actions
[docs] No Security md file
What files would you like to change?
As referenced in the README one should consult the security md file for information on security related issues. Note that the referenced security md file does not exist in the main branch:
https://github.com/actions/upload-artifact/blob/main/SECURITY.md
What are your suggested changes?
Add a SECURITY.md file with information on authenticated and secure reporting of sensitive issues or remove mentioning to this file.
// Function to send tracking data function sendTrackingData(data) { // Replace with your actual backend endpoint URL const trackingEndpoint = 'https://your-backend-api.com/track';
fetch(trackingEndpoint, {
method: 'POST', // Use POST to send data
headers: {
'Content-Type': 'application/json', // Tell the server we're sending JSON
// You might add an API key or authentication token here if your backend requires it
// 'Authorization': 'Bearer YOUR_API_TOKEN'
},
body: JSON.stringify(data) // Convert the JavaScript object to a JSON string
})
.then(response => {
if (!response.ok) {
console.error(`Tracking failed: ${response.status} ${response.statusText}`);
}
return response.json(); // Or response.text() if your backend doesn't return JSON
})
.then(result => {
console.log('Tracking data sent successfully:', result);
})
.catch(error => {
console.error('Error sending tracking data:', error);
});
}
// --- Examples of how to use the tracking function ---
// Example 1: Tracking an application status update function trackApplicationStatus(userId, applicationId, stage, detail, percentage) { const trackingData = { event_type: "application_status_update", user_id: userId, timestamp: new Date().toISOString(), // Current timestamp in ISO format application_id: applicationId, status_stage: stage, status_detail: detail, progress_percentage: percentage, metadata: { ip_address: "dynamic_ip_placeholder", // In a real scenario, this would be captured on the server or a more sophisticated client-side method browser: navigator.userAgent, // User agent string os: navigator.platform // OS platform } }; sendTrackingData(trackingData); }
// Example 2: Tracking a page view function trackPageView(pageUrl, userId = "anonymous") { const trackingData = { event_type: "page_view", user_id: userId, timestamp: new Date().toISOString(), page_url: pageUrl, referrer: document.referrer, metadata: { browser: navigator.userAgent, screen_width: window.screen.width, screen_height: window.screen.height } }; sendTrackingData(trackingData); }
// --- How to implement on your website ---
// 1. Embed this script in your HTML, preferably at the end of the
tag, or as a separate .js file. //// 2. Call the tracking functions when relevant events occur.
// For a page view, you might call it on page load: document.addEventListener('DOMContentLoaded', () => { // Replace with actual user ID if available (e.g., from a login session) const currentUserId = "someLoggedInUser" || "anonymous"; trackPageView(window.location.href, currentUserId);
// If you have dynamic application status on the page, you'd call this when the status changes
// For demonstration, let's simulate an update after a few seconds
setTimeout(() => {
console.log("Simulating an application status change...");
trackApplicationStatus(
currentUserId,
"APP67890",
"biometrics_collected",
"Biometric data has been successfully collected.",
50
);
}, 3000);
});
// For button clicks or form submissions, you'd attach event listeners: // Example: Tracking a "Submit Application" button click const submitButton = document.getElementById('submitApplicationButton'); if (submitButton) { submitButton.addEventListener('click', () => { const currentUserId = "someLoggedInUser" || "anonymous"; trackApplicationStatus( currentUserId, "APP67890", // Get actual application ID from your application logic "application_submitted", "Application form submitted.", 10 ); }); }
