-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: track new landing_v2 features (wip) #1212
base: master
Are you sure you want to change the base?
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change | ||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
@@ -55,6 +55,7 @@ | |||||||||||||||
} | ||||||||||||||||
|
||||||||||||||||
get tracking() { | ||||||||||||||||
console.log('got', (window as any).mixpanel); | ||||||||||||||||
return (window as any).mixpanel; | ||||||||||||||||
} | ||||||||||||||||
Comment on lines
57
to
60
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Remove console log statement This debug console log should be removed before merging to production as it violates the ESLint no-console rule and has caused pipeline failures. get tracking() {
- console.log('got', (window as any).mixpanel);
return (window as any).mixpanel;
} 📝 Committable suggestion
Suggested change
🧰 Tools🪛 ESLint[error] 58-58: Unexpected console statement. (no-console) 🪛 GitHub Check: lint[failure] 58-58: 🪛 GitHub Actions: TypeScript Lint Check[error] 58-58: ESLint: Unexpected console statement (no-console) |
||||||||||||||||
|
||||||||||||||||
|
@@ -64,9 +65,11 @@ | |||||||||||||||
...flattenedObject, | ||||||||||||||||
Asset: 'Integration Settings Web' | ||||||||||||||||
}; | ||||||||||||||||
console.log('attempting:', action, properties); | ||||||||||||||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Remove console log statements These debugging statements should be removed before merging to production. They violate the ESLint no-console rule and have caused pipeline failures. - console.log('attempting:', action, properties);
try {
if (this.tracking) {
this.tracking.track(`${trackingApp ? trackingApp : 'Integration Settings Web'}: ${action}`, properties);
- console.log(`tracked: ${trackingApp ? trackingApp : 'Integration Settings Web'}: ${action}`, properties);
}
} catch (e) { Also applies to: 72-72 🧰 Tools🪛 ESLint[error] 68-68: Unexpected console statement. (no-console) 🪛 GitHub Check: lint[failure] 68-68: |
||||||||||||||||
try { | ||||||||||||||||
if (this.tracking) { | ||||||||||||||||
this.tracking.track(`${trackingApp ? trackingApp : 'Integration Settings Web'}: ${action}`, properties); | ||||||||||||||||
console.log(`tracked: ${trackingApp ? trackingApp : 'Integration Settings Web'}: ${action}`, properties); | ||||||||||||||||
} | ||||||||||||||||
} catch (e) { | ||||||||||||||||
console.error('Tracking error:', e); | ||||||||||||||||
|
@@ -124,4 +127,8 @@ | |||||||||||||||
onErrorResolve(trackingApp: TrackingApp, properties: ResolveMappingErrorProperty): void { | ||||||||||||||||
this.eventTrack('Resolve Mapping Error', trackingApp, properties); | ||||||||||||||||
} | ||||||||||||||||
|
||||||||||||||||
onDropDownOpen(trackingApp: TrackingApp): void { | ||||||||||||||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I don't see any caller to this |
||||||||||||||||
this.eventTrack('Dropdown Open', trackingApp); | ||||||||||||||||
} | ||||||||||||||||
} |
Original file line number | Diff line number | Diff line change | ||||||||
---|---|---|---|---|---|---|---|---|---|---|
|
@@ -8,12 +8,13 @@ | |||||||||
|
||||||||||
<!-- Mixpanel --> | ||||||||||
<script type="text/javascript"> | ||||||||||
if (window.location.hostname !== "localhost") { | ||||||||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. pls revert all these file changes |
||||||||||
if (true) { | ||||||||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Enable tracking only in production environments Using - if (true) {
+ if (window.location.hostname !== "localhost") { 📝 Committable suggestion
Suggested change
|
||||||||||
try { | ||||||||||
const MIXPANEL_PROJECT_TOKEN = '{{MIXPANEL_PROJECT_TOKEN}}'; | ||||||||||
|
||||||||||
const MIXPANEL_PROJECT_TOKEN = 'dce787f3a74f5ede8264af230a4b4652'; | ||||||||||
const MIXPANEL_CUSTOM_LIB_URL = 'https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js'; | ||||||||||
Comment on lines
+13
to
+14
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 💡 Verification agent 🧩 Analysis chainAvoid hardcoding Mixpanel token in source code Hardcoding API tokens in the source code is a security risk and could potentially be misused. The static analysis has flagged this as a generic API key leak. Consider using environment variables or a secure configuration approach instead: - const MIXPANEL_PROJECT_TOKEN = 'dce787f3a74f5ede8264af230a4b4652';
+ const MIXPANEL_PROJECT_TOKEN = '{{MIXPANEL_PROJECT_TOKEN}}'; 🏁 Script executed: #!/bin/bash
# Check if this Mixpanel token is referenced elsewhere in a more secure way
rg -g "!node_modules" -g "!dist" -g "!*.js.map" "dce787f3a74f5ede8264af230a4b4652" --no-ignore-vcs
# Check if there's an environment-based token loading pattern elsewhere in the codebase
rg -g "!node_modules" -g "!dist" -g "!*.js.map" "MIXPANEL_PROJECT_TOKEN" --no-ignore-vcs Length of output: 527 Action: Secure Mixpanel Token Configuration
- const MIXPANEL_PROJECT_TOKEN = 'dce787f3a74f5ede8264af230a4b4652';
+ const MIXPANEL_PROJECT_TOKEN = '{{MIXPANEL_PROJECT_TOKEN}}'; Implementing this change mitigates the security risk of a hardcoded API key. 📝 Committable suggestion
Suggested change
🧰 Tools🪛 Gitleaks (8.21.2)13-13: Detected a Generic API Key, potentially exposing access to various services and sensitive operations. (generic-api-key) |
||||||||||
|
||||||||||
(function (f, b) { if (!b.__SV) { var e, g, i, h; window.mixpanel = b; b._i = []; b.init = function (e, f, c) { function g(a, d) { var b = d.split("."); 2 == b.length && ((a = a[b[0]]), (d = b[1])); a[d] = function () { a.push([d].concat(Array.prototype.slice.call(arguments, 0))); }; } var a = b; "undefined" !== typeof c ? (a = b[c] = []) : (c = "mixpanel"); a.people = a.people || []; a.toString = function (a) { var d = "mixpanel"; "mixpanel" !== c && (d += "." + c); a || (d += " (stub)"); return d; }; a.people.toString = function () { return a.toString(1) + ".people (stub)"; }; i = "disable time_event track track_pageview track_links track_forms track_with_groups add_group set_group remove_group register register_once alias unregister identify name_tag set_config reset opt_in_tracking opt_out_tracking has_opted_in_tracking has_opted_out_tracking clear_opt_in_out_tracking start_batch_senders people.set people.set_once people.unset people.increment people.append people.union people.track_charge people.clear_charges people.delete_user people.remove".split( " "); for (h = 0; h < i.length; h++) g(a, i[h]); var j = "set set_once union unset remove delete".split(" "); a.get_group = function () { function b(c) { d[c] = function () { call2_args = arguments; call2 = [c].concat(Array.prototype.slice.call(call2_args, 0)); a.push([e, call2]); }; } for ( var d = {}, e = ["get_group"].concat( Array.prototype.slice.call(arguments, 0)), c = 0; c < j.length; c++) b(j[c]); return d; }; b._i.push([e, f, c]); }; b.__SV = 1.2; e = f.createElement("script"); e.type = "text/javascript"; e.async = !0; e.src = "undefined" !== typeof MIXPANEL_CUSTOM_LIB_URL ? MIXPANEL_CUSTOM_LIB_URL : "file:" === f.location.protocol && "//cdn.mxpnl.com/libs/mixpanel-2-latest.min.js".match(/^\/\//) ? "https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js" : "//cdn.mxpnl.com/libs/mixpanel-2-latest.min.js"; g = f.getElementsByTagName("script")[0]; g.parentNode.insertBefore(e, g); } })(document, window.mixpanel || []); | ||||||||||
|
||||||||||
mixpanel.init(MIXPANEL_PROJECT_TOKEN, { | ||||||||||
debug: false, | ||||||||||
track_pageview: false, | ||||||||||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
fix all linting issues