
Research
/Security News
11 Malicious NuGet Tools Pose as Game Cheats to Drop a Windows Host-Surveillance Payload
11 malicious NuGet tools pose as game cheats to deploy Windows payloads, track hosts, and use Google Sheets for telemetry and control.
@ariestools/pixel
Advanced tools
Event Client for xylabs ESB
Using npm:
npm install {{name}}
Using yarn:
yarn add {{name}}
Using pnpm:
pnpm add {{name}}
Using bun:
bun add {{name}}
See the LICENSE file for license rights and limitations (LGPL-3.0-only).
### .temp-typedoc
### classes
### <a id="PixelApi"></a>PixelApi
HTTP client for sending tracking events to the XY Labs pixel API.
new PixelApi(baseUri?): PixelApi;
string = 'prod'
PixelApi
trackEvents(events): Promise<any>;
Sends an array of user events to the tracking API.
[UserEvent]#../interfaces/UserEvent
The events to submit
Promise<any>
The response data from the API
### <a id="Referrer"></a>Referrer
Tracks and persists the document referrer in both session and local storage.
new Referrer(): Referrer;
Referrer
local: string;
session: string;
toJson():
| {
local: string;
session: string;
}
| undefined;
Returns the referrer data as a JSON object, or undefined if both values are empty.
| {
local: string;
session: string;
}
| undefined
An object with local and session referrer strings, or undefined
### <a id="UniqueUserId"></a>UniqueUserId
Generates and persists a unique user identifier in localStorage.
new UniqueUserId(): UniqueUserId;
UniqueUserId
id: string;
toString(): string;
Returns the unique user ID as a string.
string
### <a id="UserEventHandler"></a>UserEventHandler
Abstract base class for handling user tracking events.
TData extends EmptyObject
new UserEventHandler<TData>(): UserEventHandler<TData>;
UserEventHandler<TData>
abstract funnelStarted<T>(fields): Promisable<void>;
Tracks a funnel-started event.
T extends object
Promisable<void>
abstract testStarted<T>(fields): Promisable<void>;
Tracks a test-started event.
T extends object
Promisable<void>
abstract userClick<T>(fields): Promisable<void>;
Tracks a user click event.
T extends object
UserClickFields | T
Promisable<void>
abstract viewContent<T>(fields): Promisable<void>;
Tracks a view-content event.
T extends object
Promisable<void>
### <a id="UtmFields"></a>UtmFields
Tracks UTM campaign parameters from query strings, persisting history in localStorage.
new UtmFields(): UtmFields;
UtmFields
fields: Record<string, string>[] = [];
getUtmRecord(): Record<string, string> | null;
Parses UTM parameters from the current URL query string.
Record<string, string> | null
A record of UTM key-value pairs, or null if none are present
toString(): string;
Returns the UTM fields history as a JSON string.
string
update(): Record<string, string>[];
Checks the query string for new UTM values and appends them to the history if changed.
Record<string, string>[]
The current UTM fields array, or undefined if empty
### <a id="XyPixel"></a>XyPixel
Singleton pixel tracker that queues and sends user events to the XY Labs tracking API.
static api: PixelApi;
cid: string;
optional email?: string;
optional email_hash?: string | null;
optional exids?: ExIds;
optional pixelId?: string;
queue: UserEvent[] = [];
get static instance(): XyPixel;
Returns the singleton XyPixel instance, throwing if not yet initialized.
XyPixel
static init(pixelId): XyPixel;
Initializes the XyPixel singleton with the given pixel ID.
string
The pixel identifier for this tracking instance
XyPixel
The newly created XyPixel instance
static selectApi(api): void;
Replaces the default PixelApi instance used for sending events.
The PixelApi instance to use
void
identify(email?): void;
Associates an email address with this pixel instance, hashing it for privacy.
string
The email address to identify the user with
void
send<T>(
event,
fields?,
eventId?): Promise<void>;
Queues a tracking event and attempts to flush the queue to the API.
T extends Record<string, unknown>
string
The event name
T
Optional event-specific fields
string
Optional unique event identifier
Promise<void>
### <a id="XyUserEventHandler"></a>XyUserEventHandler
Concrete event handler that sends tracking events through the XyPixel singleton.
T extends EmptyObject = EmptyObject
new XyUserEventHandler<T>(): XyUserEventHandler<T>;
XyUserEventHandler<T>
funnelStarted(fields): Promise<void>;
Sends a funnel-started event via the pixel API.
Promise<void>
UserEventHandler.funnelStarted
purchase(fields): Promise<void>;
Sends a purchase event via the pixel API.
PurchaseFields | T
Promise<void>
testStarted(fields): Promise<void>;
Sends a test-started event via the pixel API.
Promise<void>
userClick(fields): Promise<void>;
Sends a user click event via the pixel API.
UserClickFields | T
Promise<void>
viewContent(fields): Promise<void>;
Sends a view-content event via the pixel API.
Promise<void>
### interfaces
### <a id="CommonFields"></a>CommonFields
Common fields shared across all tracking event types.
optional funnel?: string;
optional testData?: string;
### <a id="FunnelStartedFields"></a>FunnelStartedFields
Fields for a funnel-started tracking event.
optional funnel?: string;
optional testData?: string;
name: string;
### <a id="PurchaseFields"></a>PurchaseFields
Fields for a purchase tracking event.
optional funnel?: string;
optional testData?: string;
id: string;
optional name?: string;
optional price?: number;
optional value?: number;
### <a id="TestStartedFields"></a>TestStartedFields
Fields for a test-started tracking event (e.g. A/B test).
optional funnel?: string;
optional testData?: string;
name: string;
### <a id="UserClickFields"></a>UserClickFields
Fields for a user click tracking event.
optional funnel?: string;
optional testData?: string;
elementName: string;
elementType: string;
optional intent?: string;
optional placement?: string;
### <a id="UserEvent"></a>UserEvent
Represents a single user tracking event to be sent to the pixel API.
cid: string;
optional create_time?: number;
optional email?: string;
optional email_hash?: string;
optional event?: string;
optional event_id?: string;
optional exids?: ExIds;
optional fields?: Record<string, unknown>;
optional host?: string;
optional pathname?: string;
optional pixel?: string;
optional receive_time?: number;
optional referrer?: object;
local: string;
session: string;
optional rid?: string;
optional system?: ParsedResult;
optional uid?: string;
optional utm?: Record<string, string>[] | Record<string, string[]>;
### <a id="ViewContentFields"></a>ViewContentFields
Fields for a view-content tracking event.
optional funnel?: string;
optional testData?: string;
name: string;
path: string;
### <a id="XyLabsTrackingEventJson"></a>XyLabsTrackingEventJson
JSON structure for an XY Labs tracking event as stored or transmitted.
cid: string;
optional create_time?: number;
optional email?: string;
optional email_hash?: string;
optional event?: string;
optional event_id?: string;
optional exids?: Record<string, string>;
optional fields?: Record<string, unknown>;
optional host?: string;
optional ip?: string;
optional pathname?: string;
optional pixel?: string;
optional receive_time?: number;
optional rid?: string;
optional system?: unknown;
optional ua?: string;
optional uid?: string;
optional utm?: Record<string, string>[] | Record<string, string[]>;
### interfaces
### <a id="UserEventSystem"></a>UserEventSystem
interface UserEventSystem
Parsed browser/OS/engine information from the user agent string.
optional browser: UserEventSystemBrowser;
optional engine: UserEventSystemEngine;
optional os: UserEventSystemOS;
optional platform: UserEventSystemPlatform;
FAQs
Event Client for xylabs ESB
We found that @ariestools/pixel demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
11 malicious NuGet tools pose as game cheats to deploy Windows payloads, track hosts, and use Google Sheets for telemetry and control.

Research
/Security News
4 compromised asyncapi packages deliver miasma botnet loader on macOS, Linux and Windows.

Research
/Security News
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.