Man page - nsolid(1)

Packages contas this manual

Manual

NSOLID(1) General Commands Manual NSOLID(1)

nsolidserver-side JavaScript runtime

nsolid [options] [v8-options] [-e string | script.js | -] [--] [arguments ...]

nsolid inspect [-e string | script.js | - | <host>:<port>] ...

nsolid [--v8-options]

N|Solid is a pre-bundled set of instrumentation and monitoring tools and a Node.js release. When not in use it behaves exactly as Node.js. See the section to enable the N|Solid Agent features.

Node.js is a set of libraries for JavaScript which allows it to be used outside of the browser. It is primarily focused on creating simple, easy-to-build network clients and servers.

Execute nsolid without arguments to start a REPL.

-
Alias for stdin, analogous to the use of - in other command-line utilities. The executed script is read from stdin, and remaining arguments are passed to the script.
--
Indicate the end of command-line options. Pass the rest of the arguments to the script.

If no script filename or eval/print script is supplied prior to this, then the next argument will be used as a script filename.

Aborting instead of exiting causes a core file to be generated for analysis.
Allow file system read access when using the permission model.
Allow file system write access when using the permission model.
Allow using native addons when using the permission model.
Allow spawning process when using the permission model.
Allow execution of WASI when using the permission model.
Allow creating worker threads when using the permission model.
Print source-able bash completion script for Node.js.
, --conditions string
Use custom conditional exports conditions. string
Start the V8 CPU profiler on start up, and write the CPU profile to disk before exit. If --cpu-prof-dir is not specified, the profile will be written to the current working directory with a generated file name.
The directory where the CPU profiles generated by --cpu-prof will be placed. The default value is controlled by the --diagnostic-dir. command-line option.
The sampling interval in microseconds for the CPU profiles generated by --cpu-prof. The default is .
File name of the V8 CPU profile generated with --cpu-prof.
Set the directory for all diagnostic output files. Default is current working directory. Set the directory to which all diagnostic output files will be written to. Defaults to current working directory. Affects the default output directory of: --cpu-prof-dir. --heap-prof-dir. --redirect-warnings.
=mode
Disable the `Object.prototype.__proto__` property. If mode is `delete`, the property will be removed entirely. If mode is `throw`, accesses to the property will throw an exception with the code `ERR_PROTO_ACCESS`.
=mode
Disable trap-handler-based WebAssembly bound checks and fall back to inline bound checks so that WebAssembly can be run with limited virtual memory.
Make built-in language features like `eval` and `new Function` that generate code from strings throw an exception instead. This does not affect the Node.js `vm` module.
Enable FIPS-compliant crypto at startup. Requires Node.js to be built with ./configure --openssl-fips.
Enable Source Map V3 support for stack traces.
=type
Interpret as either ES modules or CommonJS modules input via --eval or STDIN, when --input-type is unspecified;
Expose the Web Crypto API on the global scope.
Enable experimental ES modules support for import.meta.resolve().
=module
Specify the module to use as a custom module loader.
Enable experimental support for loading modules using `import` over `https:`.
Enable the experimental permission model.
Use the specified file as a security policy.
Use this flag to enable ShadowRealm support.
Enable code coverage in the test runner.
Enable experimental support for the WebSocket API.
Disable experimental support for the Fetch API.
Disable exposition of the CustomEvent on the global scope.
Disable exposition of the Web Crypto API on the global scope.
Disable top-level await keyword support in REPL.
Enable experimental ES module support in VM module.
Enable experimental WebAssembly System Interface support. This flag is no longer required as WASI is enabled by default.
Enable experimental WebAssembly module support.
Disable loading native addons that are not context-aware.
Force FIPS-compliant crypto on startup (Cannot be disabled from script code). Same requirements as --enable-fips.
Enable experimental frozen intrinsics support.
=max_count
Generate heap snapshot when the V8 heap usage is approaching the heap limit. No more than the specified number of snapshots will be generated.
=signal
Generate heap snapshot on specified signal.
Start the V8 heap profiler on start up, and write the heap profile to disk before exit. If --heap-prof-dir is not specified, the profile will be written to the current working directory with a generated file name.
The directory where the heap profiles generated by --heap-prof will be placed. The default value is controlled by the --diagnostic-dir. command-line option.
The average sampling interval in bytes for the heap profiles generated by --heap-prof. The default is .
File name of the V8 heap profile generated with --heap-prof.
=file
Specify ICU data load path. Overrides NODE_ICU_DATA.
=type
Set the module resolution type for input via --eval, --print or STDIN.
--inspect-brk=[host:]port
Activate inspector on host:port and break at start of user script.
--inspect-port=[host:]port
Set the host:port to be used when the inspector is activated.
--inspect-publish-uid=stderr,http
Specify how the inspector WebSocket URL is exposed. Valid values are and . Default is .
--inspect-wait=[host:]port
Activate inspector on host:port and wait for debugger to be attached.
=[host:]port
Activate inspector on host:port. Default is .

V8 Inspector integration allows attaching Chrome DevTools and IDEs to Node.js instances for debugging and profiling. It uses the Chrome DevTools Protocol.

Use an insecure HTTP parser that accepts invalid HTTP headers. This may allow interoperability with non-conformant HTTP implementations. It may also allow request smuggling and other HTTP attacks that rely on invalid headers being accepted. Avoid using this option.
Disable runtime allocation of executable memory. This may be required on some platforms for security reasons. It can also reduce attack surface on other platforms, but the performance impact may be severe.

This flag is inherited from V8 and is subject to change upstream. It may disappear in a non-semver-major release.

=size
Specify the maximum size of HTTP headers in bytes. Defaults to 16 KiB.
This option is a no-op. It is kept for compatibility.
Silence deprecation warnings.
Hide extra information on fatal exception that causes exit.
Disable runtime checks for `async_hooks`. These will still be enabled dynamically when `async_hooks` is enabled.
Disable the `node-addons` exports condition as well as disable loading native addons. When `--no-addons` is specified, calling `process.dlopen` or requiring a native C++ addon will fail and throw an exception.
Do not search modules from global paths.
Silence all process warnings (including deprecations).
Enable extra debug checks for memory leaks in Node.js internals. This is usually only useful for developers debugging Node.js itself.
=file
Load an OpenSSL configuration file on startup. Among other uses, this can be used to enable FIPS-compliant crypto if Node.js is built with ./configure --openssl-fips.
Emit pending deprecation warnings.
=sri
Instructs Node.js to error prior to running any code if the policy does not have the specified integrity. It expects a Subresource Integrity string as a parameter.
Instructs the module loader to preserve symbolic links when resolving and caching modules other than the main module.
Instructs the module loader to preserve symbolic links when resolving and caching the main module.
Generate V8 profiler output.
--prof-process
Process V8 profiler output generated using the V8 option --prof.
=file
Write process warnings to the given file instead of printing to stderr.
Write diagnostic reports in a compact format, single-line JSON.
--report-directory
Location at which the diagnostic report will be generated. The `file` name may be an absolute path. If it is not, the default directory it will be written to is controlled by the --diagnostic-dir. command-line option.
Name of the file to which the diagnostic report will be written.
Enables the diagnostic report to be triggered on fatal errors (internal errors within the Node.js runtime such as out of memory) that leads to termination of the application. Useful to inspect various diagnostic data elements such as heap, stack, event loop state, resource consumption etc. to reason about the fatal error.
Enables diagnostic report to be generated upon receiving the specified (or predefined) signal to the running Node.js process. Default signal is SIGUSR2.
Sets or resets the signal for diagnostic report generation (not supported on Windows). Default signal is SIGUSR2.
Enables diagnostic report to be generated on un-caught exceptions. Useful when inspecting JavaScript stack in conjunction with native stack and other runtime environment data.
=n
Specify the size of the OpenSSL secure heap. Any value less than 2 disables the secure heap. The default is 0. The value must be a power of two.
=n
Specify the minimum allocation from the OpenSSL secure heap. The default is 2. The value must be a power of two.
Starts the Node.js command line test runner.
--test-concurrency
The maximum number of test files that the test runner CLI will execute concurrently.
--test-force-exit
Configures the test runner to exit the process once all known tests have finished executing even if the event loop would otherwise remain active.
--test-name-pattern
A regular expression that configures the test runner to only execute tests whose name matches the provided pattern.
--test-reporter
A test reporter to use when running tests.
--test-reporter-destination
The destination for the corresponding test reporter.
--test-only
Configures the test runner to only execute top level tests that have the `only` option set.
--test-shard
Test suite shard to execute in a format of <index>/<total>.

--test-timeout
A number of milliseconds the test execution will fail after.
Throw errors for deprecations.
=title
Specify process.title on startup.
=list
Specify an alternative default TLS cipher list. Requires Node.js to be built with crypto support. (Default)
=file
Log TLS key material to a file. The key material is in NSS SSLKEYLOGFILE format and can be used by software (such as Wireshark) to decrypt the TLS traffic.
Set default maxVersion to 'TLSv1.2'. Use to disable support for TLSv1.3.
Set default maxVersion to 'TLSv1.3'. Use to enable support for TLSv1.3.
Set default minVersion to 'TLSv1'. Use for compatibility with old TLS clients or servers.
Set default minVersion to 'TLSv1.1'. Use for compatibility with old TLS clients or servers.
Set default minVersion to 'TLSv1.2'. This is the default for 12.x and later, but the option is supported for compatibility with older Node.js versions.
Set default minVersion to 'TLSv1.3'. Use to disable support for TLSv1.2 in favour of TLSv1.3, which is more secure.
Print short summaries of calls to . This flag is deprecated.
Print stack traces for deprecations.
categories
A comma-separated list of categories that should be traced when trace event tracing is enabled using --trace-events-enabled.
pattern
Template string specifying the filepath for the trace event data, it supports and .
Enable the collection of trace event tracing information.
Prints a stack trace whenever an environment is exited proactively, i.e. invoking `process.exit()`.
Prints a stack trace on SIGINT.
Print a stack trace whenever synchronous I/O is detected after the first turn of the event loop.
Prints TLS packet trace information to stderr.
Print stack traces for uncaught exceptions; usually, the stack trace associated with the creation of an Error is printed, whereas this makes Node.js also print the stack trace associated with throwing the value (which does not need to be an Error instance).

Enabling this option may affect garbage collection behavior negatively.

Print stack traces for process warnings (including deprecations).
Track heap object allocations for heap snapshots.
Define the behavior for unhandled rejections. Can be one of `strict` (raise an error), `warn` (enforce warnings) or `none` (silence warnings).
, --use-openssl-ca
Use bundled Mozilla CA store as supplied by current Node.js version or use OpenSSL's default CA store. The default store is selectable at build-time.

The bundled CA store, as supplied by Node.js, is a snapshot of Mozilla CA store that is fixed at release time. It is identical on all supported platforms.

Using OpenSSL store allows for external modifications of the store. For most Linux and BSD distributions, this store is maintained by the distribution maintainers and system administrators. OpenSSL CA store location is dependent on configuration of the OpenSSL library but this can be altered at runtime using environment variables.

See SSL_CERT_DIR and SSL_CERT_FILE.

=mode
Re-map the Node.js static code to large memory pages at startup. If supported on the target system, this will cause the Node.js static code to be moved onto 2 MiB pages instead of 4 KiB pages.

mode must have one of the following values: `off` (the default value, meaning do not map), `on` (map and ignore failure, reporting it to stderr), or `silent` (map and silently ignore failure).

Print V8 command-line options.
=num
Set V8's thread pool size which will be used to allocate background jobs. If set to 0 then V8 will choose an appropriate size of the thread pool based on the number of online processors. If the value provided is larger than V8's maximum, then the largest value will be chosen.
Automatically zero-fills all newly allocated Buffer and SlowBuffer instances.
, --check
Check the script's syntax without executing it. Exits with an error code if script is invalid.
, --eval string
Evaluate string as JavaScript.
, --help
Print command-line options. The output of this option is less detailed than this document.
, --interactive
Open the REPL even if stdin does not appear to be a terminal.
, --print string
Identical to -e, but prints the result.
, --require module
Preload the specified module at startup. Follows `require()`'s module resolution rules. module may be either a path to a file, or a Node.js module name.
, --version
Print node's version.

file
Activates the requested N|Solid policies as specified in the provided file.
Print the N|Solid release version.

Used to enable ANSI colorized output. The value may be one of: 1 , true , or an empty string to indicate 16-color support, 2 to indicate 256-color support, or 3 to indicate 16 million-color support. When used and set to a supported value, both the NO_COLOR and NODE_DISABLE_COLORS environment variables are ignored. Any other value will result in colorized output being disabled.
Alias for NODE_DISABLE_COLORS
modules...
Comma-separated list of core modules that should print debug information.
modules...
Comma-separated list of C++ core modules that should print debug information.
When set to 1, colors will not be used in the REPL.
file
When set, the well-known “root” CAs (like VeriSign) will be extended with the extra certificates in file. The file should consist of one or more trusted certificates in PEM format.

If file is missing or misformatted, a message will be emitted once using , but any errors are otherwise ignored.

This environment variable is ignored when `nsolid` runs as setuid root or has Linux file capabilities set.

The NODE_EXTRA_CA_CERTS environment variable is only read when the Node.js process is first launched. Changing the value at runtime using process.env.NODE_EXTRA_CA_CERTS has no effect on the current process.

file
Data path for ICU (Intl object) data. Will extend linked-in data when compiled with small-icu support.
When set to 1, process warnings are silenced.
options...
A space-separated list of command-line options, which are interpreted as if they had been specified on the command line before the actual command (so they can be overridden). Node.js will exit with an error if an option that is not allowed in the environment is used, such as --print or a script file.
directories...
A colon-separated list of directories prefixed to the module search path.
When set to 1, emit pending deprecation warnings.
When set to 1, the module loader preserves symbolic links when resolving and caching modules.
file
Write process warnings to the given file instead of printing to stderr. Equivalent to passing --redirect-warnings file on the command line.
file
Path to the file used to store persistent REPL history. The default path is ~/.node_repl_history, which is overridden by this variable. Setting the value to an empty string ("" or " ") will disable persistent REPL history.
file
Path to a Node.js module which will be loaded in place of the built-in REPL. Overriding this value to an empty string (`''`) will use the built-in REPL.
When set to 1, the check for a supported platform is skipped during Node.js startup. Node.js might not execute correctly. Any issues encountered on unsupported platforms will not be fixed.
When set to 0, TLS certificate validation is disabled.
dir
When set, Node.js writes JavaScript code coverage information to dir.
file
Load an OpenSSL configuration file on startup. Among other uses, this can be used to enable FIPS-compliant crypto if Node.js is built with ./configure --openssl-fips.

If the --openssl-config command-line option is used, this environment variable is ignored.

dir
If --use-openssl-ca is enabled, this overrides and sets OpenSSL's directory containing trusted certificates.
file
If --use-openssl-ca is enabled, this overrides and sets OpenSSL's file containing trusted certificates.
Specify the timezone configuration.
size
Sets the number of threads used in libuv's threadpool to size.

N|Solid can be configured via environment variables or an nsolid section in your package.json file. If competing values for a single key are set, the environment variable will take precedence.

path
Provide the path of the package.json that contains NSolid configuration.
name
Set a name for this application in the N|Solid Console. Defaults to untitled application.

If not set, N|Solid will attempt to set this value from the package.json name property.

hostname
Override the hostname that N|Solid uses to identify your host machine. Sometimes useful for container environments.
tags...
Comma-separated list of tags for identification and filtering in the N|Solid Console. Tags must be 2-140 characters in length.

Example: NSOLID_TAGS="api,staging,v1.9.2"

[ip|hostname][:port]
Provide the location of the N|Solid Storage COMMAND socket.

Requires at minimum either a host or port for N|Solid Storage/Console functionality. If left unconfigured, the N|Solid Agent will not start up.

In most configurations this is the only socket that must be configured. Upon successful NSOLID_COMMAND connection it will attempt to configure the NSOLID_BULK and NSOLID_DATA sockets. The default hostname is localhost.

Examples:
Port only (default host is localhost): NSOLID_COMMAND=9001
IP and Port: NSOLID_COMMAND=127.0.0.1:9001
Hostname and Port: NSOLID_COMMAND=localhost:9001
Hostname only (default port 9001): NSOLID_COMMAND=localhost

[ip|hostname][:port]
Provide the location of the N|Solid Storage DATA socket. Optional in most scenarios.
[ip|hostname][:port]
Provide the location of the N|Solid Storage BULK socket. Optional in most scenarios.
key
Provide a custom public key for N|Solid Storage socket communication. Must match the private key set on the N|Solid Storage server.

Default (unsecure) key: '^kvy<i^qI<r{=ZDrfK4K<#NtqY+zaH:ksm/YGE6I'

Data will always be encrypted, but for security you should create your own CurveZMQ key pair. See nsolid-cli documentation for instructions.

NSOLID_SAAS key
The SaaS token acquired while signing up for a SaaS account.
[ip|hostname][:port]
Provide the location of a StatsD endpoint.

Example: NSOLID_STATSD=127.0.0.1:8125

[nsolid.${env}.${app}.${hostname}.${shortid}]
Provide a StatsD bucket format string for N|Solid to use when reporting StatsD metrics. Will substitute recognized variables with the N|Solid configuration.

Default: nsolid.${env}.${app}.${hostname}.${shortid}

Recognized Substitutions:
* ${env}: the NODE_ENV
* ${app}: nsolid app
* ${hostname}: the configured hostname value
* ${id}: the unique agent id
* ${shortid}: a short prefix of the agent id

${env},${tags}
Provide a StatsD tags extension format string for N|Solid to use when reporting StatsD metrics. Not all StatsD applications use this extension, so use with caution. Will substitute recognized variables with the N|Solid configuration.

Defaults to not sending the tags extension.

Recognized Substitutions:
* ${env}: the NODE_ENV
* ${app}: nsolid app
* ${hostname}: the configured hostname value
* ${id}: the unique agent id
* ${shortid}: a short prefix of the agent id
* ${tags}: a concatenated list of the tags

Disable IPv6 in case it's not supported by the host system.
Force disable snapshots. Once set it cannot be reset.
Redact all strings from snapshots.
interval
Override the default metrics reporting interval (milliseconds) of the N|Solid Agent. Default is 3000.
interval
Delay initializing nsolid for duration (milliseconds) after the process starts.
duration
Time in milliseconds the event loop is stuck on a single iteration before considered being blocked.
Disable automatically scanning all directories for modules that can be imported or required. Packages that are actually imported or required are still reported to the Console.
Track packages listed in the globalPaths
Specify whether the process is being run in an IIS environment.
config
Define the type of OTLP endpoint.
config
Specify the configuration for the OTLP endpoint defined in NSOLID_OTLP.
Enable tracing generation. By default http and dns spans are automatically generated. They can be disabled by using NSOLID_TRACING_MODULES_BLACKLIST. This option can be enabled dynamically from the Console.
Track Promises and report them to the Console. This can be enabled dynamically from the Console.
config
List of core instrumented modules you want to disable when tracing is enabled. This can be enabled dynamically from the Console.
When running tests check metrics at the end of every test.
name
N|Solid will report the NODE_ENV set for your application, defaulting to "prod" if unset.

If N|Solid has the OTLP support active (by setting NSOLID_OTLP=otlp), at the moment it supports all the environment variables defined in https://opentelemetry.io/docs/specs/otel/protocol/exporter/ which allows to fully configure the OTLP endpoints, except for the ones related to Logs.

A full list of supported environment variables is:
OTEL_EXPORTER_OTLP_ENDPOINT, OTEL_EXPORTER_OTLP_TRACES_ENDPOINT, OTEL_EXPORTER_OTLP_METRICS_ENDPOINT
OTEL_EXPORTER_OTLP_INSECURE, OTEL_EXPORTER_OTLP_TRACES_INSECURE, OTEL_EXPORTER_OTLP_METRICS_INSECURE
OTEL_EXPORTER_OTLP_CERTIFICATE, OTEL_EXPORTER_OTLP_TRACES_CERTIFICATE, OTEL_EXPORTER_OTLP_METRICS_CERTIFICATE
OTEL_EXPORTER_OTLP_CLIENT_KEY, OTEL_EXPORTER_OTLP_TRACES_CLIENT_KEY, OTEL_EXPORTER_OTLP_METRICS_CLIENT_KEY
OTEL_EXPORTER_OTLP_CLIENT_CERTIFICATE, OTEL_EXPORTER_OTLP_TRACES_CLIENT_CERTIFICATE, OTEL_EXPORTER_OTLP_METRICS_CLIENT_CERTIFICATE
OTEL_EXPORTER_OTLP_HEADERS, OTEL_EXPORTER_OTLP_TRACES_HEADERS, OTEL_EXPORTER_OTLP_METRICS_HEADERS
OTEL_EXPORTER_OTLP_COMPRESSION, OTEL_EXPORTER_OTLP_TRACES_COMPRESSION, OTEL_EXPORTER_OTLP_METRICS_COMPRESSION
OTEL_EXPORTER_OTLP_TIMEOUT, OTEL_EXPORTER_OTLP_TRACES_TIMEOUT, OTEL_EXPORTER_OTLP_METRICS_TIMEOUT
OTEL_EXPORTER_OTLP_PROTOCOL, OTEL_EXPORTER_OTLP_TRACES_PROTOCOL, OTEL_EXPORTER_OTLP_METRICS_PROTOCOL s

Adding an nsolid section in your package.json section will look for the following properties to set the above N|Solid options:

Example:
{
...,
"nsolid": {
"app": "api-server",
"statsd": "8125",
"command": "storage.local:9001",
"tags": "api,staging"
}
}

The following lists all package.json field names along with their environment variable counterparts.

app: NSOLID_APP
 
hostname: NSOLID_HOSTNAME
 
tags: NSOLID_TAGS
 
command: NSOLID_COMMAND
 
data: NSOLID_DATA
 
bulk: NSOLID_BULK
 
pubkey: NSOLID_PUBKEY
 
statsd: NSOLID_STATSD
 
statsdBucket: NSOLID_STATSD_BUCKET
 
statsdTags: NSOLID_STATSD_TAGS
 
disableIpv6: NSOLID_DISABLE_IPV6
 
disableSnapshots: NSOLID_DISABLE_SNAPSHOTS
 
redactSnapshots: NSOLID_REDACT_SNAPSHOTS
 
interval: NSOLID_INTERVAL
 
blockedLoopThreshold: NSOLID_BLOCKED_LOOP_THRESHOLD
 
disablePackageScan: NSOLID_DISABLE_PACKAGE_SCAN
 
trackGlobalPackages: NSOLID_TRACK_GLOBAL_PACKAGES
 
iisNode: NSOLID_IISNODE
 
otlp: NSOLID_OTLP
 
otlpConfig: NSOLID_OTLP_CONFIG
 
tracingEnabled: NSOLID_TRACING_ENABLED
 
promiseTracking: NSOLID_PROMISE_TRACKING
 
tracingModulesBlacklist: NSOLID_TRACING_MODULES_BLACKLIST
 
env: NODE_ENV
 

N|Solid is copyright NodeSource NodeSource's N|Solid Software is offered under an enterprise license, which may be viewed on the NodeSource website at:

Copyright Node.js contributors. Node.js is available under the MIT license.

Node.js also includes external libraries that are available under a variety of licenses. See for the full license text.

Website:

N|Solid Documentation:

Node.js Documentation:

Support:

Written and maintained by 1000+ contributors:

2019