Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@shopify/slate-analytics
Advanced tools
Emits Slate usage events, performance data, and errors to Shopify analytics platform. Also manages user consent for collecting data while using Slate.
Consent is always asked for new users or if the data we collect has changed in a manor that requires a reconfirmation of concent. The goal of Slate analytics is to collect non-sensitive, real user metrics which will be used to improve Slate's development experience.
All emmited events include a performance.mark() for benchmarking and randomly generated process ID for linking multiple events from the same command.
We will be continually iterating Slate Analytics to catch as many errors as possible. We will not collect full stack of errors which might contain sensitive information about a user's file system.
Name | Payload |
---|---|
slate-analytics:new-user | Contents of ~/.slaterc file (Randomly generated user ID, Email, Tracking consent version) |
slate-analytics:renew-consent-prompt | Contents of ~/.slaterc file |
slate-analytics:renew-consent-true | Contents of ~/.slaterc file |
Name | Payload |
---|---|
create-slate-theme:start | Starter theme used, skipInstall flag value, verbose flag value, version of create-slate-theme |
create-slate-theme:success | version of create-slate-theme |
Name | Payload |
---|---|
slate-tools:cli:start | slate.config.js, slate-tools version |
slate-tools:build:start | Webpack config, slate-tools version |
slate-tools:build:end | Webpack config, slate-tools version |
slate-tools:deploy:start | slate-tools version |
slate-tools:deploy:end | slate-tools version |
slate-tools:deploy:error | slate-tools version, error |
slate-tools:deploy:main-theme | |
slate-tools:start:start | Webpack config, slate-tools version |
slate-tools:start:compile-errors | slate-tools version, errors |
slate-tools:start:compile-warnings | slate-tools version, warnings, compile time |
slate-tools:start:compile-success | slate-tools version, compile time |
slate-tools:start:skip-first-deploy | slate-tools version |
slate-tools:start:sync-start | slate-tools version |
slate-tools:start:sync-end | slate-tools version |
slate-tools:start:sync-error | slate-tools version |
slate-tools:zip:start | slate-tools version |
FAQs
Slate's analytics controller and event emitter
The npm package @shopify/slate-analytics receives a total of 11 weekly downloads. As such, @shopify/slate-analytics popularity was classified as not popular.
We found that @shopify/slate-analytics demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.