feat: reduce o11y bundle size #166
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| setTimeout(async () => { | ||
| const { registerInstrumentations } = await import('@opentelemetry/instrumentation') | ||
|
|
||
| // Load instrumentations one by one with delays | ||
| const instrumentations = [] | ||
|
|
||
| // Load fetch instrumentation | ||
| try { | ||
| const fetchModule = await this.loadInstrumentation('fetch') | ||
| instrumentations.push(new fetchModule.FetchInstrumentation()) | ||
| } catch (e) { |
Check notice
Code scanning / devskim
If untrusted data (data from HTTP requests, user submitted files, etc.) is included in an setTimeout statement it can allow an attacker to inject their own code. Note
| setTimeout(async () => { | ||
| try { | ||
| const xhrModule = await this.loadInstrumentation('xhr') | ||
| instrumentations.push(new xhrModule.XMLHttpRequestInstrumentation()) | ||
| } catch (e) { |
Check notice
Code scanning / devskim
If untrusted data (data from HTTP requests, user submitted files, etc.) is included in an setTimeout statement it can allow an attacker to inject their own code. Note
| setTimeout(async () => { | ||
| try { | ||
| const docModule = await this.loadInstrumentation('document') | ||
| instrumentations.push(new docModule.DocumentLoadInstrumentation()) | ||
| } catch (e) { |
Check notice
Code scanning / devskim
If untrusted data (data from HTTP requests, user submitted files, etc.) is included in an setTimeout statement it can allow an attacker to inject their own code. Note
| setTimeout(() => { | ||
| const nav = performance.getEntriesByType('navigation')[0] as PerformanceNavigationTiming | ||
| if (nav) { |
Check notice
Code scanning / devskim
If untrusted data (data from HTTP requests, user submitted files, etc.) is included in an setTimeout statement it can allow an attacker to inject their own code. Note
Summary
How did you test this change?
Are there any deployment considerations?