Umami: drop duplicate + close 4 tracking gaps (#80)

nextlevelshit · Michael Czechowski · commit 9b040d6aa29b · 2026-05-09T22:46:06.000+02:00
Co-authored-by: Michael Czechowski &lt;mail@dailysh.it&gt;
Co-committed-by: Michael Czechowski &lt;mail@dailysh.it&gt;
diff --git a/src/app.js b/src/app.js
@@ -24,6 +24,44 @@ function track(eventName, eventData = {}) {
 	}
 }
 
+// Global error handlers — capture uncaught JS + CSP violations.
+// Strip PII: only filename (basename), line/col, truncated message.
+// Throttle to avoid event-storms (max 1 per error signature per minute).
+const _errorThrottle = new Map();
+function _shouldEmitError(sig) {
+	const now = Date.now();
+	const last = _errorThrottle.get(sig) || 0;
+	if (now - last < 60_000) return false;
+	_errorThrottle.set(sig, now);
+	return true;
+}
+window.addEventListener("error", (e) => {
+	const file = (e.filename || "").split("/").pop() || "unknown";
+	const msg = (e.message || "").slice(0, 140);
+	const sig = `${file}:${e.lineno}:${msg.slice(0, 40)}`;
+	if (_shouldEmitError(sig)) {
+		track("js_error", { file, line: e.lineno, col: e.colno, message: msg });
+	}
+});
+window.addEventListener("unhandledrejection", (e) => {
+	const reason = e.reason;
+	const msg = (reason?.message || String(reason || "unknown")).slice(0, 140);
+	const sig = `promise:${msg.slice(0, 40)}`;
+	if (_shouldEmitError(sig)) {
+		track("js_unhandled_rejection", { message: msg });
+	}
+});
+document.addEventListener("securitypolicyviolation", (e) => {
+	const sig = `csp:${e.violatedDirective}:${e.blockedURI}`;
+	if (_shouldEmitError(sig)) {
+		track("csp_violation", {
+			directive: e.violatedDirective,
+			blocked_uri: (e.blockedURI || "").slice(0, 200),
+			source_file: (e.sourceFile || "").split("/").pop() || ""
+		});
+	}
+});
+
 // Simplified state - LessonEngine now manages lesson state and progress
 const state = {
 	userSettings: {
@@ -913,6 +951,18 @@ function runCode() {
 			lesson: engineState.lessonIndex
 		});
 
+		// Derive module_complete: validateCode() already marked progress, so refetch state
+		const updatedState = lessonEngine.getCurrentState();
+		const moduleId = updatedState.module?.id;
+		const completedCount = lessonEngine.userProgress?.[moduleId]?.completed?.length ?? 0;
+		const lessonCount = updatedState.module?.lessons?.length ?? 0;
+		if (moduleId && lessonCount > 0 && completedCount === lessonCount) {
+			track("module_complete", {
+				module: moduleId,
+				lessons: lessonCount
+			});
+		}
+
 		// Show success hint
 		showSuccessHint(validationResult.message || t("successMessage"));
 
@@ -970,6 +1020,15 @@ function runCode() {
 		const step = validationResult.validCases + 1;
 		const total = validationResult.totalCases;
 
+		// Track partial / failed validation — funnel signal for which lessons trip users
+		track("lesson_fail", {
+			module: engineState.module?.id,
+			lesson: engineState.lessonIndex,
+			step,
+			total,
+			progress: total > 0 ? Math.round((step - 1) / total * 100) : 0
+		});
+
 		// Only show hints if enabled
 		if (!state.userSettings.disableFeedbackErrors) {
 			showHint(validationResult.message || t("keepTrying"), step, total);
diff --git a/src/auth.js b/src/auth.js
@@ -340,8 +340,10 @@ function setupAuthForms() {
     if (currentHash && !currentHash.includes("access_token")) {
       localStorage.setItem("codeCrispies.oauthReturnRoute", currentHash);
     }
+    track("auth_oauth_click", { provider: "google" });
     const { error } = await authModule?.signInWithGoogle() ?? { error: null };
     if (error) {
+      track("auth_oauth_failed", { provider: "google", error_code: error.status || error.code });
       showOAuthError(error.message);
     }
   });
@@ -352,8 +354,10 @@ function setupAuthForms() {
     if (currentHash && !currentHash.includes("access_token")) {
       localStorage.setItem("codeCrispies.oauthReturnRoute", currentHash);
     }
+    track("auth_oauth_click", { provider: "github" });
     const { error } = await authModule?.signInWithGitHub() ?? { error: null };
     if (error) {
+      track("auth_oauth_failed", { provider: "github", error_code: error.status || error.code });
       showOAuthError(error.message);
     }
   });
@@ -386,6 +390,7 @@ async function handleLoginSubmit(e) {
   if (error) {
     errorEl.textContent = error.message;
     errorEl.classList.remove("hidden");
+    track("auth_login_failed", { method: "email", error_code: error.status || error.code });
   } else {
     errorEl.classList.add("hidden");
     document.getElementById("auth-dialog").close();
@@ -418,6 +423,7 @@ async function handleSignupSubmit(e) {
     errorEl.textContent = error.message;
     errorEl.classList.remove("hidden");
     document.getElementById("signup-success")?.classList.add("hidden");
+    track("auth_signup_failed", { method: "email", error_code: error.status || error.code });
   } else {
     errorEl.classList.add("hidden");
     // Show success message
@@ -449,9 +455,11 @@ async function handleResetSubmit(e) {
     errorEl.textContent = error.message;
     errorEl.classList.remove("hidden");
     successEl.classList.add("hidden");
+    track("auth_password_reset_failed", { error_code: error.status || error.code });
   } else {
     errorEl.classList.add("hidden");
     successEl.classList.remove("hidden");
+    track("auth_password_reset_request");
   }
 }
 
diff --git a/src/index.html b/src/index.html
@@ -4,7 +4,7 @@
 		<meta charset="UTF-8" />
 		<link rel="icon" href="./favicon.ico" type="image/x-icon" />
 		<meta name="viewport" content="width=device-width, initial-scale=1.0" />
-		<meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self' 'unsafe-inline' https://librete.ch https://umami.cloud.librete.ch https://liberapay.com; style-src 'self' 'unsafe-inline'; connect-src 'self' https://*.supabase.co wss://*.supabase.co https://umami.cloud.librete.ch; img-src 'self' https://liberapay.com data:; font-src 'self'; frame-src 'self' blob:" />
+		<meta http-equiv="Content-Security-Policy" content="default-src 'self'; script-src 'self' 'unsafe-inline' https://umami.cloud.librete.ch https://liberapay.com; style-src 'self' 'unsafe-inline'; connect-src 'self' https://*.supabase.co wss://*.supabase.co https://umami.cloud.librete.ch; img-src 'self' https://liberapay.com data:; font-src 'self'; frame-src 'self' blob:" />
 
 		<!-- Umami analytics (self-hosted at umami.cloud.librete.ch) -->
 		<script defer src="https://umami.cloud.librete.ch/script.js" data-website-id="4ad21991-5d01-4cf9-9f06-2c0c00ffbab1"></script>
@@ -58,7 +58,6 @@
 		</script>
 
 		<link rel="stylesheet" href="main.css" />
-		<script defer src="https://librete.ch/u/script.js" data-website-id="2189049f-80c1-4ca0-b0ff-b5cc49276b5f"></script>
 	</head>
 	<body>
 		<a href="#main-content" class="skip-link" data-i18n="skipLink">Skip to main content</a>
