@snyk/nodejs-runtime-agent

by snyk
1.47.3 (see all)

Snyk Node Runtime Agent

Readme

Snyk Node.js runtime agent

Known Vulnerabilities

Use this package as a library in your application to monitor your dependencies and to learn how the vulnerable functions of the dependencies are invoked in your deployments.

Quick start

require('@snyk/nodejs-runtime-agent')({ projectId: <Your-Project-ID> });

Supported Node.js versions

The Node.js Runtime Agent is tested on Node 8 and Node 10. Other versions are unsupported.

How to

require('@snyk/nodejs-runtime-agent')(config);

The config object supports the following options:

KeyTypeDefault valuePurpose
projectIdStringThe Snyk project ID that matches your application.
enableBooleantrueSet to false to disable the agent.

Advanced config options:

KeyTypeDefault valuePurpose
beaconIntervalMsNumber60000Report frequency in milliseconds.
snapshotIntervalMsNumber3600000Snapshot retrieval frequency in milliseconds.
flushOnExitBooleantrueSet to false to prevent the agent from flushing its data before exiting. true is useful especially for short-lived environments.

Demo

There is a self-contained demo named node-woof, which you can clone and run. It will guide you through the setup of the project on your machine.

Development

npm start brings up an http server that invokes a vulnerable function on startup and for every request.

