@appland/scanner - npm Package Compare versions

Comparing version 1.74.6 to 1.75.0

built/report/scanResults.js

@@ -104,4 +104,5 @@ "use strict";
         },
-    });
+    }),
+        { includeEnvironmentVariables: true };
 }
 exports.sendScanResultsTelemetry = sendScanResultsTelemetry;

built/telemetry.js

@@ -162,3 +162,3 @@ "use strict";
     }
-    static sendEvent(data) {
+    static sendEvent(data, options = { includeEnvironment: false }) {
         try {
@@ -168,2 +168,5 @@ const transformedProperties = transformProps(Object.assign({ version: version, args: process.argv.slice(1).join(' ') }, data.properties));
             const properties = Object.assign({ 'common.source': name, 'common.os': os.platform(), 'common.platformversion': os.release(), 'common.arch': os.arch(), 'appmap.cli.machineId': Telemetry.machineId, 'appmap.cli.sessionId': Telemetry.session.id }, transformedProperties);
+            if (options.includeEnvironment) {
+                properties['common.environmentVariables'] = Object.keys(process.env).sort().join(',');
+            }
             const event = {
@@ -170,0 +173,0 @@ name: `${name}/${data.name}`,

CHANGELOG.md

@@ -0,1 +1,8 @@
+# [@appland/scanner-v1.75.0](https://github.com/getappmap/appmap-js/compare/@appland/scanner-v1.74.6...@appland/scanner-v1.75.0) (2023-01-18)
+
+
+### Features
+
+* Report env var names ([6264cb6](https://github.com/getappmap/appmap-js/commit/6264cb6c73927a90fc350bfb1531d3a8dd97df69))
+
 # [@appland/scanner-v1.74.6](https://github.com/getappmap/appmap-js/compare/@appland/scanner-v1.74.5...@appland/scanner-v1.74.6) (2023-01-09)
@@ -2,0 +9,0 @@

package.json

 {
   "name": "@appland/scanner",
-  "version": "1.74.6",
+  "version": "1.75.0",
   "description": "Analyze AppMaps for code flaws",
@@ -5,0 +5,0 @@ "bin": "built/cli.js",

New alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

424862

increased by0.13%

Lines of code

7269

increased by0.06%

Worsened metrics

Number of low supply chain risk alerts

54

increased by1.89%

No dependency changes