- How does the Node agent find the package.json?
- How does the Node agent detect the app root?
This question revolves around the following error found in the agent logs:
error: 2024-01-09T15:23:43.110Z 1 contrast:contrast-init - Unable to find application's package.json.. Continuing without instrumentation.
error: 2024-01-09T15:23:43.111Z 1 contrast:contrast-init - Unexpected error while trying to start contrast. Continuing without instrumentation. Error: Unable to find application's package.json.
The agent only looks at
agent.node.app_root to find the
package.json, which defaults to reading
./package.json relative to
process.cwd() (the directory where the node executable is run).
Example using OWASP Juice Shop:
We clone the juice-shop project and
package.json file of interest is in the root directory. The Node agent will find the correct
package.json if the application is started from the root directory.
juice-shop on master [!?] via v18.16.1
❯ node -r @contrast/agent build/app
If the same command is run in the
build folder, the agent will not find the
package.json and print the above error messages because the correct
package.json is in the app root.
juice-shop/build on master [!?] via v18.16.1 took 4s
❯ node -r @contrast/agent app
When working with the agent operator or when the node executable is run in a different directory than the application's root, it is best to set