Security News
Maven Central Adds Sigstore Signature Validation
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
By Sarah Gooding - Feb 06, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@telefonica/google-analytics
Advanced tools
@telefonica/google-analytics
Google Analytics 4 library for Telefonica web projects
Usage
import {initAnalytics, logEvent, setScreenName} from '@telefonica/google-analytics';
initAnalytics('G-XXXXXXXXXX');
setScreenName('my_screen_name');
logEvent({name: 'my_event_name', foo: 'bar'});
Things to know
-
initAnalyticsmust be called before any other function. This function will inject the gtag script in the document. -
initAnalyticsfunction is idempotent. Subsequent calls toinitAnalyticswill not have any effect. -
logEventandsetScreenNamecalls won't send any data to Google Analytics untilinitAnalyticsis called. If you calllogEventorsetScreenNamebeforeinitAnalytics, the calls will be queued and sent to Google Analytics onceinitAnalyticsis done. -
Events are normalized before being sent to Google Analytics:
- Event params name are truncated to 40 characters.
- Event params value are truncated to 100 characters.
- Not allowed characters are removed from event params value.
- Multiple white spaces are removed and spaces are replaced by underscores in event params value.
- The same normalization is applied to screen names.
-
If
setScreenNameis called multiple times with the same screen name, only the first call will be sent to Google Analytics. -
setScreenNameandlogEventreturn a promise that resolves when the event has been sent to Google Analytics. -
All the events are automatically filled with a
screenNameparam containing the last screen name set withsetScreenName.
Use custom Api
Events are sent to Google servers by default (using gtagApi), but you can use a custom api to change this
behavior. For example, Novum app uses the webview bridge to send the events to the native app, and then the
native app sends the events to Firebase.
Another use case of custom api is to log events in the browser console in development mode:
import {initAnalytics, consoleApi, gtagApi} from '@telefonica/google-analytics';
initAnalytics('G-XXXXXXXXXX', {
api: process.env.NODE_ENV === 'production' ? gtagApi : consoleApi,
});
CSP
If you are using a CSP, you must add the following directives for Google Analytics to work:
script-src https://*.googletagmanager.com; connect-src https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com; img-src https://*.google-analytics.com https://*.googletagmanager.com;
Check Google docs for CSP in Google Analytics 4
FAQs
> Google Analytics 4 library for Telefonica web projects
The npm package @telefonica/google-analytics receives a total of 104 weekly downloads. As such, @telefonica/google-analytics popularity was classified as not popular.
We found that @telefonica/google-analytics demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Package last updated on 19 Sep 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
38% of CISOs Fear They’re Not Moving Fast Enough on AI
CISOs are racing to adopt AI for cybersecurity, but hurdles in budgets and governance may leave some falling behind in the fight against cyber threats.
By Sarah Gooding - Feb 04, 2025
Research
Security News
Go Supply Chain Attack: Malicious Package Exploits Go Module Proxy Caching for Persistence
Socket researchers uncovered a backdoored typosquat of BoltDB in the Go ecosystem, exploiting Go Module Proxy caching to persist undetected for years.
By Kirill Boychenko - Feb 04, 2025