feat: telemetry with privacy, consent & reliability fixes#16
Open
dheerajreddy-ui wants to merge 7 commits intosinewaveai:mainfrom
Open
feat: telemetry with privacy, consent & reliability fixes#16dheerajreddy-ui wants to merge 7 commits intosinewaveai:mainfrom
dheerajreddy-ui wants to merge 7 commits intosinewaveai:mainfrom
Conversation
…rdown, add benchmark script - CI: Parameterize Python version in matrix (3.10, 3.11, 3.12) - Doctor: Live daemon health check with start/verify/shutdown - Tests: Race timeout on garak afterAll teardown to prevent hangs - Scripts: benchmark-daemon.js for cold/warm/sync throughput comparison Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Refactored _resetForTesting() to accept a test directory parameter so tests use os.tmpdir() instead of the real ~/.agent-security-scanner-mcp/. Added tests verifying state dir isolation and no real directory access. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…ing, beforeExit hook
Tasks 3-10 from telemetry stress test plan:
- 48 new tests (75 total): opt-out, machine ID, batching, network, integration, privacy
- Fix TELEMETRY.md: IP claim, retention, machine ID reset, engine_available values, CI docs
- Cache isEnabled() per-session to avoid disk reads
- Add process.on('beforeExit', flush) for CLI telemetry
- Await trackInstall() in postinstall.js with 200ms grace period
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Wrap all tool handlers with withTelemetry() for automatic tool.invoked/error events - Add domain-specific track() calls: scan.completed, prompt.scanned, package.checked - Add CLI `telemetry --on|--off|--status` command routing - Show first-run notice on MCP server startup, flush on close/signal - Add telemetry status to `doctor` output - Track daemon usage in runAnalyzerAsync via lastAnalyzerUsedDaemon() - Add GCP Cloud Function backend (BigQuery ingestion, field allowlisting) - Add BigQuery schema (90-day partitioned, clustered by event+machine_id) - Add aggregate views: daily tool usage, daily scan stats, weekly installs, MAU Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Machine ID: replace deterministic SHA-256 with random UUID, auto-migrate legacy IDs - Consent: call showFirstRunNotice() in track() before any event is queued - Reliability: add flushAsync() with timeout aligned to FETCH_TIMEOUT_MS, replace process.exit() with cliExit() in all CLI tool branches - Endpoint: configurable via SCANNER_TELEMETRY_ENDPOINT env var, shown in --status - Wording: align all user-facing text from "anonymous" to "pseudonymous" - Docs: rewrite TELEMETRY.md machine ID section, add endpoint section - Tests: 10 new/updated tests covering UUID format, legacy migration, flushAsync, notice-before-track, and endpoint override Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
dheerajreddy-ui
changed the title
- Rewrite deploy.sh for gen2 Cloud Functions with dedicated SA, API enabling, and --source path resolution - Add engines.node >= 20 to cloud-function package.json - Update telemetry endpoint from prooflayer.com to proof-layer.com - Update TELEMETRY.md endpoint and operator references Deployed infrastructure: - Cloud Function gen2 (us-central1) with scanner-telemetry-ingest SA - BigQuery dataset scanner_telemetry with events table + 4 views - Custom domain telemetry.proof-layer.com (cert provisioning) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
crypto.randomUUID(). Legacy 64-char hex IDs are auto-migrated with_legacy_id_migratedflag.track()callsshowFirstRunNotice()before queuing any event — no telemetry fires before the user sees the notice.flushAsync()awaits batch send with timeout aligned toFETCH_TIMEOUT_MS + 500ms. All CLIprocess.exit()calls replaced withcliExit()that flushes first.SCANNER_TELEMETRY_ENDPOINTenv var; shown in--statusoutput.TELEMETRY.mdrewritten — UUID machine ID, migration notes, endpoint section.Test plan
npx vitest run tests/telemetry.test.js— 84/84 passnode index.js scan-security tests/fixtures/vulnerable.py— notice appears on first run, events flush before exitDO_NOT_TRACK=1 node index.js scan-security tests/fixtures/vulnerable.py— no notice, no telemetrynode index.js telemetry --status— shows UUID machine ID, endpoint URLmachine_idto state file, run any command, verify UUID migrationSCANNER_TELEMETRY_ENDPOINT=https://example.com/events node index.js telemetry --status— shows custom endpoint🤖 Generated with Claude Code