Gathering detailed insights and metrics for @rudderstack/analytics-js-cookies
Gathering detailed insights and metrics for @rudderstack/analytics-js-cookies
JavaScript SDK for RudderStack - the Customer Data Platform for Developers.
Installations
npm install @rudderstack/analytics-js-cookiesDeveloper Guide
BETA
Typescript
Yes
Module System
ESM
Node Version
20.11.1
NPM Version
10.2.4
Releases
679
rudderstack/analytics-js-service-worker@3.2.24
@rudderstack/analytics-js-service-worker@3.2.24
Updated on Apr 28, 2025
@rudderstack/analytics-js-integrations@3.13.2
@rudderstack/analytics-js-integrations@3.13.2
Updated on Apr 28, 2025
rudder-sdk-js@2.51.1
rudder-sdk-js@2.51.1
Updated on Apr 28, 2025
@rudderstack/analytics-js@3.17.0
@rudderstack/analytics-js@3.17.0
Updated on Apr 28, 2025
@rudderstack/analytics-js-plugins@3.8.1
@rudderstack/analytics-js-plugins@3.8.1
Updated on Apr 28, 2025
@rudderstack/analytics-js-cookies@0.4.24
@rudderstack/analytics-js-cookies@0.4.24
Updated on Apr 28, 2025
Languages
4
TypeScript
JavaScript
HTML
Shell
TypeScript (49.65%)
JavaScript (43.46%)
HTML (6.46%)
Shell (0.43%)
Developer
Download Statistics
Total Downloads
19,386
Last Day
82
Last Week
339
Last Month
1,430
Last Year
19,386
GitHub Statistics
NOASSERTION License
154 Stars
4,341 Commits
90 Forks
11 Watchers
19 Branches
97 Contributors
Updated on May 09, 2025
Bundle Size
3.09 kB
Minified
1.28 kB
Minified + Gzipped
Maintainers
4
Package Meta Information
Latest Version
0.4.24
Package Id
@rudderstack/analytics-js-cookies@0.4.24
Unpacked Size
79.95 kB
Size
14.03 kB
File Count
12
NPM Version
10.2.4
Node Version
20.11.1
Published on
Apr 28, 2025
Total Downloads
Cumulative downloads
Total Downloads
19,386
Last Day
127.8%
82
Compared to previous day
Last Week
30.9%
339
Compared to previous week
Last Month
-33.1%
1,430
Compared to previous month
Last Year
0%
19,386
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
No dependencies detected.
The Customer Data Platform for Developers
Website · Documentation · Community Slack
@rudderstack/analytics-js-cookies
RudderStack JavaScript SDK utilities for cookies in browser and Node.js environments. Use the appropriate functions for your environment.
APIs
getDecryptedValueBrowser
:warning: Only for browser environments
This function decrypts the provided encrypted RudderStack JavaScript cookie value using the RudderStack JavaScript SDK encryption version "v3".
If the provided value is either not encrypted or not properly encrypted, the function returns
null.
:warning: Any errors during decryption are swallowed by the function, returning
null.
1import { getDecryptedValueBrowser } from '@rudderstack/analytics-js-cookies'; 2 3const encryptedCookieValue = 'RS_ENC_v3_InRlc3QtZGF0YSI='; 4const decryptedCookieValue = getDecryptedValueBrowser(encryptedCookieValue); 5console.log('Decrypted Cookie Value: ', decryptedCookieValue); 6// Output: 7// Decrypted Cookie Value: test-data
getDecryptedValue
:warning: Only for Node.js environments
This function decrypts the provided encrypted RudderStack JavaScript cookie value using the RudderStack JavaScript SDK encryption version "v3".
If the provided value is either not encrypted or not properly encrypted, the function returns
null.
:warning: Any errors during decryption are swallowed by the function, returning
null.
1import { getDecryptedValue } from '@rudderstack/analytics-js-cookies'; 2 3const encryptedCookieValue = 'RS_ENC_v3_InRlc3QtZGF0YSI='; 4const decryptedCookieValue = getDecryptedValue(encryptedCookieValue); 5console.log('Decrypted Cookie Value: ', decryptedCookieValue); 6// Output: 7// Decrypted Cookie Value: test-data
getDecryptedCookieBrowser
:warning: Only for browser environments
This function takes the name of the RudderStack JavaScript SDK cookie and returns the decrypted value.
The return type is either a string or an object as some cookies like user ID, anonymous user ID have string values while user traits are objects.
It returns null in either of the following scenarios:
- If the cookie is not present.
- If the cookie is not properly encrypted.
- It only decrypts the cookies that are created by the RudderStack JavaScript SDK encryption version "v3".
- If the decrypted cookie value is not a valid JSON string.
- If the provided cookie name is not a valid RudderStack JavaScript SDK cookie name.
:warning: Any errors during decryption are swallowed by the function, returning
null.
The following cookie keys are exported which can be used with this function:
userIdKey: The key for the user ID cookie.userTraitsKey: The key for the user traits cookie.anonymousUserIdKey: The key for the anonymous user ID cookie.groupIdKey: The key for the group ID cookie.groupTraitsKey: The key for the group traits cookie.pageInitialReferrerKey: The key for the page initial referrer cookie.pageInitialReferringDomainKey: The key for the page initial referring domain cookie.sessionInfoKey: The key for the session ID cookie.authTokenKey: The key for the auth token cookie.
1import { 2 getDecryptedCookieBrowser, 3 anonymousUserIdKey, 4 userTraitsKey, 5} from '@rudderstack/analytics-js-cookies'; 6 7const anonymousId = getDecryptedCookieBrowser(anonymousUserIdKey); 8console.log('Anonymous User ID: ', anonymousId); 9// Output: 10// Anonymous User ID: 2c5b6d48-ea90-43a2-a2f6-457d27f90328 11 12const userTraits = getDecryptedCookieBrowser(userTraitsKey); 13console.log('User Traits: ', userTraits); 14// Output: 15// User Traits: {"email":"abc@xyz.com","name":"John Doe"} 16 17const invalidCookie = getDecryptedCookieBrowser('invalid-cookie-name'); 18console.log('Invalid Cookie: ', invalidCookie); 19// Output: 20// Invalid Cookie: null
Debugging
As all the above APIs swallow the errors, you can set the debug argument to true to log the errors.
1import { getDecryptedValue } from '@rudderstack/analytics-js-cookies'; 2 3const encryptedCookieValue = 'RS_ENC_v3_InRlc3QtZGF0YSI-some-random-data'; 4 5// Set the debug flag to true 6const decryptedCookieValue = getDecryptedValue(encryptedCookieValue, true); 7console.log('Decrypted Cookie Value: ', decryptedCookieValue); 8 9// Output: 10// Error occurred during decryption: Unexpected non-whitespace character after JSON at position 11 11// Decrypted Cookie Value: null
License
This project is licensed under the Elastic License 2.0. See the LICENSE.md file for details. Review the license terms to understand your permissions and restrictions.
If you have any questions about licensing, please contact us or refer to the official Elastic licensing page.
Contribute
We invite you to contribute to this project. For more information on how to contribute, please see here.
Contact us
For more information on any of the sections covered in this readme, you can contact us or start a conversation on our Slack channel.
Follow Us
:clap: Our Supporters
No vulnerabilities found.
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Info: Found linked content: SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
all changesets reviewed
Reason
30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE.md:0
- Warn: project license file does not contain an FSF or OSI license.
Reason
SAST tool is not run on all commits -- score normalized to 9
Details
- Warn: 29 commits out of 30 are checked with a SAST tool
Reason
dependency not pinned by hash detected -- score normalized to 6
Details
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/check_pr_title.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/check_pr_title.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/create-hotfix-branch.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/create-hotfix-branch.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy-npm.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/deploy-npm.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy-npm.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/deploy-npm.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy-sanity-suite.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/deploy-sanity-suite.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy-sanity-suite.yml:93: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/deploy-sanity-suite.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/deploy.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/deploy.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/draft-new-release.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/draft-new-release.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/draft-new-release.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/draft-new-release.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/draft-new-release.yml:146: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/draft-new-release.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/housekeeping.yaml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/housekeeping.yaml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/housekeeping.yaml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/housekeeping.yaml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-new-release.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/publish-new-release.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-new-release.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/publish-new-release.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rollback.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/rollback.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rollback.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/rollback.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rollback.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/rollback.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rollback.yml:121: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/rollback.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security-code-quality-and-bundle-size-checks.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/security-code-quality-and-bundle-size-checks.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security-code-quality-and-bundle-size-checks.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/security-code-quality-and-bundle-size-checks.yml/develop?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/security-code-quality-and-bundle-size-checks.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/security-code-quality-and-bundle-size-checks.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security-code-quality-and-bundle-size-checks.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/security-code-quality-and-bundle-size-checks.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security-code-quality-and-bundle-size-checks.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/security-code-quality-and-bundle-size-checks.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/trigger-test-suites.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/trigger-test-suites.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-tests-and-lint.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/unit-tests-and-lint.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-tests-and-lint.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/unit-tests-and-lint.yml/develop?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/draft-new-release.yml:104
- Info: 0 out of 25 GitHub-owned GitHubAction dependencies pinned
- Info: 15 out of 17 third-party GitHubAction dependencies pinned
- Info: 0 out of 1 npmCommand dependencies pinned
Reason
branch protection is not maximal on development and all release branches
Details
- Info: 'allow deletion' disabled on branch 'develop'
- Info: 'force pushes' disabled on branch 'develop'
- Warn: 'branch protection settings apply to administrators' is disabled on branch 'develop'
- Info: 'stale review dismissal' is required to merge on branch 'develop'
- Warn: required approving review count is 1 on branch 'develop'
- Info: codeowner review is required on branch 'develop'
- Info: 'last push approval' is required to merge on branch 'develop'
- Warn: 'up-to-date branches' is disabled on branch 'develop'
- Info: status check found to merge onto on branch 'develop'
- Info: PRs are required in order to make changes on branch 'develop'
Reason
5 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-4www-5p9h-95mh
- Warn: Project is vulnerable to: GHSA-9gqv-wp59-fq42
- Warn: Project is vulnerable to: GHSA-356w-63v5-8wf4
- Warn: Project is vulnerable to: GHSA-859w-5945-r5v3
- Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/check_pr_title.yml:1
- Warn: no topLevel permission defined: .github/workflows/create-hotfix-branch.yml:1
- Info: topLevel 'contents' permission set to 'read': .github/workflows/deploy-beta.yml:12
- Warn: no topLevel permission defined: .github/workflows/deploy-dev.yml:1
- Info: topLevel 'contents' permission set to 'read': .github/workflows/deploy-npm.yml:22
- Warn: no topLevel permission defined: .github/workflows/deploy-prod.yml:1
- Info: topLevel 'contents' permission set to 'read': .github/workflows/deploy-sanity-suite.yml:36
- Warn: no topLevel permission defined: .github/workflows/deploy-staging.yml:1
- Info: topLevel 'contents' permission set to 'read': .github/workflows/deploy.yml:48
- Warn: no topLevel permission defined: .github/workflows/draft-new-release.yml:1
- Warn: no topLevel permission defined: .github/workflows/housekeeping.yaml:1
- Warn: no topLevel permission defined: .github/workflows/publish-new-release.yml:1
- Warn: topLevel 'contents' permission set to 'write': .github/workflows/rollback.yml:12
- Warn: no topLevel permission defined: .github/workflows/security-code-quality-and-bundle-size-checks.yml:1
- Warn: no topLevel permission defined: .github/workflows/trigger-test-suites.yml:1
- Warn: no topLevel permission defined: .github/workflows/unit-tests-and-lint.yml:1
- Warn: no topLevel permission defined: .github/workflows/validate-actor.yml:1
- Info: no jobLevel write permissions found
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Score
6.8
/10
Last Scanned on 2025-04-28
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More