be using a value from the specified header (if the value is present).
4  useHeader: true,
5  // Request header name, case insensitive (default: X-Request-Id).
6  // Used if useHeader is set to true.
7  headerName: 'X-Request-Id'
8}

Troubleshooting

To avoid weird behavior with Express:

Make sure you require express-rtracer as the first dependency in your app. Some popular packages may use async which breaks CLS.

For Node 10 users:

Node 10.0.x-10.3.x is not supported. That's because V8 version 6.6 introduced a bug that breaks async_hooks during async/await. Node 10.4.x uses V8 v6.7 where the bug is fixed. See: https://github.com/nodejs/node/issues/20274.

License

Licensed under MIT.

No vulnerabilities found.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

License

Determines if the project has defined a license.

0

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

SAST

Determines if the project uses static code analysis.

0

Maintained

Determines if the project is "actively maintained".

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Security-Policy

Determines if the project has published a security policy.

0

Fuzzing

Determines if the project uses fuzzing.

0

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

74 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-6chw-6frg-f759
Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw
Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25
Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
Warn: Project is vulnerable to: GHSA-cwfw-4gq5-mrqx
Warn: Project is vulnerable to: GHSA-g95f-p29q-9xw4
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-c6rq-rjc2-86v2
Warn: Project is vulnerable to: GHSA-257v-vj4p-3w2h
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-h452-7996-h45h
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
Warn: Project is vulnerable to: GHSA-3gx7-xhv7-5mx3
Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
Warn: Project is vulnerable to: GHSA-8r6j-v8pm-fqw3
Warn: Project is vulnerable to: MAL-2023-462
Warn: Project is vulnerable to: GHSA-q42p-pg8m-cqh6
Warn: Project is vulnerable to: GHSA-w457-6q6x-cgp9
Warn: Project is vulnerable to: GHSA-62gr-4qp9-h98f
Warn: Project is vulnerable to: GHSA-f52g-6jhx-586p
Warn: Project is vulnerable to: GHSA-2cf5-4w76-r9qv
Warn: Project is vulnerable to: GHSA-3cqr-58rm-57f8
Warn: Project is vulnerable to: GHSA-g9r4-xpmj-mj65
Warn: Project is vulnerable to: GHSA-q2c6-c6pm-g3gh
Warn: Project is vulnerable to: GHSA-765h-qjxv-5f44
Warn: Project is vulnerable to: GHSA-f2jv-r9rf-7988
Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37
Warn: Project is vulnerable to: GHSA-2pr6-76vf-7546
Warn: Project is vulnerable to: GHSA-8j8c-7jfh-h6hx
Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
Warn: Project is vulnerable to: GHSA-6c8f-qphg-qjgp
Warn: Project is vulnerable to: GHSA-jf85-cpcp-j695
Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
Warn: Project is vulnerable to: GHSA-4xcv-9jjx-gfj3
Warn: Project is vulnerable to: GHSA-7wpw-2hjm-89gp
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m
Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
Warn: Project is vulnerable to: GHSA-fhjf-83wg-r2j9
Warn: Project is vulnerable to: GHSA-5fw9-fq32-wv5p
Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
Warn: Project is vulnerable to: GHSA-4g88-fppr-53pp
Warn: Project is vulnerable to: GHSA-4jqc-8m5r-9rpr
Warn: Project is vulnerable to: GHSA-j44m-qm6p-hp7m
Warn: Project is vulnerable to: GHSA-3jfq-g458-7qm9
Warn: Project is vulnerable to: GHSA-r628-mhmh-qjhw
Warn: Project is vulnerable to: GHSA-9r2w-394v-53qc
Warn: Project is vulnerable to: GHSA-5955-9wpr-37jh
Warn: Project is vulnerable to: GHSA-qq89-hq3f-393p
Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Warn: Project is vulnerable to: GHSA-jgrx-mgxx-jf9v
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-6fc8-4gx4-v693
Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh
Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp

Score

1.7

/10

Last Scanned on 2025-06-16

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More