Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
heap-api
Advanced tools
Readme
This is a node.js client for the Heap server-side API.
This package is tested on node.js 0.10 and above.
Install using npm.
npm install heap-api@1.x --save
Create an API client.
var heap = require('heap-api')('YOUR_APP_ID');
Track a server-side event in a fire-and-forget fashion.
heap.track('event-name', 'user-identity');
heap.track('event-name', 'user-identity', { property: 'value' });
Add properties to a user. Take advantage of the returned ES6 Promise to do more work when the call completes.
heap.addUserProperties('user-identity', { plan: 'premium1' })
.then(function() {
// Do more work.
});
Set up an event listener to log Heap API call failures.
heap.on('error', function(error) {
console.error(error);
});
Track a server-side event.
heap.track('event-name', 'user-identity', function(error) {
if (error)
console.error(error);
});
Track a server-side event with properties.
heap.track('event-name', 'user-identity', { property: 'value' }, function(error) {
if (error)
console.error(error);
});
Add properties to a user.
heap.addUserProperties('user-identity', { plan: 'premium1' }, function(error) {
if (error)
console.error(error);
});
The methods described above return
ES6 Promises.
The promises can be safely ignored. track
is a good candidate for
fire-and-forget usage.
heap.track('event-name', 'user-identity');
Alternatively, the promises can be used to learn when an API call completes or fails.
heap.addUserProperties('user-identity', { plan: 'premium1' })
.then(function() {
console.log("API call succeeded");
});
.catch(function(error) {
console.error(error);
});
The Promises are created using any-promise, which can be configured to use your application's favorite Promise implementation. The v8 Javascript engine versions used by node.js 0.12 and above include a native Promise implementation that is used by default.
require('any-promise/register')('when');
On node.js 0.10 and below, you must either explicitly configure a Promise library, or install a polyfill such as es6-promises, as shown below.
require('es6-promises').polyfill();
In some testing environments, connecting to outside servers is undesirable. Set
the stubbed
property to true
to have all API calls succeed without
generating any network traffic.
beforeEach(function() {
heap.stubbed = true;
});
afterEach(function() {
heap.stubbed = false
});
Alternatively, pass the stubbed
option when creating the API client.
var heap = require('heap-api')('YOUR_APP_ID', { stubbed: true });
After cloning the repository, install the dependencies.
npm install
Make sure the tests pass after making a change.
npm test
When adding new functionality, make sure it has good test coverage.
npm run cov
When adding new functionality, also make sure that the documentation looks reasonable.
npm run doc
If you submit a pull request, Travis CI will run the test suite against your code on the node versions that we support. Please fix any errors that it reports.
Copyright (c) 2016 Heap Inc., released under the MIT license.
FAQs
Heap Server-Side API Client
The npm package heap-api receives a total of 1,352 weekly downloads. As such, heap-api popularity was classified as popular.
We found that heap-api demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.