Comments (35)
We could use segment.io
from cachet.
Cool. What happens if we bust 100,000 events per month?
from cachet.
I guess it just stops logging them. It'd be stupid to just die.
from cachet.
We'd just have to limit what we track and have it opt-in as part of the setup process.
from cachet.
Yeh, and make sure people don't change our api when they configure it, lol.
from cachet.
Yeah that'd be important hah!
from cachet.
I had a reply from Segment regarding having the API write key in the source code:
In general revealing the write key isn't too much of a concern. Of course when others know your write key it's possible for them to send analytics events to Segment without your permission, but we haven't seen any malicious behavior around that in the past.
Usually just adding the tracking with your key in there is alright. If you prefer to hide the key a layer deeper in a config file that's one option, or depending on the type of project you're working on you could make an API call to your server to retrieve the write key when a new project is started with your open-source software.
Any client-side javascript tracking calls will reveal the write key by default, so there's not a lot we can do for that, but again we've never seen any malicious behavior in that regard.
If you have some more detailed questions about the architecture of your project we'd be happy to help make some suggestions about best practices.
Looks like we're good just to implement Segment.io straightaway.
from cachet.
@GrahamCampbell you don't know of any Laravel adapters for this do you?
from cachet.
I could write one if needed.
from cachet.
I've not been able to find one, but it'd be good to have if you've got the time? If not, I'll have a go by checking out your adapters and stuff :)
from cachet.
Sounds like a bad idea to me. Or make it optional and disabled by default.
from cachet.
@willdurand I think @jbrooksuk was talking about an 'opt-in' thing, which means it would be deactivated by default unless you choose to give some feedback.
Seems like a cool idea, would love to work with you guys on the adapter :)
from cachet.
I think we should have a check box which is enabled by default on the setup page.
from cachet.
I'm pretty sure WordPress tracking is actually non optional too.
from cachet.
👍 Checkbox on Setup like the one we have now to show support.
from cachet.
Definitely a checkbox.
One thing we could do is fetch the key when they say yes to tracking and decrypt it. This way we aren't giving it away easily.
from cachet.
WP does not care about privacy, doing silly stuff. Does this mean Cachet should do the same? Nope.
By the way what showing support actually does? And why can't I enable it later?
from cachet.
It's not even tracking as such, because we aren't tracking a user in particular just usage stats. No component or incident data would be included.
@willdurand it adds a link in the footer to Cachet.
from cachet.
Thoughts:
- We'll need some a privacy policy.
- We need to highlight that we don't track any personal information.
- All collected data is anonymous.
- List exactly what we're tracking.
- Rather than tracking, it should be "Usage stats" since that is what it is.
from cachet.
@GrahamCampbell how would you suggest we fetch the write key? We could host it encrypted on our website and fetch it at run time?
from cachet.
No point. "encrypted" doesn't work because we'd still need to code the key to decrypt it into cachet...
from cachet.
A first easy step to track downloads/installs would be to use Composer's notify-batch
feature.
from cachet.
That doesn't work. That only works when a package is installed, not when someone downloads this from github.
from cachet.
Right
from cachet.
We could always just require a dummy package and track the stats on that though.
from cachet.
GitHub doesn't have downloads stats??
from cachet.
No, it doesn't. It shows repo clones, but most people seem to be downloading the zips.
from cachet.
I am surprised they didn't think about such feature!
from cachet.
Ok, then we just pull down the key from the server and store it somewhere in plain text (also advisable as a solution from Segment) that way, if the key ever gets abused, we can re-issue quickly.
from cachet.
Heh, looks like someone is making a wrapper.
from cachet.
They've misused facades, and been calling config in their class. Bad. :(
from cachet.
Yeah I took a look through and it's not great, we'd be better off with our own version.
Sent from my iPhone
On 10 Jan 2015, at 10:10, Graham Campbell [email protected] wrote:
They've misused facade, and been calling config in their class. Bad. :(
—
Reply to this email directly or view it on GitHub.
from cachet.
I've started work on this.
from cachet.
Now we need to work out how we can assign each user within a Cachet setup a unique ID for anonymous tracking and of course, only do the tracking if the administrator allows us to.
from cachet.
I have an idea regarding the unique ID. We don't actually care what user of what status page does what. So let's use app.key
as the unique ID. This also means that we don't need track just the logged in users, but people just viewing the homepage etc.
from cachet.
Related Issues (20)
- Setup Page not loading/ seeing the index.php file HOT 2
- Trying to build docker image - chmod: storage: No such file or directory HOT 1
- Is the project maintained or discontinued? HOT 57
- 500 error while verifying the subscription HOT 2
- is dead? HOT 3
- Newsletter subscribe form error HOT 2
- Bug in Incidents Display Logic Identified, Have Proposed Fix HOT 2
- This project is dead. Any recommendations for alternatives? HOT 5
- REPLACEMENT CHARACTER (U+FFFD) when posting an incident HOT 2
- cancel HOT 1
- Fork from okazanta-legacy (cachet) -> Laravel 10.x and PHP 8.1 and security fixes HOT 6
- Cachet 3.x Announcement HOT 1
- Please add demo page HOT 1
- Kindly raise beginner level issues HOT 1
- maintenance not displayed on the timeline HOT 6
- mail not working HOT 1
- Update docker HOT 16
- Can't install Cachet - version 2.4 HOT 3
- Atom feed sent with text/html as HTTP Content-Type HOT 2
- Maintenance planification does not appear into dashboard HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cachet.