How we do (not) collect data

It’s been a while since we started to develop our open-source tool for measuring Developer ExperienceDX Scanner. To make our product more trustworthy, we decided to tell you how we do (not) collect data and what we do with your code, so you don’t need to check it on your own (but sure you can!). We added links to our code so the checks are easier for you.

How the DX Scanner scans the code

There are two ways to scan your code.

You can run DX Scanner with dx-scanner run [your local path] from the terminal which makes the code run on your computer. If it’s public we don’t need any credentials. If it’s private, we will ask you for credentials. The reason is, we use VCS API (e.g. GitHub API) for getting some information about your pull requests, issues and other collaboration information to measure your teamwork (e.g. if you do pull requests, write conventional commit messages etc.)

You can also run the DX Scanner just with the URL of your project with command dx-scanner run [remote url]. If it’s public, we don’t need any credentials. We will just clone the repository in temporary folder and scan it as we do it with a local repository. If it’s private, we need your credentials so we can clone the repository in the temporary folder (which is on your device) and then ask the API for pull requests, commits etc.

We don’t send data anywhere except the DX Scanner Dashboard if you’re registered there and provide a DXS API token in the DX Scanner. You will be the only one who can see the data in your Dashboard (or your invited coworkers).

What data do we collect (if you provide us with DXS access token)

We don’t send any parts of your code anywhere and since the scanning happens on your computer, we can’t really access it in any way. Only data we ever send (to your dashboard) are shown below.

{
componentsWithDxScore: [
{
component: {
framework: 'UNKNOWN',
language: 'TypeScript',
path: '/Users/adelka/dx-scanner',
platform: 'UNKNOWN',
repositoryPath: 'https://github.com/DXHeroes/dx-scanner',
type: 'Library'
},
dxScore: {
value: '71% | 14/20',
points: { total: 1125, max: 1575, percentage: 71 }
},
serviceType: 'github',
securityIssues: [
{
library: 'node-fetch',
type: 'Denial of Service',
severity: 'low',
dependencyOf: 'bitbucket',
vulnerableVersions: '< 2.6.1 || >= 3.0.0-beta.1 < 3.0.0-beta.9',
patchedIn: '>=2.6.1 <3.0.0-beta.1|| >= 3.0.0-beta.9',
path: 'bitbucket > node-fetch'
},
],
updatedDependencies: [
{
library: 'git-url-parse',
newestVersion: '11.4.4',
currentVersion: '11.4.3',
severity: 'high'
},
],
linterIssues: [
{
filePath: '/src/contexts/language/languageContextBinding.ts(25)(10)',
severity: 'warning',
url: 'https://github.com/DXHeroes/dx-scanner/tree/master/src/contexts/language/languageContextBinding.ts#L25',
type: "'access' is defined but never used."
},
{
filePath: '/src/services/gitlab/gitlabClient/resources/MergeRequests.ts(229)(14)',
severity: 'warning',
url: 'https://github.com/DXHeroes/dx-scanner/tree/master/src/services/gitlab/gitlabClient/resources/MergeRequests.ts#L229',
type: 'Unexpected any. Specify a different type.'
}
],
pullRequests: []
}
],
collectorsData: {
branches: { current: 'master', default: 'master' },
contributors: [
{
user: {
id: '53510747',
login: 'adelkahomolova',
url: 'https://api.github.com/users/adelkahomolova'
},
contributions: 808
}
]
},
version: '3.50.2',
id: '6685bbdf-eefa-44ed-8eee-258aab47f853',
dxScore: {
value: '71% | 14/20',
points: { total: 1125, max: 1575, percentage: 71 }
}
}

Time to scan your repository!

Now you know that it is totally safe to scan your repository and measure developer experience with our DX Scanner.

Try open-source to look at some suggestions for better programming life here.

Collect data from DX Scanner and see them in your very own dashboard. Analyze outcomes and your work and teamwork over time here.

Thanks

Thank you for your interest in DX Scanner! If you have any questions you can contact us on GitHub or our Slack!

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store