[DAEMON-257] Remove all paths from telemetry payloads
| GitHub Issue | n/a |
|---|---|
| Type | Story |
| Priority | Critical |
| Status | Resolved |
| Resolution | Fixed |
| Resolution Date | 2018-05-24T10:53:35.000+0000 |
| Affected Version/s | n/a |
| Fix Version/s | Appc Daemon 1.1.3 |
| Components | appcd-core, appcd-plugin |
| Labels | gdpr |
| Reporter | Chris Barber |
| Assignee | Chris Barber |
| Created | 2018-05-22T20:39:47.000+0000 |
| Updated | 2018-05-30T16:35:52.000+0000 |
Description
The Appc Daemon has telemetry enabled by default. It currently sends 4 different events:
appcd.server.start, appcd.server.shutdown, appcd.plugin.added, and appcd.plugin.removed. Most of these events include data that may violate the GDPR (General Data Protection Regulation).
Collected Data
Theappcd.server.start event includes process.argv which leaks the user's username. process.argv will be removed from the payload.
The appcd.plugin.added and appcd.plugin.removed events include each plugin's path which also leaks the user's username. All plugin paths will will be removed and a packageName will be added.
We collect this data to track usage and versions of the Appc Daemon and its plugins. We can use this data to determine if we can deprecate versions, platforms, features, and be able to track what plugins and versions are being used so we can focus testing and integration.
Disabling Telemetry
Telemetry can be completely disabled by running: If you have Appc Daemon globally installed:
appcd config telemetry.enabled false
appc appcd config telemetry.enabled true
https://github.com/appcelerator/appc-daemon/pull/329
[~cbarber] fixVersion should be 1.1.3?