Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@snowplow/tracker-core
Advanced tools
@snowplow/tracker-core is a core library for Snowplow event tracking. It provides the essential functionalities to track events, manage contexts, and handle custom schemas. This package is typically used as a base for building more specific trackers for different platforms.
Track Structured Events
This feature allows you to track structured events, which are events with a predefined set of properties such as category, action, label, property, and value.
const { trackerCore } = require('@snowplow/tracker-core');
const core = trackerCore('my-namespace', 'my-app-id');
core.trackStructEvent({
category: 'category',
action: 'action',
label: 'label',
property: 'property',
value: 42
});
Track Unstructured Events
This feature allows you to track unstructured events, which are events with a custom schema. You can define your own schema and send data that conforms to it.
const { trackerCore } = require('@snowplow/tracker-core');
const core = trackerCore('my-namespace', 'my-app-id');
core.trackUnstructEvent({
schema: 'iglu:com.acme/event/jsonschema/1-0-0',
data: {
key1: 'value1',
key2: 'value2'
}
});
Add Contexts
This feature allows you to add contexts to your events. Contexts provide additional information about the event, such as user details, session information, or any other relevant data.
const { trackerCore } = require('@snowplow/tracker-core');
const core = trackerCore('my-namespace', 'my-app-id');
const contexts = [
{
schema: 'iglu:com.acme/context/jsonschema/1-0-0',
data: {
key1: 'value1',
key2: 'value2'
}
}
];
core.trackStructEvent({
category: 'category',
action: 'action',
label: 'label',
property: 'property',
value: 42,
context: contexts
});
analytics-node is the official Segment library for Node.js. It allows you to track events and send them to Segment, which can then forward them to various analytics services. Compared to @snowplow/tracker-core, analytics-node is more focused on integration with the Segment platform and provides a higher-level API for event tracking.
mixpanel is the official Mixpanel library for Node.js. It allows you to track events and send them to Mixpanel for analysis. Compared to @snowplow/tracker-core, mixpanel is more focused on providing analytics and insights within the Mixpanel platform and offers a higher-level API for event tracking.
Core module to be used by Snowplow JavaScript based trackers.
Part of the Snowplow JavaScript Tracker monorepo.
Build with Node.js (18 - 20) and Rush.
npm install -g @microsoft/rush
git clone https://github.com/snowplow/snowplow-javascript-tracker.git
rush update
cd libraries/tracker-core
rushx build
rushx test
With npm:
npm install @snowplow/tracker-core
const trackerCore = require('@snowplow/tracker-core').trackerCore;
// Create an instance with base 64 encoding set to false (it defaults to true)
const core = trackerCore({
base64: false
});
import { trackerCore } from '@snowplow/tracker-core';
// Create an instance with base 64 encoding set to false (it defaults to true)
const core = trackerCore({
base64: false
})
// Add a name-value pair to all payloads
core.addPayloadPair('vid', 2);
// Add each name-value pair in a dictionary to all payloads
core.addPayloadDict({
'ds': '1160x620',
'fp': 4070134789
});
// Add name-value pairs to all payloads using convenience methods
core.setTrackerVersion('js-3.6.0');
core.setPlatform('web');
core.setUserId('user-321');
core.setColorDepth('24');
core.setViewport('600', '400');
core.setUseragent('Snowplow/0.0.1');
// Track a page view with URL and title
const pageViewPayload = core.track(
buildPageView({
pageUrl: 'http://www.example.com',
pageTitle: 'landing page',
})
);
console.log(pageViewPayload);
/*
{
'e': 'pv',
'url': 'http://www.example.com',
'page': 'landing page',
'uid': 'user-321',
'vid': 2,
'ds': '1160x620',
'fp': 4070134789,
'tv': 'js-3.6.0',
'p': 'web',
'cd': '24',
'vp': '600x400',
'ua': 'Snowplow/0.0.1',
'dtm': '1406879959702', // timestamp
'eid': 'cd39f493-dd3c-4838-b096-6e6f31015409' // UUID
}
*/
// Stop automatically adding tv, p, and dtm to the payload.
core.resetPayloadPairs({});
// Track an unstructured event
const selfDescribingEventPayload = core.track(
buildSelfDescribingEvent({
event: {
'schema': 'iglu:com.snowplowanalytics.snowplow/link_click/jsonschema/1-0-0',
'data': {
'targetUrl': 'http://www.destination.com',
'elementId': 'bannerLink'
}
}
})
);
console.log(selfDescribingEventPayload);
/*
{
'e': 'ue',
'eid': '4ed5da6b-7fff-4f24-a8a9-21bc749881c6',
'dtm': '1659086693634',
'ue_pr': "{\"schema\":\"iglu:com.snowplowanalytics.snowplow/unstruct_event/jsonschema/1-0-0\",\"data\":{\"schema\":\"iglu:com.snowplowanalytics.snowplow/link_click/jsonschema/1-0-0\",\"data\":{\"targetUrl\":\"http://www.destination.com\",\"elementId\":\"bannerLink\"}}}"
}
*/
Core instances can be initialized with a configuration object. base64
Determines whether custom contexts and unstructured events will be base 64 encoded. corePlugins
are used to intercept payload creation and add contexts on every event. callback
is an optional callback function which gets applied to every payload created by the instance.
const core = trackerCore({
base64: true,
corePlugins: [/* Your plugins here*/],
callback: console.log
});
The above example would base 64 encode all unstructured events and custom contexts and would log each payload to the console.
Use the setBase64Encoding
method to turn base 64 encoding on or off after initializing a core instance:
const core = trackerCore(); // Base 64 encoding on by default
core.setBase64Encoding(false); // Base 64 encoding is now off
For more information on the Snowplow JavaScript Tracker Core's API, view its docs page.
Licensed and distributed under the BSD 3-Clause License (An OSI Approved License).
Copyright (c) 2022 Snowplow Analytics Ltd, 2010 Anthon Pang.
All rights reserved.
FAQs
Core functionality for Snowplow JavaScript trackers
The npm package @snowplow/tracker-core receives a total of 272,981 weekly downloads. As such, @snowplow/tracker-core popularity was classified as popular.
We found that @snowplow/tracker-core demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.