Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
anonymous-insight
Advanced tools
Readme
Understand how your tool is being used by anonymously reporting usage metrics to Google Analytics or Yandex.Metrica
Currently Insight should to be used with GA set up as web tracking due to use of URLs. Future plan include refactoring to work with GA set up for app-based tracking and the Measurement Protocol.
For debugging, Insight can track OS version, node version and version of the app that implements Insight. Please set up custom dimensions per below screenshot. This is a temporary solution until Insight is refactored into app-based tracking.
Insight cares deeply about the security of your user's data, and strives to be fully transparent with what it tracks. All data is sent via HTTPS secure connections. Insight provides API to offer an easy way for users to opt-out at any time.
Below is what Insight is capable of tracking. Individual implementation can choose to not track some items.
var Insight = require('anonymous-insight');
var pkg = require('./package.json');
var insight = new Insight({
// Google Analytics tracking code
trackingCode: 'UA-XXXXXXXX-X',
pkg: pkg
});
insight.track('foo', 'bar');
// recorded in Analytics as `/foo/bar`
var Insight = require('anonymous-insight');
var pkg = require('./package.json');
var insight = new Insight({
// Yandex.Metrica counter id
trackingCode: 'XXXXXXXXX'
trackingProvider: 'yandex',
pkg: pkg
});
insight.track('foo', 'bar');
// recorded in Yandex.Metrica as `http://<package-name>.insight/foo/bar`
or a live example
Required
Type: string
Your Google Analytics trackingCode or Yandex.Metrica counter id.
Type: string
Default: 'google'
Values: 'google'
, 'yandex'
Tracking provider to use.
Required
Type: string
Type: string
Default: 'undefined'
Type: object
Default: An instance of configstore
If you want to use your own configuration mechanism instead of the default
configstore
-based one, you can provide an object that has to implement two
synchronous methods:
get(key)
set(key, value)
Accepts keywords which ends up as a path in Analytics.
.track('init', 'backbone')
becomes /init/backbone
BSD license and copyright Google
FAQs
Understand how your tool is being used by anonymously reporting usage metrics to an analtyics vendor, e.g. Google Analytics.
The npm package anonymous-insight receives a total of 22 weekly downloads. As such, anonymous-insight popularity was classified as not popular.
We found that anonymous-insight demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.