We at MutableSecurity want the software we write to be useful for the open source community. To achieve this, two aspects are mandatory:
- Understanding how the application is used, such that our efforts could be concentrated in the functionalities and modules mostly used; and
- Rapidly fixing issues and bugs encountered by our users.
We established active communication channels (templates for GitHub issues, contact forms and an email address) and passive feedback streams, in the form of non-intrusive application monitoring:
- Usage monitoring with handcrafted data collection and storage; and
- Crash reporting with Sentry.
If you want to see the code implementing them, you can check the
monitoring module here.
The data that is reported with the usage monitoring module is composed of:
- Managed security solution
- A boolean indicating if you are a developer
- The operating system
- Version of Python interpreter
- Version of MutableSecurity
In addition, for each crash, Sentry reports:
- Stack trace
- Used command
- Version of Python interpreter.
If you considered that the data collection approach described above is too intrusive, you can disable the application monitoring in MutableSecurity by creating a
.mutablesecurity file in the working directory, with the content below:
For any thoughts related to this aspect (for example, if you consider we could achieve this in a better way), please write us a line at