@react-native-windows/telemetry
Advanced tools
Comparing version 0.0.0-canary.2 to 0.0.0-canary.3
@@ -5,3 +5,18 @@ { | ||
{ | ||
"date": "Thu, 05 Nov 2020 05:05:12 GMT", | ||
"date": "Thu, 05 Nov 2020 17:30:26 GMT", | ||
"tag": "@react-native-windows/telemetry_v0.0.0-canary.3", | ||
"version": "0.0.0-canary.3", | ||
"comments": { | ||
"prerelease": [ | ||
{ | ||
"comment": "sanitize paths in other drives too", | ||
"author": "asklar@microsoft.com", | ||
"commit": "10d82a2167557800fd518a13c170bdc7e7bffc14", | ||
"package": "@react-native-windows/telemetry" | ||
} | ||
] | ||
} | ||
}, | ||
{ | ||
"date": "Thu, 05 Nov 2020 05:05:45 GMT", | ||
"tag": "@react-native-windows/telemetry_v0.0.0-canary.2", | ||
@@ -8,0 +23,0 @@ "version": "0.0.0-canary.2", |
# Change Log - @react-native-windows/telemetry | ||
This log was last generated on Thu, 05 Nov 2020 05:05:12 GMT and should not be manually modified. | ||
This log was last generated on Thu, 05 Nov 2020 17:30:26 GMT and should not be manually modified. | ||
<!-- Start content --> | ||
## 0.0.0-canary.3 | ||
Thu, 05 Nov 2020 17:30:26 GMT | ||
### Changes | ||
- sanitize paths in other drives too (asklar@microsoft.com) | ||
## 0.0.0-canary.2 | ||
Thu, 05 Nov 2020 05:05:12 GMT | ||
Thu, 05 Nov 2020 05:05:45 GMT | ||
@@ -11,0 +19,0 @@ ### Changes |
@@ -15,3 +15,30 @@ "use strict"; | ||
exports.telClient = appInsights.defaultClient; | ||
// CODE-SYNC: \packages\react-native-windows-init\src\Cli.ts | ||
function getAnonymizedPath(filepath) { | ||
const projectRoot = process.cwd().toLowerCase(); | ||
const knownPathsVars = ['appdata', 'localappdata', 'userprofile']; | ||
if (filepath.toLowerCase().startsWith(projectRoot)) { | ||
const ext = path.extname(filepath); | ||
const rest = filepath.slice(projectRoot.length); | ||
const node_modules = '\\node_modules\\'; | ||
// this is in the project dir but not under node_modules | ||
if (rest.toLowerCase().startsWith('\\windows\\')) { | ||
return `[windows]\\???${ext}(${filepath.length})`; | ||
} | ||
else if (rest.toLowerCase().startsWith(node_modules)) { | ||
return 'node_modules' + rest.slice(node_modules.length - 1); | ||
} | ||
else { | ||
return `[project_dir]\\???${ext}(${filepath.length})`; | ||
} | ||
} | ||
else { | ||
for (const knownPath of knownPathsVars) { | ||
if (process.env[knownPath] && | ||
filepath.toLowerCase().startsWith(process.env[knownPath].toLowerCase())) { | ||
return `[${knownPath}]\\???(${filepath.length})`; | ||
} | ||
} | ||
} | ||
return '[path]'; | ||
} | ||
/** | ||
@@ -24,25 +51,18 @@ * Sanitize any paths that appear between quotes (''), brackets ([]), or double quotes (""). | ||
const clean = []; | ||
const projectRoot = process.cwd().toLowerCase(); | ||
const pathRegEx = /[A-Za-z]:\\([^<>:;,?"*\t\r\n|/\\]+\\)+([^<>:;,?"*\t\r\n|/]+)/gi; | ||
for (const part of parts) { | ||
if (part.toLowerCase().startsWith(projectRoot)) { | ||
const ext = path.extname(part); | ||
const rest = part.slice(projectRoot.length); | ||
const node_modules = '\\node_modules\\'; | ||
// this is in the project dir but not under node_modules | ||
if (rest.toLowerCase().startsWith('\\windows\\')) { | ||
clean.push(`[windows]\\???${ext}(${part.length})`); | ||
if (pathRegEx.test(part)) { | ||
pathRegEx.lastIndex = -1; | ||
let matches; | ||
let noPath = ''; | ||
let last = 0; | ||
while ((matches = pathRegEx.exec(part))) { | ||
noPath += | ||
part.substr(last, matches.index - last) + | ||
getAnonymizedPath(matches[0]); | ||
last = matches.index + matches[0].length; | ||
} | ||
else if (rest.toLowerCase().startsWith(node_modules)) { | ||
clean.push('node_modules' + rest.slice(node_modules.length - 1)); | ||
} | ||
else { | ||
clean.push(`[project_dir]\\???${ext}(${part.length})`); | ||
} | ||
clean.push(noPath); | ||
} | ||
else if (part.toLowerCase().includes(projectRoot)) { | ||
// the path is in there but it isn't in a format we expect | ||
const filepathRegEx = new RegExp(`${projectRoot.replace(/\\/g, '\\\\')}[^<>:;,?"*|/]*`, 'gi'); | ||
clean.push(part.replace(filepathRegEx, '[project_dir]\\...')); | ||
} | ||
else { | ||
else if (part !== '') { | ||
clean.push(part); | ||
@@ -49,0 +69,0 @@ } |
@@ -22,13 +22,27 @@ "use strict"; | ||
expect(telemetry.sanitizeMessage(`this is the cwd: '${process.cwd()}' and something else`)).toEqual(`this is the cwd: [project_dir]\\???(${process.cwd().length}) and something else`); | ||
expect(telemetry.sanitizeMessage(`this is the cwd: ${process.cwd()} and something else`)).toEqual('this is the cwd: [project_dir]\\...'); | ||
expect(telemetry.sanitizeMessage(`this is the cwd: ${process.cwd()} and something else`)).toEqual(`this is the cwd: [project_dir]\\???(${(process.cwd() + ' and something else').length})`); | ||
}); | ||
test('Sanitize message, node_modules', () => { | ||
expect(telemetry.sanitizeMessage(`this is the cwd: '${process.cwd()}\\node_modules'`)).toEqual(`this is the cwd: [project_dir]\\???(${(process.cwd() + '\\node_modules').length})`); | ||
expect(telemetry.sanitizeMessage(`this is the cwd: '${process.cwd()}\\node_modules\\'`)).toEqual('this is the cwd: node_modules\\'); | ||
expect(telemetry.sanitizeMessage(`uppercase: '${process.cwd().toUpperCase()}\\NODE_MODULES\\'`)).toEqual('uppercase: node_modules\\'); | ||
expect(telemetry.sanitizeMessage(`this is the cwd: '${process.cwd()}\\node_modules\\foo'`)).toEqual('this is the cwd: node_modules\\foo'); | ||
expect(telemetry.sanitizeMessage(`uppercase: '${process.cwd().toUpperCase()}\\NODE_MODULES\\foo'`)).toEqual('uppercase: node_modules\\foo'); | ||
expect(telemetry.sanitizeMessage(`lowercase: '${process.cwd().toLowerCase()}\\NODE_MODULES\\'`)).toEqual('lowercase: node_modules\\'); | ||
expect(telemetry.sanitizeMessage(`trailing: '${process.cwd()}\\node_modules\\' and something else`)).toEqual('trailing: node_modules\\ and something else'); | ||
expect(telemetry.sanitizeMessage(`this is the cwd: ${process.cwd()}\\node_modules and something else that could be part of the path`)).toEqual('this is the cwd: [project_dir]\\...'); | ||
expect(telemetry.sanitizeMessage(`this is the cwd: ${process.cwd()}\\node_modules\\ and something else that could be part of the path`)).toEqual('this is the cwd: [project_dir]\\...'); | ||
expect(telemetry.sanitizeMessage(`this is the cwd: ${process.cwd()}\\node_modules and something else that could be part of the path`)).toEqual(`this is the cwd: [project_dir]\\???(${(process.cwd() + | ||
'\\node_modules and something else that could be part of the path').length})`); | ||
expect(telemetry.sanitizeMessage(`this is the cwd: ${process.cwd()}\\node_modules\\ a file under nm`)).toEqual(`this is the cwd: node_modules\\ a file under nm`); | ||
}); | ||
test('Sanitize message, other path', () => { | ||
expect(telemetry.sanitizeMessage(`this is another path: 'A:\\foo\\bar\\baz'`)).toEqual(`this is another path: [path]`); | ||
expect(telemetry.sanitizeMessage(`this is another path: A:\\foo\\bar\\baz`)).toEqual(`this is another path: [path]`); | ||
expect(telemetry.sanitizeMessage(`Cannot find module 'react-native/package.json' | ||
Require stack: | ||
- ${process.env.APPDATA}\\npm-cache\\_npx\\1384\\node_modules\\react-native-windows-init\\lib-commonjs\\Cli.js | ||
- ${process.env.APPDATA}\\npm-cache\\_npx\\1384\\node_modules\\react-native-windows-init\\bin.js`)).toEqual(`Cannot find module react-native/package.json | ||
Require stack: | ||
- [appdata]\\???(${(process.env.APPDATA + | ||
'\\npm-cache\\_npx\\1384\\node_modules\\react-native-windows-init\\lib-commonjs\\Cli.js').length}) | ||
- [appdata]\\???(${(process.env.APPDATA + | ||
'\\npm-cache\\_npx\\1384\\node_modules\\react-native-windows-init\\bin.js').length})`); | ||
}); | ||
test('Sanitize stack frame', () => { | ||
@@ -133,3 +147,3 @@ const emptyFrame = { | ||
expect(data.exceptions.length).toEqual(1); | ||
expect(data.exceptions[0].message).toEqual('hello [project_dir]\\...'); | ||
expect(data.exceptions[0].message).toEqual(`hello [project_dir]\\???(${process.cwd().length})`); | ||
const stack = data.exceptions[0].parsedStack; | ||
@@ -136,0 +150,0 @@ expect(stack).toBeDefined(); |
{ | ||
"name": "@react-native-windows/telemetry", | ||
"version": "0.0.0-canary.2", | ||
"version": "0.0.0-canary.3", | ||
"license": "MIT", | ||
@@ -5,0 +5,0 @@ "main": "lib-commonjs/index.js", |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 2 instances in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
30450
378
10