@qtv/anchorkit 1.2.7-beta.3.1 → 1.3.0-beta.3.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +49 -0
- package/dist/cli.mjs +8803 -8510
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -115,6 +115,55 @@ schema, MCP tools) is stable; cloud sync features are wired but
|
|
|
115
115
|
disabled by default. Set `ANCHORKIT_SYNC_DISABLE=1` to silence sync
|
|
116
116
|
errors when you have no credentials.
|
|
117
117
|
|
|
118
|
+
## Privacy & telemetry
|
|
119
|
+
|
|
120
|
+
When you are **logged in** to an AnchorKit account, the REPL sends a
|
|
121
|
+
minimal heartbeat to the backend so we can count active beta users
|
|
122
|
+
(Prometheus gauge `anchorkit_users_online`). The payload is exactly:
|
|
123
|
+
|
|
124
|
+
- `machineId` — a random UUID stored at `~/.anchorkit/machine-id`
|
|
125
|
+
(file mode `0600`), generated once per machine and never tied to
|
|
126
|
+
your hardware
|
|
127
|
+
- `clientKind` — the literal string `"cli"`
|
|
128
|
+
- `platform` — `process.platform` (e.g. `linux`, `darwin`, `win32`)
|
|
129
|
+
- `cliVersion` — the version printed by `anchorkit --version`
|
|
130
|
+
|
|
131
|
+
Nothing else is collected. **No** prompts, commands, file contents,
|
|
132
|
+
file paths, vault notes, repo names, git remotes, environment values,
|
|
133
|
+
hostnames, or usernames leave the machine through this channel.
|
|
134
|
+
|
|
135
|
+
The heartbeat:
|
|
136
|
+
|
|
137
|
+
- only fires when you are logged in and the REPL is running — never
|
|
138
|
+
in `anchorkit onboard`, `--version`, or any one-shot subcommand;
|
|
139
|
+
- pings on a backend-advised cadence (default 60 s, clamp ≥ 30 s);
|
|
140
|
+
- fails silently — network errors back off exponentially and never
|
|
141
|
+
block or degrade any feature.
|
|
142
|
+
|
|
143
|
+
### Opt-out
|
|
144
|
+
|
|
145
|
+
Set the environment variable before launching the REPL:
|
|
146
|
+
|
|
147
|
+
```bash
|
|
148
|
+
export ANCHORKIT_DISABLE_HEARTBEAT=1
|
|
149
|
+
```
|
|
150
|
+
|
|
151
|
+
When opt-out is on at boot:
|
|
152
|
+
|
|
153
|
+
- no heartbeat is sent under any circumstance;
|
|
154
|
+
- the `~/.anchorkit/machine-id` file is **not** created if it does
|
|
155
|
+
not already exist (LGPD minimisation — no identifier is provisioned
|
|
156
|
+
for a user who declined telemetry);
|
|
157
|
+
- a pre-existing `machine-id` is preserved untouched so re-enabling
|
|
158
|
+
telemetry later does not inflate the install count;
|
|
159
|
+
- everything else in the CLI continues to work exactly the same.
|
|
160
|
+
|
|
161
|
+
The env var is read once at boot. Restart the REPL to flip the flag.
|
|
162
|
+
|
|
163
|
+
Legal basis: legítimo interesse (LGPD art. 7, IX + art. 10) for
|
|
164
|
+
technical usage metrics. Details:
|
|
165
|
+
<https://github.com/QTVentures/anchorkit-ai/blob/main/backend/PRIVACY.md>.
|
|
166
|
+
|
|
118
167
|
## License
|
|
119
168
|
|
|
120
169
|
Apache-2.0. See [LICENSE](./LICENSE).
|