mirror of
https://github.com/Comfy-Org/ComfyUI_frontend.git
synced 2026-04-21 06:49:37 +00:00
2691df34ec
Expand the existing CI telemetry scan workflow to detect additional telemetry libraries beyond Google Tag Manager. Added detection patterns for: - Mixpanel (mixpanel-browser, api/cdn domains, init/track/identify methods) - Impact Analytics (impactcdn.com, tracking ID) Also improved error messaging to: - List all telemetry providers being checked - Provide troubleshooting guidance - Reference PR #8311 for historical context This prevents accidental inclusion of telemetry code in OSS builds, similar to the GTM incident in PR #8311. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
74 lines
2.4 KiB
YAML
74 lines
2.4 KiB
YAML
name: 'CI: Dist Telemetry Scan'
|
|
|
|
on:
|
|
pull_request:
|
|
branches-ignore: [wip/*, draft/*, temp/*]
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.ref }}
|
|
cancel-in-progress: true
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
scan:
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
|
|
|
- name: Install pnpm
|
|
uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4.2.0
|
|
with:
|
|
version: 10
|
|
|
|
- name: Use Node.js
|
|
uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
|
|
with:
|
|
node-version: 'lts/*'
|
|
cache: 'pnpm'
|
|
|
|
- name: Install dependencies
|
|
run: pnpm install --frozen-lockfile
|
|
|
|
- name: Build project
|
|
run: pnpm build
|
|
|
|
- name: Scan dist for telemetry references
|
|
run: |
|
|
set -euo pipefail
|
|
if rg --no-ignore -n \
|
|
-g '*.html' \
|
|
-g '*.js' \
|
|
-e 'Google Tag Manager' \
|
|
-e '(?i)\bgtm\.js\b' \
|
|
-e '(?i)googletagmanager\.com/gtm\.js\\?id=' \
|
|
-e '(?i)googletagmanager\.com/ns\.html\\?id=' \
|
|
-e 'mixpanel-browser' \
|
|
-e '(?i)api\.mixpanel\.com' \
|
|
-e '(?i)cdn\.mxpnl\.com' \
|
|
-e '(?i)mixpanel\.init' \
|
|
-e '(?i)mixpanel\.track' \
|
|
-e '(?i)mixpanel\.identify' \
|
|
-e '(?i)mixpanel\.people' \
|
|
-e '(?i)impactcdn\.com' \
|
|
-e 'A6951770-3747-434a-9ac7-4e582e67d91f1' \
|
|
dist; then
|
|
echo '❌ Telemetry references found in dist assets.'
|
|
echo ''
|
|
echo 'This CI check scans for telemetry libraries that should not be included in OSS builds:'
|
|
echo ' - Google Tag Manager (GTM)'
|
|
echo ' - Mixpanel'
|
|
echo ' - Impact Analytics'
|
|
echo ''
|
|
echo 'If you see this error:'
|
|
echo ' 1. Check your build configuration to ensure telemetry code is properly excluded'
|
|
echo ' 2. Verify conditional imports are working correctly'
|
|
echo ' 3. Review the matched lines above to identify the source'
|
|
echo ''
|
|
echo 'For context, see PR #8311 which accidentally shipped GTM code to OSS builds.'
|
|
exit 1
|
|
fi
|
|
echo '✅ No telemetry references found in dist assets.'
|