feat: protect analytics

snyk · Jun 3, 2021 · 346a6be · 346a6be
1 parent 3bddce8
commit 346a6be
Show file tree

Hide file tree

Showing 4 changed files with 300 additions and 4 deletions.
diff --git a/packages/snyk-protect/src/lib/analytics.ts b/packages/snyk-protect/src/lib/analytics.ts
@@ -0,0 +1,68 @@
+import { AnalyticsPayload, ProtectResult } from './types';
+import { postJson } from './http';
+import { getApiBaseUrl } from './snyk-api';
+import * as os from 'os';
+import { readFileSync, existsSync } from 'fs';
+import * as path from 'path';
+
+function getVersion(): string {
+  return JSON.parse(
+    readFileSync(path.resolve(__dirname, '../../package.json'), 'utf-8'),
+  ).version;
+}
+
+function getAnalyticsData(result: ProtectResult): AnalyticsPayload {
+  return {
+    command: `@snyk/protect`,
+    args: [],
+    version: getVersion(),
+    nodeVersion: process.version,
+    metadata: {
+      protectResult: result,
+    },
+  };
+}
+
+export async function sendAnalytics(result: ProtectResult) {
+  if (!allowAnalytics()) {
+    return;
+  }
+  try {
+    const apiBaseUrl = getApiBaseUrl();
+    const apiUrl = `${apiBaseUrl}/v1/analytics/cli`;
+    const data = {
+      data: getAnalyticsData(result),
+    };
+    await postJson(apiUrl, data);
+  } catch (err) {
+    // do nothing and log nothing
+  }
+}
+
+function allowAnalytics(): boolean {
+  try {
+    const snykConfigFile = getSnykConfigFilePath();
+    if (existsSync(snykConfigFile)) {
+      const config = JSON.parse(readFileSync(snykConfigFile, 'utf-8'));
+      if (
+        config['disable-analytics'] === '1' ||
+        config['disable-analytics'] === 1
+      ) {
+        return false;
+      }
+    }
+    if (process.env.SNYK_DISABLE_ANALYTICS) {
+      return false;
+    }
+  } catch (err) {
+    // do nothing and log nothing
+  }
+  return true;
+}
+
+function getSnykConfigFilePath(): string {
+  return (
+    process.env.SNYK_CONFIG_FILE ||
+    path.resolve(os.homedir(), '.config', 'configstore', 'snyk.json')
+  );
+}
diff --git a/packages/snyk-protect/src/lib/index.ts b/packages/snyk-protect/src/lib/index.ts
@@ -3,14 +3,23 @@ import * as path from 'path';
 import { extractPatchMetadata } from './snyk-file';
 import { applyPatchToFile } from './patch';
 import { findPhysicalModules } from './explore-node-modules';
-import { VulnIdAndPackageName, VulnPatches } from './types';
+import {
+  VulnIdAndPackageName,
+  VulnPatches,
+  PatchedModule,
+  ProtectResultType,
+} from './types';
 import { getAllPatches } from './fetch-patches';
+import { sendAnalytics } from './analytics';
 
 async function protect(projectFolderPath: string) {
   const snykFilePath = path.resolve(projectFolderPath, '.snyk');
 
   if (!fs.existsSync(snykFilePath)) {
     console.log('No .snyk file found');
+    sendAnalytics({
+      type: ProtectResultType.NO_SNYK_FILE,
+    });
     return;
   }
 
@@ -48,10 +57,14 @@ async function protect(projectFolderPath: string) {
   > = await getAllPatches(vulnIdAndPackageNames, packageNameToVersionsMap);
 
   if (packageAtVersionsToPatches.size === 0) {
-    console.log('Nothing to patch, done');
+    console.log('Nothing to patch');
+    sendAnalytics({
+      type: ProtectResultType.NOTHING_TO_PATCH,
+    });
     return;
   }
 
+  const patchedModules: PatchedModule[] = [];
   foundPhysicalPackages.forEach((fpp) => {
     const packageNameAtVersion = `${fpp.packageName}@${fpp.packageVersion}`;
     const vuldIdAndPatches = packageAtVersionsToPatches.get(
@@ -63,8 +76,18 @@ async function protect(projectFolderPath: string) {
           applyPatchToFile(diff, fpp.path);
         });
       });
+      patchedModules.push({
+        vulnId: vp.vulnId,
+        packageName: fpp.packageName,
+        packageVersion: fpp.packageVersion,
+      });
     });
   });
+
+  sendAnalytics({
+    type: ProtectResultType.APPLIED_PATCHES,
+    patchedModules,
+  });
 }
 
 export default protect;
diff --git a/packages/snyk-protect/src/lib/types.ts b/packages/snyk-protect/src/lib/types.ts
@@ -23,3 +23,40 @@ export type VulnPatches = {
   vulnId: string;
   patches: Patch[];
 };
+
+export type PatchedModule = {
+  vulnId: string;
+  packageName: string;
+  packageVersion: string;
+};
+
+export enum ProtectResultType {
+  NO_SNYK_FILE = 'NO_SNYK_FILE',
+  NOTHING_TO_PATCH = 'NOTHING_TO_PATCH',
+  APPLIED_PATCHES = 'APPLIED_PATCHES',
+}
+
+export type AnalyticsPayload = {
+  command: string;
+  args: string[];
+  version: string;
+  nodeVersion: string;
+  metadata: {
+    protectResult: ProtectResult;
+  };
+};
+
+export type NoSnykFile = {
+  type: ProtectResultType.NO_SNYK_FILE;
+};
+
+export type NothingToPatch = {
+  type: ProtectResultType.NOTHING_TO_PATCH;
+};
+
+export type AppliedPatches = {
+  type: ProtectResultType.APPLIED_PATCHES;
+  patchedModules: PatchedModule[];
+};
+
+export type ProtectResult = NoSnykFile | NothingToPatch | AppliedPatches;