{"id":19914715,"url":"https://github.com/fullstorydev/fullstory-browser-sdk","last_synced_at":"2025-09-12T17:35:15.083Z","repository":{"id":35094145,"uuid":"199509439","full_name":"fullstorydev/fullstory-browser-sdk","owner":"fullstorydev","description":"Official FullStory SDK for JavaScript, for web browsers","archived":false,"fork":false,"pushed_at":"2024-11-15T15:11:58.000Z","size":742,"stargazers_count":58,"open_issues_count":27,"forks_count":18,"subscribers_count":26,"default_branch":"main","last_synced_at":"2025-08-08T16:49:21.145Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/fullstorydev.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-07-29T18:49:41.000Z","updated_at":"2025-05-30T18:20:39.000Z","dependencies_parsed_at":"2024-01-02T20:26:36.761Z","dependency_job_id":"ad08d7e1-f359-4f5f-a9c9-563bb97a2dfb","html_url":"https://github.com/fullstorydev/fullstory-browser-sdk","commit_stats":{"total_commits":147,"total_committers":19,"mean_commits":"7.7368421052631575","dds":0.7482993197278911,"last_synced_commit":"c0a347bf7869d9dad547f698fa3c4436d5041cd0"},"previous_names":[],"tags_count":18,"template":false,"template_full_name":null,"purl":"pkg:github/fullstorydev/fullstory-browser-sdk","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fullstorydev%2Ffullstory-browser-sdk","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fullstorydev%2Ffullstory-browser-sdk/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fullstorydev%2Ffullstory-browser-sdk/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fullstorydev%2Ffullstory-browser-sdk/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/fullstorydev","download_url":"https://codeload.github.com/fullstorydev/fullstory-browser-sdk/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fullstorydev%2Ffullstory-browser-sdk/sbom","scorecard":{"id":413616,"data":{"date":"2025-08-11","repo":{"name":"github.com/fullstorydev/fullstory-browser-sdk","commit":"94d6e2711057f8b351e3016d43727fcf5977d809"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4.1,"checks":[{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":4,"reason":"6 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55","Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5","Warn: Project is vulnerable to: GHSA-52f5-9888-hmc6"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-18T23:16:42.115Z","repository_id":35094145,"created_at":"2025-08-18T23:16:42.115Z","updated_at":"2025-08-18T23:16:42.115Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":274847596,"owners_count":25360978,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-12T02:00:09.324Z","response_time":60,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-12T21:36:51.045Z","updated_at":"2025-09-12T17:35:15.052Z","avatar_url":"https://github.com/fullstorydev.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Fullstory Browser SDK\n\n[![CircleCI](https://circleci.com/gh/fullstorydev/fullstory-browser-sdk.svg?style=svg)](https://circleci.com/gh/fullstorydev/fullstory-browser-sdk) [![npm (scoped)](https://img.shields.io/npm/v/@fullstory/browser)](https://www.npmjs.com/package/@fullstory/browser)\n\nFullstory's browser SDK lets you manage Fullstory data capture on your site as well as retrieve deep links to session replays and send your own custom events. More information about the Fullstory API can be found at https://developer.fullstory.com.\n\n\u003e **NOTE:** this is the documentation for version 2. For version 1 documentation, please see [@fullstory/browser@1.7.1](https://www.npmjs.com/package/@fullstory/browser/v/1.7.1).\n\n## Install the SDK\n\n#### with npm\n\n```\nnpm i @fullstory/browser --save\n```\n\n#### with yarn\n```\nyarn add @fullstory/browser\n```\n\n## Migrating to Version 2.x.x\nIn version 2.x.x, `init` is a separate named export from `FullStory`. You will need to update all of your wildcard (`'*'`) imports to explicit named imports.\n\n_Version 1.x.x_\n```js\nimport * as FullStory from '@fullstory/browser';\n```\n\n_Version 2.x.x_\n```js\nimport { FullStory, init } from '@fullstory/browser';\n```\n\n### `init`\nYou can use the named import `init` by itself:\n\n```js\nimport { init } from '@fullstory/browser';\n\ninit({ orgId: 'my-org-id' })\n```\nYou can also rename the function for readability:\n```js\nimport { init as initFullStory } from '@fullstory/browser';\n\ninitFullStory({ orgId: 'my-org-id' })\n```\n\n### `FullStory`\nThe `FullStory` named export is equivalent to the global `FS` object described in the [developer documentation](https://developer.fullstory.com/browser/v2/getting-started/). You can use it to make all version 2 API calls:\n```js\nimport { FullStory } from '@fullstory/browser';\n\nFullStory('trackEvent', {\n  name: 'My Event',\n  properties: {\n    product: 'Sprockets',\n    quantity: 1,\n  },\n})\n```\n\n## Initialize the SDK\n\nCall the `init()` function with options as soon as you can in your website startup process. Calling init after successful initialization will trigger console warnings - if you need to programmatically check if `FullStory` has been initialized at some point in your code, you can call `isInitialized()`.\n\n### Configuration Options\n\nThe only required option is `orgId`, all others are optional.\n\n*  `orgId` -  Sets your Fullstory Org Id. Find out how to get your Org Id [here](https://help.fullstory.com/hc/en-us/articles/360047075853).\n*  `debug` - When set to `true`, enables Fullstory debug messages; defaults to `false`.\n*  `host` - The recording server host domain. Can be set to direct recorded events to a proxy that you host. Defaults to `fullstory.com`.\n*  `script` - Fullstory script host domain. Fullstory hosts the `fs.js` recording script on a CDN, but you can choose to host a copy yourself. Defaults to `edge.fullstory.com`.\n* `namespace` - Sets the global identifier for Fullstory when conflicts with `FS` arise; see [help](https://help.fullstory.com/hc/en-us/articles/360020624694-What-if-the-identifier-FS-is-used-by-another-script-on-my-site-).\n* `cookieDomain` - Overrides the cookie domain. By default, cookies will be valid for all subdomains of your site; if you want to limit the cookies to a specific subdomain, you can set the domain value explicitly. More information can be found [here](https://help.fullstory.com/hc/en-us/articles/360020622874-Can-the-Fullstory-cookie-be-associated-with-a-specific-subdomain-).\n* `recordCrossDomainIFrames` - Defaults to `false`. Fullstory can record cross-domain iFrames if: 1. The Fullstory Browser SDK is running in the cross-domain iFrame and 2. `recordCrossDomainIFrames` is set to `true` in the cross-domain iFrame and 3. The Fullstory Browser SDK is running in the parent page of the cross-domain iFrame. Click [here](https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy) for a detailed explanation of what \"cross-domain\" means. Before using, you should understand the security implications, and configure your [Content Security Policy](https://www.html5rocks.com/en/tutorials/security/content-security-policy/) (CSP) HTTP headers accordingly - specifically the frame-ancestors directive. Failure to configure your CSP headers while using this setting can bypass IFrames security protections that are included in modern browsers. More information about cross-domain iFrame recording can be found on our [Knowledge Base](https://help.fullstory.com/hc/en-us/articles/360020622514-Can-Fullstory-capture-content-that-is-presented-in-iframes-#2-the-outer-page-is-running-fullstory-and-you-have-iframes-runni). Note: the `recordCrossDomainIFrames` parameter is the same as the `window['_fs_run_in_iframe']` referenced in the KB article.\n* `recordOnlyThisIFrame` - When set to `true`, this tells Fullstory that the IFrame is the \"root\" of the recording and should be its own session; defaults to `false`. Use this when your app is embedded in an IFrame on a site not running Fullstory or when the site *is* running Fullstory, but you want your content sent to a different Fullstory org.\n* `devMode` - Set to `true` if you want to deactivate Fullstory in your development environment. When set to `true`, Fullstory will shutdown recording and all subsequent SDK method calls will be no-ops. At the time `init` is called with `devMode: true`, a single `event` call will be sent to Fullstory to indicate that the SDK is in `devMode`; this is to help trouble-shoot the case that the SDK was accidentally set to `devMode: true` in a production environment. Additionally, any calls to SDK methods will `console.warn` that Fullstory is in `devMode`. Defaults to `false`.\n* `startCaptureManually` - Set to `true` if you want to start capture manually using `FS('start')`. Fullstory will load but wait for a call to `FS('start')` to begin capturing. See [Manually Delay Data Capture](https://developer.fullstory.com/browser/v2/auto-capture/capture-data/#manually-delay-data-capture) for more information.  Defaults to `false`.\n* `assetMapId` - Use this to set the current asset map id. See [Asset Uploading for Web](https://help.fullstory.com/hc/en-us/articles/4404129191575-Asset-Uploading-for-Web) for more information.\n* `appHost` - Use this to set the app host for displaying session urls. If using a version of [Fullstory Relay](https://help.fullstory.com/hc/en-us/articles/360046112593-How-to-send-captured-traffic-to-your-First-Party-Domain-using-Fullstory-Relay), you may need to set `appHost` \"app.fullstory.com\" or \"app.eu1.fullstory.com\" depending on your region.\n\n### Ready Callback\n\nThe `init` function also accepts an optional `readyCallback` argument. If you provide a function, it will be invoked when the Fullstory session has started. Your callback will be called with one parameter: an object containing information about the session. Currently the only property is `sessionUrl`, which is a string containing the URL to the session.\n\n```javascript\nimport { init } from '@fullstory/browser';\n\ninit({ orgId }, ({ sessionUrl }) =\u003e console.log(`Started session: ${sessionUrl}`));\n```\n\n### Initialization Examples\n\n#### React\n\n```JSX\nimport React from 'react';\nimport ReactDOM from 'react-dom';\nimport './index.css';\nimport App from './App';\nimport { init as initFullStory } from '@fullstory/browser';\n\n\ninitFullStory({ orgId: '\u003cyour org id here\u003e' });\n\nReactDOM.render(\u003cApp /\u003e, document.getElementById('root'));\n```\n\n#### Angular with `devMode` enabled\n\n```javascript\nimport { Component } from '@angular/core';\nimport { init as initFullStory } from '@fullstory/browser';\nimport { environment } from '../environments/environment';\n\n@Component({\n  selector: 'app-root',\n  templateUrl: 'app.component.html',\n  styleUrls: ['./app.component.scss']\n})\nexport class AppComponent {\n\n  constructor() {\n    initFullStory({\n      orgId: '\u003cyour org id here\u003e',\n      devMode: !environment.production,\n    });\n  }\n}\n```\n\n#### Vue\n\n```javascript\nimport Vue from 'vue';\nimport App from './App.vue';\nimport { init as initFullStory, FullStory } from '@fullstory/browser';\n\ninitFullStory({ orgId: '\u003cyour org id here\u003e' });\nVue.prototype.$FullStory = FullStory;\n\nnew Vue({\n  render: h =\u003e h(App)\n}).$mount('#app');\n```\n\n#### Vue 3\n\n```javascript\nimport { createApp } from 'vue';\nimport App from './App.vue';\nimport { init as initFullStory, FullStory } from '@fullstory/browser';\n\ninitFullStory({ orgId: '\u003cyour org id here\u003e' });\n\nconst app = createApp(App);\napp.config.globalProperties.$FullStory = FullStory;\napp.mount('#app');\n```\n\n## Using the SDK\n\nOnce FullStory is initialized, you can make calls to the FullStory SDK. See the [developer documentation](https://developer.fullstory.com/browser/v2/getting-started/) for more information.\n\n### Sending custom events\n\n```JavaScript\nFullStory('trackEvent', {\n  name: 'Subscribed',\n  properties: {\n    uid: '750948353',\n    plan_name: 'Professional',\n    plan_price: 299,\n    plan_users: 10,\n    days_in_trial: 42,\n    feature_packs: ['MAPS', 'DEV', 'DATA'],\n  },\n  schema: {\n    properties: {\n      plan_users: 'int', // override default inferred \"real\" type with \"int\"\n      days_in_trial: 'int', // override default inferred \"real\" type with \"int\"\n    }\n  }\n});\n```\n\n\u003e **NOTE:** The inclusion of type suffixes - appending `_str` or `_int` to the end of properties - is no longer required. All custom properties are inferred on the server. To override any default inference, you can add a `schema`. See [Custom Properties](https://developer.fullstory.com/browser/v2/custom-properties/) for more information.\n\n### Generating session replay links\n\n```JavaScript\nconst startOfPlayback = FullStory('getSession');\nconst playbackAtThisMomentInTime = FullStory('getSession', { format: 'url.now' });\n```\n\n### Sending custom user properties\n```JavaScript\nFullStory('setProperties', {\n  type: 'user',\n  properties: {\n    displayName: 'Daniel Falko',\n    email: 'daniel.falko@example.com',\n    pricing_plan: 'free',\n    popup_help: true,\n    total_spent: 14.50,\n  },\n});\n```\nFor more information on sending custom user properties, view the Fullstory help article on [Capturing custom user properties](https://help.fullstory.com/hc/en-us/articles/360020623294).\n\n### Sending custom page properties\n```JavaScript\nFullStory('setProperties', {\n  type: 'page',\n  properties: {\n    pageName: 'Checkout', // what is the name of the page?\n    cart_size: 10, // how many items were in the cart?\n    used_coupon: true, // was a coupon used?\n  },\n  schema: {\n    properties: {\n      cart_size: 'int', // override default inferred \"real\" type with \"int\"\n    }\n  }\n});\n```\nFor more information on setting page properties, view the Fullstory help article on [Sending custom page data to Fullstory](https://help.fullstory.com/hc/en-us/articles/1500004101581-FS-setVars-API-Sending-custom-page-data-to-Fullstory).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffullstorydev%2Ffullstory-browser-sdk","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffullstorydev%2Ffullstory-browser-sdk","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffullstorydev%2Ffullstory-browser-sdk/lists"}