Skip to content

feat: Add 'data-debug' attribute to console log sent data #3543

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

feat: Add 'data-debug' attribute to console log sent data #3543

wants to merge 2 commits into from

Conversation

@codeBelt
Copy link

@codeBelt codeBelt commented Jul 31, 2025

PR Summary

This PR introduces a new data-debug attribute to the tracking script tag. When data-debug="true" is present, the tracking script will output the sent data to the browser console for debugging purposes.

Example Usage

<script
  defer
  src="http://mywebsite.com/umami.js"
  data-debug="true"
></script>

@vercel
Copy link

vercel bot commented Jul 31, 2025

@codeBelt is attempting to deploy a commit to the umami-software Team on Vercel.

A member of the Team first needs to authorize it.

greptile-apps[bot]
greptile-apps bot reviewed Jul 31, 2025
View reviewed changes
Copy link
Contributor

@greptile-apps greptile-apps bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Greptile Summary

This PR adds a new debugging feature to the Umami analytics tracking script by introducing a data-debug attribute. When this attribute is set to "true" on the script tag, the tracker will log all sent tracking data to the browser console, including the event type and payload information.

The implementation follows the established pattern used by other data attributes in the codebase. On line 27, the code extracts the debug attribute using the same attr() helper function used for other configuration options like data-auto-track and data-do-not-track. The debug functionality is then implemented in the send() function (lines 152-154) where it conditionally logs the tracking data before transmitting it to the server.

This feature integrates naturally with the existing tracker architecture, which already supports multiple data attributes for configuration. The debug logging occurs at the right point in the data flow - after the payload is constructed but before it's sent to the analytics endpoint, giving developers complete visibility into what data is being transmitted.

Confidence score: 3/5

  • This PR introduces a potentially risky feature that could expose sensitive user data in production if accidentally left enabled
  • The score reflects concerns about data privacy and security implications rather than code quality issues
  • The src/tracker/index.js file needs careful attention to ensure the debug feature doesn't create security vulnerabilities

1 file reviewed, 1 comment

Edit Code Review Bot Settings | Greptile

@codeBelt @greptile-apps
Update src/tracker/index.js
cb20dc4 
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@codeBelt