The hassle-free way to integrate analytics into any web application. 

vdemedes

segment-admin

segmentio

flaque

achille-roussel

akleiner2

alan-segment

albert.segment

alistairbarrell

amillet89

andreiko_ru

andrius-segment

andy-li

andyguwc

anna.choi

anoonan

anoonan16

arta.razavi

aultimus

av-segment

benhorowitz

bgamwell

bihl

brian-segment

brienne.mcnally

bsneed

calthomson

cdrycroft

chenpengcheng

cohara87

colinlohner

cvillela

danieljackins

davidbirdsong

dk1027

dominicbarnes

drew-thompson

durgani

eculver

eesegment

emilio-gomez-lavin

emily.luckette

emilyc

emilyluckette

eric.rogner

erikdw

f2prateek

fauzyy

gilomer

gnijor

gpsamson

hblanks-segment

hellooimkat

iajiboye

jaimal

james9446

jeremylarkin

jfabre-segment

jlee9595

jmbuckner

juhaelee

julee05

julio.farah

kamebkj

kathryn-taylor

kelcook

kellylu

khinkalilover

kiara.daswani

knoonan

ktrinh

lab176

ladanazita

lauramunozjimenez

laurenmreeder

leifdreizler

llbsgmt

maggieyu

maloneya

marcelopv

mericsson

mniehe

mshwery

n2parko

nettofarah

nickatsegment

nielssegment

nlsun

odoren

osamakhn

parsa-segment

pauljaeinyoo

peripheral

pooyaj

prayansh-segmentt

priscilla.giatti

rjenkinsseg

rowno

rsata

ryan_segment

@segment/analytics.js-core

kevva

ivolo

sahilp

segment-andy-yeo

segment-danielstjules

segment-ulysse

stevenmiller888

tidothegreat

tyson_segment

xagos

atrivedi1

boggsboggs

calvinfo

carlosmecha

ccnixon

dfuentes

dscrobonia

erickimsegment

fforres

jeroenransijn

jfmaggie

joeybloggs

maxence-charriere

msanterre

notfelineit

nzoschke

rarchana2001asu

rlc4

rpaul80

segment-anastassia

segment-cyammine

sperand-io

srthurman

systemizer

tamarrow

tejasmanohar

williams-blake

yields

chrisbuttery

codenameatlas

ejcx

hanothan

josh_segment

nielst

segment-scott

segmentmfischer

reinpk

segment-maggie-chu

(Experimental) An ambiguous license classifier was found.

What is an ambiguous license classifier?

Ambiguous License Classifier

Source files are encoded using a non-standard text encoding.

What is bad text encoding?

Bad text encoding

Package version is not a valid semantic version (semver).

What is bad semver?

Bad semver

Package has dependencies with an invalid semantic version. This could be a sign of beta, low quality, or unmaintained dependencies.

What is bad dependency semver?

Bad dependency semver

Source files contain bidirectional unicode control characters. This could indicate a Trojan source supply chain attack. See: trojansource.codes for more information.

What are bidirectional unicode control characters?

Bidirectional unicode control characters

This package has multiple bin scripts with the same name.  This can cause non-deterministic behavior when installing or could be a sign of a supply chain attack

What is bin script confusion?

Bin script confusion

Semantic versions published out of chronological order.

What is a chronological version anomaly?

Chronological version anomaly

Project maintainer's SSH key has been compromised.

What is a compromised SSH key?

Compromised SSH key

(Experimental) Copyleft license information was found

What do I need to know about license files?

Copyleft License

Contains a Critical Common Vulnerability and Exposure (CVE).

What is a critical CVE?

Title

Critical CVE

Contains a high severity Common Vulnerability and Exposure (CVE).

What is a CVE?

High CVE

Uses debug, reflection and dynamic code execution features.

What is debug access?

Debug access

The maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.

What is a deprecated package?

Deprecated

(Experimental) Contains a known deprecated SPDX license exception.

What is a deprecated SPDX exception?

Deprecated SPDX exception

(Experimental) License is deprecated which may have legal implications regarding the package's use.

What is a deprecated license?

Deprecated license

Package name is similar to other popular packages and may not be the package you want.

What is a typosquat?

Possible typosquat attack

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

What is dynamic require?

Dynamic require


		3.4.1 / 2018-04-23
		==================

		* Catch and guard against Integration errors

		3.4.0 / 2018-03-05
		@@ -3,0 +8,0 @@ ==================

		@@ -618,3 +618,7 @@ 'use strict';
		} else {
		integration.invoke.call(integration, method, facade);
		try {
		integration.invoke.call(integration, method, facade);
		} catch (e) {
		self.log('Error invoking .%s method of %s integration: %o', method, name, e);
		}
		}
		@@ -621,0 +625,0 @@ }, this._integrations);

		{
		"name": "@segment/analytics.js-core",
		"author": "Segment <friends@segment.com>",
		"version": "3.4.0",
		"version": "3.4.1",
		"description": "The hassle-free way to integrate analytics into any web application.",
		@@ -6,0 +6,0 @@ "keywords": [

		@@ -325,2 +325,7 @@ 'use strict';

		it('should not crash when invoking integration fails', function() {
		Test.prototype.invoke = function() { throw new Error('Uh oh!'); };
		analytics.track('Test Event');
		});

		it('should support .integrations to disable / select integrations', function() {
		@@ -327,0 +332,0 @@ var opts = { integrations: { Test: false } };

New alerts

Improved metrics

Worsened metrics