SonicJS collects anonymous, privacy-respecting telemetry data to help us understand how the framework is being used and identify areas for improvement. We are committed to transparency and user privacy.
- Installation success/failure rates
- Installation duration
- Template selection
- Operating system (macOS, Linux, Windows)
- Node.js version (major.minor only)
- Package manager (npm, yarn, pnpm, bun)
- Development server start/stop events
- Plugin activation counts (no plugin names)
- Collection/content creation counts (no actual data)
- Generic feature usage patterns
- Page views (route patterns only, sanitized)
- Error types (sanitized, no sensitive data)
We are committed to NEVER collecting personally identifiable information (PII):
- ❌ Email addresses
- ❌ Usernames or passwords
- ❌ IP addresses
- ❌ File paths with usernames
- ❌ Content or data you create
- ❌ API keys or secrets
- ❌ Project names or identifiers
- ❌ Any other PII
All data is anonymized using:
- Random UUIDs for installation identification
- Sanitized error messages (type only)
- Sanitized routes (patterns only)
- Hash-based project identification
- A random UUID is generated and stored in
~/.sonicjs/telemetry.json - This ID is used to track installations anonymously
- The ID persists across sessions but is unique per user
- You can delete this file at any time
- Events are tracked using PostHog (privacy-first analytics platform)
- Events are batched and sent asynchronously
- Telemetry never blocks or slows down your application
- Silent failures - telemetry errors never crash your app
- Data is stored on PostHog's secure servers
- We use PostHog Cloud (free tier) initially
- Option to self-host if needed in the future
- Data retention: 1 year
We respect your choice to disable telemetry. You can opt out in multiple ways:
# Add to your shell profile (~/.bashrc, ~/.zshrc, etc.)
export SONICJS_TELEMETRY=false# SonicJS respects the DO_NOT_TRACK standard
export DO_NOT_TRACK=1# During installation
npx create-sonicjs my-app --no-telemetry// sonicjs.config.js
export default {
telemetry: false
}# Check if telemetry is enabled
echo $SONICJS_TELEMETRY
# Remove telemetry ID
rm ~/.sonicjs/telemetry.jsonTelemetry helps us:
- Improve Reliability: Identify and fix installation failures
- Guide Development: Understand which features are most used
- Support Users Better: See common error patterns
- Measure Adoption: Track SonicJS growth and engagement
- Optimize Performance: Identify bottlenecks in workflows
- Data is used only for product improvement
- Data is never sold or shared with third parties
- Data is never used for marketing or advertising
- Data is aggregated and anonymized for analysis
- Only core SonicJS maintainers have access
- Access is logged and audited
- Data is never exported to external systems
- You can request data deletion at any time
- Email us at privacy@sonicjs.com
- We will delete your installation ID's data within 30 days
- SDK:
posthog-nodev4+ - Endpoint:
https://us.i.posthog.com(PostHog Cloud US) - Project: SonicJS Production
- Batch Size: 20 events (runtime), 1 event (CLI)
- Flush Interval: 10 seconds (runtime), 1 second (CLI)
- Timeout: 5 seconds
{
event: 'installation_started',
properties: {
timestamp: '2025-11-14T10:00:00.000Z',
version: '2.0.0',
os: 'darwin',
nodeVersion: '18.0',
packageManager: 'npm',
template: 'starter'
},
distinctId: 'uuid-v4-installation-id'
}All data passes through sanitization functions:
// Route sanitization
'/admin/users/123' → '/admin/users/:id'
'/admin/users/550e8400-...' → '/admin/users/:id'
// Error sanitization
'TypeError: Cannot read property X' → 'TypeError'
'/Users/john/project/file.js' → '/Users/***/project/file.js'
'user@example.com' → '***@***.***'- Telemetry service module
- Anonymous installation ID generation
- Opt-out mechanism
- Installation event tracking
- CLI integration with notice
- Dev server events
- Plugin activation tracking
- Collection/content creation events
- Page view tracking
- Feature usage tracking
- Error tracking
- Feature flags integration
- A/B testing framework
- Progressive rollouts
- 1M events/month - FREE
- Unlimited users
- 1 year retention
- 100% features
- Small (1K installs/month): ~6K events/month
- Medium (10K installs/month): ~60K events/month
- Large (100K installs/month): ~600K events/month
- Sampling: Track 50% of events
- Self-hosting: Use PostHog open source
- Custom solution: Build lightweight alternative
Yes, but you can easily opt out using environment variables.
Yes, set DEBUG=true to see all telemetry events in the console.
We respect that. You can disable telemetry or wait for self-hosting support.
No. Events are batched, sent asynchronously, and never block execution.
Yes, simply remove the SONICJS_TELEMETRY=false environment variable.
Email privacy@sonicjs.com with your installation ID (found in ~/.sonicjs/telemetry.json).
The telemetry implementation is 100% open source:
- Code:
packages/core/src/services/telemetry-service.ts - Tests:
packages/core/src/services/telemetry-service.test.ts - Documentation: This file
You can inspect, audit, and contribute to the telemetry code at any time.
We welcome feedback on our telemetry implementation:
- GitHub Issues: https://github.com/lane711/sonicjs/issues
- Email: privacy@sonicjs.com
- Discord: Join our community
This document will be updated as we roll out new telemetry features. Check the changelog for updates.
Last Updated: November 14, 2025 Version: 2.0.0