{"id":13522940,"url":"https://github.com/lumigo-io/python_tracer","last_synced_at":"2026-01-07T05:48:44.311Z","repository":{"id":35058627,"uuid":"169977038","full_name":"lumigo-io/python_tracer","owner":"lumigo-io","description":"Lumigo's Python Distributed Tracing and Performance Agent for AWS lambda","archived":false,"fork":false,"pushed_at":"2025-06-26T11:35:55.000Z","size":1029,"stargazers_count":49,"open_issues_count":5,"forks_count":10,"subscribers_count":8,"default_branch":"master","last_synced_at":"2025-08-31T05:44:28.454Z","etag":null,"topics":["debugging","instrumentation","lumigo","python3","python36","python37","python38","serverless","tracer"],"latest_commit_sha":null,"homepage":"https://lumigo.io","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/lumigo-io.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2019-02-10T12:42:25.000Z","updated_at":"2025-06-26T11:35:59.000Z","dependencies_parsed_at":"2023-10-14T17:17:17.691Z","dependency_job_id":"663db893-f722-4565-88d9-b4205d84ad78","html_url":"https://github.com/lumigo-io/python_tracer","commit_stats":{"total_commits":949,"total_committers":34,"mean_commits":27.91176470588235,"dds":"0.46469968387776606","last_synced_commit":"3dd9afef4aaba7a687c4619dd195459d0484f438"},"previous_names":[],"tags_count":300,"template":false,"template_full_name":null,"purl":"pkg:github/lumigo-io/python_tracer","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lumigo-io%2Fpython_tracer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lumigo-io%2Fpython_tracer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lumigo-io%2Fpython_tracer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lumigo-io%2Fpython_tracer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/lumigo-io","download_url":"https://codeload.github.com/lumigo-io/python_tracer/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/lumigo-io%2Fpython_tracer/sbom","scorecard":{"id":605101,"data":{"date":"2025-08-11","repo":{"name":"github.com/lumigo-io/python_tracer","commit":"1d0d65277113a5f190e4af71a3f35c3f0ea03f97"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.5,"checks":[{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Maintained","score":10,"reason":"22 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":2,"reason":"Found 6/30 approved changesets -- score normalized to 2","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: pipCommand not pinned by hash: scripts/bd_to_prod.sh:40","Warn: pipCommand not pinned by hash: scripts/bd_to_prod.sh:46","Warn: pipCommand not pinned by hash: scripts/checks.sh:10","Warn: npmCommand not pinned by hash: scripts/create_layers.sh:47","Warn: pipCommand not pinned by hash: scripts/prepare_layer_files.sh:3","Warn: pipCommand not pinned by hash: scripts/prepare_layer_files.sh:8","Info:   0 out of   5 pipCommand dependencies pinned","Info:   0 out of   1 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 12 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"26 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: PYSEC-2024-24 / GHSA-5h86-8mv2-jq9f","Warn: Project is vulnerable to: GHSA-5m98-qgg9-wh84","Warn: Project is vulnerable to: GHSA-7gpw-8wmc-pm8g","Warn: Project is vulnerable to: GHSA-8495-4g3g-x7pr","Warn: Project is vulnerable to: PYSEC-2024-26 / GHSA-8qpw-xqxj-h4r2","Warn: Project is vulnerable to: GHSA-9548-qrrj-x5pj","Warn: Project is vulnerable to: PYSEC-2023-246 / GHSA-gfw2-4jvh-wgfg","Warn: Project is vulnerable to: GHSA-pjjw-qhg8-p2p9","Warn: Project is vulnerable to: PYSEC-2023-250 / GHSA-q3qx-c6g2-7pw2","Warn: Project is vulnerable to: PYSEC-2023-251 / GHSA-qvrw-v9rv-5rjx","Warn: Project is vulnerable to: PYSEC-2024-48 / GHSA-fj7x-q9j7-g6q6","Warn: Project is vulnerable to: GHSA-cpwx-vrp4-4pq7","Warn: Project is vulnerable to: GHSA-gmj6-6f8f-6699","Warn: Project is vulnerable to: GHSA-h5c8-rqwp-cp95","Warn: Project is vulnerable to: GHSA-h75v-3vvj-5mfj","Warn: Project is vulnerable to: GHSA-q2x7-8rv6-6q7h","Warn: Project is vulnerable to: GHSA-m87m-mmvp-v9qm","Warn: Project is vulnerable to: GHSA-9hjg-9r4m-mvj7","Warn: Project is vulnerable to: GHSA-9wx4-h78v-vm56","Warn: Project is vulnerable to: GHSA-34jh-p97f-mpxf","Warn: Project is vulnerable to: PYSEC-2023-212 / GHSA-g4mx-q9vg-27p4","Warn: Project is vulnerable to: GHSA-pq67-6m6q-mj2v","Warn: Project is vulnerable to: GHSA-2g68-c3qc-8985","Warn: Project is vulnerable to: GHSA-f9vj-2wh5-fj8j","Warn: Project is vulnerable to: PYSEC-2023-221 / GHSA-hrfv-mqp8-q5rw","Warn: Project is vulnerable to: GHSA-q34m-jh98-gwm2"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-21T01:24:29.038Z","repository_id":35058627,"created_at":"2025-08-21T01:24:29.038Z","updated_at":"2025-08-21T01:24:29.038Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28233084,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2026-01-07T02:00:05.975Z","response_time":58,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["debugging","instrumentation","lumigo","python3","python36","python37","python38","serverless","tracer"],"created_at":"2024-08-01T06:00:53.892Z","updated_at":"2026-01-07T05:48:44.306Z","avatar_url":"https://github.com/lumigo-io.png","language":"Python","funding_links":[],"categories":["Layers"],"sub_categories":["Monitoring"],"readme":"[![CircleCI](https://dl.circleci.com/status-badge/img/gh/lumigo-io/python_tracer/tree/master.svg?style=svg)](https://dl.circleci.com/status-badge/redirect/gh/lumigo-io/python_tracer/tree/master)\n![Version](https://badge.fury.io/py/lumigo-tracer.svg)\n![codecov](https://codecov.io/gh/lumigo-io/python_tracer/branch/master/graph/badge.svg?token=6EgXIlefwG)\n\nThis is lumigo/python_tracer, Lumigo's Python agent for distributed tracing and performance monitoring.\n\nSupported Python Runtimes: 3.6, 3.7, 3.8, 3.9, 3.10, 3.11, 3.12 and 3.13\n\n# Usage\n\nThe package allows you to pursue automated metric gathering through Lambda Layers, automated metric gathering and instrumentation through the Serverless framework, or manual metric creation and implementation.\n\n## With Lambda layers\n\n* When configuring your Lambda functions, include the appropriate Lambda Layer ARN [from these tables](https://github.com/lumigo-io/python_tracer/tree/master/layers)\n\n*Note* - Lambda Layers are an optional feature. If you decide to use this capability, the list of Lambda layers available is available [here.](https://github.com/lumigo-io/python_tracer/tree/master/layers).\n\nLearn more in our [documentation on auto-instrumentation](https://docs.lumigo.io/docs/auto-instrumentation).\n\n## With Serverless framework\n\n* To configure the Serverless Framework to work with Lumigo, simply install our plugin: [**serverless-lumigo-plugin**](https://github.com/lumigo-io/serverless-lumigo-plugin/blob/master/README.md)\n\n## Manually\n\nTo manually configure Lumigo in your Lambda functions:\n\n* Install the package:\n\n```bash\npip install lumigo_tracer\n```\n\n* Import the package in your Lambda code:\n\n```python\n`from lumigo_tracer import lumigo_tracer`\n```\n\n* Next, wrap your `handler` in Lumigo's `trace` function (note: replace `YOUR-TOKEN-HERE` with your Lumigo API token):\n\n```python\n@lumigo_tracer(token='YOUR-TOKEN-HERE')\ndef my_lambda(event, context):\n    print('I can finally troubleshoot!')\n```\n\n* Your function is now fully instrumented\n\n## Configuration\n\n`@lumigo/python_tracer` offers several different configuration options. Pass these to the Lambda function as environment variables:\n\n* `LUMIGO_DEBUG=TRUE` - Enables debug logging\n* `LUMIGO_SECRET_MASKING_REGEX=[\"regex1\", \"regex2\"]` - Prevents Lumigo from sending keys that match the supplied regular expressions. All regular expressions are case-insensitive. By default, Lumigo applies the following regular expressions: `[\".*pass.*\", \".*key.*\", \".*secret.*\", \".*credential.*\", \".*passphrase.*\"]`.\n  * We support more granular masking using the following parameters. If not given, the above configuration is the fallback: `LUMIGO_SECRET_MASKING_REGEX_HTTP_REQUEST_BODIES`, `LUMIGO_SECRET_MASKING_REGEX_HTTP_REQUEST_HEADERS`, `LUMIGO_SECRET_MASKING_REGEX_HTTP_RESPONSE_BODIES`, `LUMIGO_SECRET_MASKING_REGEX_HTTP_RESPONSE_HEADERS`, `LUMIGO_SECRET_MASKING_REGEX_HTTP_QUERY_PARAMS`, `LUMIGO_SECRET_MASKING_REGEX_ENVIRONMENT`.\n* `LUMIGO_DOMAINS_SCRUBBER=[\".*secret.*\"]` - Prevents Lumigo from collecting both request and response details from a list of domains. This accepts a comma-separated list of regular expressions that is JSON-formatted. By default, the tracer uses `[\"secretsmanager\\..*\\.amazonaws\\.com\", \"ssm\\..*\\.amazonaws\\.com\", \"kms\\..*\\.amazonaws\\.com\"]`. **Note** - These defaults are overridden when you define a different list of regular expressions.\n* `LUMIGO_PROPAGATE_W3C=TRUE` - Add W3C TraceContext headers to outgoing HTTP requests. This enables uninterrupted transactions with applications traced with OpenTelemetry.\n* `LUMIGO_SWITCH_OFF=TRUE` - In the event a critical issue arises, this turns off all actions that Lumigo takes in response to your code. This happens without a deployment, and is picked up on the next function run once the environment variable is present.\n\n### Step Functions\n\nIf your function is part of a set of step functions, you can add the flag `step_function: true` to the Lumigo tracer import. Alternatively, you can configure the step function using an environment variable `LUMIGO_STEP_FUNCTION=True`. When this is active, Lumigo tracks all states in the step function in a single transaction, easing debugging and observability.\n\n```python\n@lumigo_tracer(token='XXX', step_function=True)\ndef my_lambda(event, context):\n    print('Step function visibility!')\n```\n\nNote: the tracer adds the key `\"_lumigo\"` to the return value of the function.\n\nIf you override the `\"Parameters\"` configuration, add `\"_lumigo.$\": \"$._lumigo\"` to ensure this value is still present.\n\nBelow is an example configuration for a Lambda function that is part of a step function that has overridden its parameters:\n\n```json\n\"States\": {\n    \"state1\": {\n      \"Type\": \"Task\",\n      \"Resource\": \"arn:aws:lambda:us-west-2:ACCOUNT:function:FUNCTION_NAME\",\n      \"Parameters\": {\n          \"Changed\": \"parameters\",\n          \"_lumigo.$\": \"$._lumigo\"\n        },\n      \"Next\": \"state2\"\n    },\n    \"state2\": {\n      \"Type\": \"pass\",\n      \"End\": true\n    }\n}\n```\n\n### Logging Programmatic Errors\n\nLumigo provides the `report_error` function, which you can use to publish error logs that are visible to the entire platform. To log programmatic errors:\n\n* Import the `report_error` function with the following code: `from lumigo_tracer import report_error`\n* Use the `report_error` function with the message you wish to send: `report_error(\"your-message-here\")`\n\n### Adding Execution Tags\n\nYou can add execution tags to a function with dynamic values using the parameter `add_execution_tag`.\n\nThese tags will be searchable from within the Lumigo platform.\n\n#### Limitations\n\n* Up to 50 execution tags\n* Each tag key length can have 50 characters at most.\n* Each tag value length can have 70 characters at most.\n\n# Contributing\n\nContributions to this project are welcome from all! Below are a couple pointers on how to prepare your machine, as well as some information on testing.\n\n## Preparing your machine\n\nGetting your machine ready to develop against the package is a straightforward process:\n\n1. Clone this repository, and open a CLI in the cloned directory\n1. Create a virtual environment for the project `virtualenv venv -p python3`\n1. Activate the virtualenv: `. venv/bin/activate`\n1. Install dependencies: `pip install -r requirements.txt`\n1. Run the setup script: `python setup.py develop`.\n1. Run `pre-commit install` in your repository to install pre-commit hooks\n\n**Note**: If you are using pycharm, ensure that you set it to use the virtualenv virtual environment manager. This is available in the menu under PyCharm -\u003e Preferences -\u003e Project -\u003e Interpreter\n\n## Running the test suite\n\nWe've provided an easy way to run the unit test suite:\n\n* To run all unit tests, simply run `py.test` in the root folder.\n* To deploy services for component tests, run `sls deploy` from the root test directory. This only needs to take place when the resources change.\n* To run component tests, add the `--all` flag: `py.test --all`\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flumigo-io%2Fpython_tracer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flumigo-io%2Fpython_tracer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flumigo-io%2Fpython_tracer/lists"}