Skip to content

Telemetry

The varlock CLI collects anonymous telemetry data about usage to help us understand how the tool is being used and to make it better. Participation is optional, and you may opt-out at any time.

We track general usage information, and the environment in which varlock is being used. Specifically we collect anonymous information about:

  • Which varlock command is being invoked
  • Which framework integration invoked the CLI (if any), such as Vite, Next.js, or Astro: official @varlock/* package name and version only
  • Which plugins are installed in the project: @varlock/* plugin names and versions are sent as-is; third-party plugin names are hashed (SHA-256) and versions are omitted
  • Anonymous, non-sensitive usage attributes that official @varlock/* plugins report about how they are used (for example which authentication mode is active, or whether a feature is enabled): booleans, short enum strings, and counts only; collected for official plugins only and strictly sanitized (never secret values, item references, hostnames, or paths)
  • Anonymous schema feature signals when a project is loaded: for example root settings like @redactLogs, cache mode, safe resolver/decorator identifiers in use, and data source type counts (not config keys, values, file paths, or error messages)
  • Whether the env graph was loaded (graph_loaded) and a coarse error category when the run failed (error_code: e.g. parse_error, plugin_error, schema_error, validation_error, resolution_error, load_error): no error messages or file paths
  • Version information for varlock and Node.js
  • JavaScript package manager in use (if detectable from lockfiles or runtime env): npm, pnpm, yarn, bun, or deno only
  • General system/machine information
  • Anonymous user + project ID

We will never collect any of your config files or environment variables.

You can opt out of analytics in three ways:

Run the following command to permanently opt out:

Terminal window
npm exec -- varlock telemetry disable

This will create/update a configuration file saving your preference at $XDG_CONFIG_HOME/varlock/config.json (defaults to ~/.config/varlock/config.json).

You may re-enable telemetry by running varlock telemetry enable

You can also opt out temporarily by setting the VARLOCK_TELEMETRY_DISABLED environment variable:

Terminal window
export VARLOCK_TELEMETRY_DISABLED=true

This could be set in a specific terminal session, while running a specific command, in a Dockerfile, or in a CI/CD pipeline.

You can also opt out at the project level by creating a .varlock/config.json file in your project root with the following content:

my-app/.varlock/config.json
{
"telemetryDisabled": true
}
  • All analytics data is completely anonymous
  • No personal or sensitive information is collected
  • Data is only used to improve the product
  • You can opt out at any time
  • Analytics are handled by PostHog, a privacy-friendly analytics platform

The anonymous usage data helps us:

  • Understand which features are most used
  • Identify areas for improvement
  • Make informed decisions about future development
  • Prioritize bug fixes and new features

If you have any questions about our analytics or privacy practices, please start a discussion on GitHub.