Security News
The Hidden Blast Radius of the Axios Compromise
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.
By Ahmad Nassri - Apr 01, 2026
New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
@hfaxjs/data-report
Advanced tools
Introduce
@hfaxjs 数据埋点插件,目前集成神策sdk。
Getting Started
需要安装@hfaxjs/core 核心库
cnpm install @hfaxjs/core --save
cnpm install @hfaxjs/data-report --save
Usage
import hfax from '@hfaxjs/core';
import dataReport from '@hfaxjs/data-report';
//init
hfax.use(dataReport,{
server_url:process.env.VUE_APP_HFAXJS_DATAREPORT_URL, //必填 服务地址
registerPageConfig:{ //公共扩展字段, 按照项目需求为主,加上之后 调用track方法会在上报中加上公共参数
platform_type:"xx",
app_name:"xx",
is_enrolled: false,
},
})
//test
hfax.dataReport.track("xx", {
button_title: "xx"
});
Configuration
// 配置参数 详细参考 https://www.sensorsdata.cn/manual/js_sdk.html#14-%E5%8F%82%E6%95%B0%E9%85%8D%E7%BD%AE
export interface dataReportConfig{
/* 必填参数 */
name: string; // 使用的一个默认的全局变量 如定义成 sensors 的话,后面可以使用 sensors.track() 用来跟踪信息
server_url: string; //数据接收地址
/* 可选参数 */
heatmap: object; //点击图配置
cross_subdomain: boolean;
show_log: boolean;
source_channel: number[];
is_track_device_id: boolean;
send_type: string;
callback_timeout: number;
queue_timeout: number;
datasend_timeout: number;
preset_properties: object;
is_track_single_page: boolean;
batch_send: boolean;
/* 扩展参数 */
isRegisterPage: boolean; //是否需要注册页面公共属性
registerPageConfig:object; //注册页面公共属性配置参数对象 isRegisterPage为true时该项必填
}
Api
track(event_name[, properties][, callback])
使用 hfax.dataReport.track(event_name[, properties][, callback]) 记录事件(触发的事件会存储到神策分析系统的 events 表中)
event_name: string,必选。表示要追踪的事件名。
properties: object,可选。表示这个事件的属性。
callback: function,可选。表示已经发送完数据之后的回调。
示例:
hfax.dataReport.track("hfax_keybutton_click", {
button_title: "产品详情页点击立即出借按钮"
})
getDistinctId()
使用 hfax.dataReport.getDistinctId() 获取未登录用户匿名id
login(userID)
使用 hfax.dataReport.login(userID) 关联登录用户
userID: 用户登陆后的userID 。
示例:
hfax.dataReport.login('xxxxxxxx')
Version
current version:1.0.0
FAQs
hfax data report plugin
We found that @hfaxjs/data-report demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 23 Nov 2019
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Supply Chain Attack on Axios Pulls Malicious Dependency from npm
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
By Socket Research Team - Mar 31, 2026
Research
TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
By Socket Research Team - Mar 27, 2026