heap.js Changelog

Changelog

All notable changes to the Heap.js library will be documented in this file.

The format is based on Keep a Changelog and this project adheres to
Semantic Versioning.

[4.19.3] - 2023-04-12

Fixed

  • [HEAP-42521] Fix auryc session replays to heap users mapping

[4.19.2] - 2023-02-24

Added

  • [HEAP-37995] Add screen dimensions when replay is present

[4.19.1] - 2023-01-12

Added

  • [HEAP-36069] Add replay settings to heap config object when present
  • [HEAP-37742] Collect data-* and aria-label attributes on SVG elements
  • [HEAP-38084] Prevent href interception for turbo frame elements
  • [HEAP-38638] Add data-heap-turbo attribute to prevent href interception for turbo frame elements

Fixed

  • [HEAP-38048] Handle form submissions for dialog elements

[4.19.0] - 2022-10-11

Added

  • [HEAP-35660] Prevent auryc session metadata capture on stale sessions
  • [HEAP-35217] Add auryc event listeners to session activity logic

[4.18.4] - 2022-08-19

Added

  • [HEAP-34283] Capture auryc session metadata on sampled clients only
  • [HEAP-33977] Map auryc session replays to heap users

Fixed

  • [HEAP-33724] Fix User Agent Client Hints capture on Chrome 104

[4.18.3] - 2022-07-26

Fixed

  • [HEAP-33185] Include clientside time in session replay metadata

[4.18.2] - 2022-07-26

Fixed

  • [HEAP-31115] Capture User Agent Client Hints on Chromium browsers

[4.18.1] - 2022-06-07

Fixed

  • [HEAP-32738] Handle edge cases where some pageview events weren't capturing auryc metadata

[4.18.0] - 2022-06-07

Added

  • [HEAP-30846] Capture session replay metadata when present

Changed

  • [HEAP-31116] Allow polyfills to be overwriten

[4.17.2] - 2022-04-18

Added

  • [HEAP-27954] Added getSessionId API

[4.17.1] - 2022-03-21

Changed

  • [HEAP-25947] Refactor cookie code into TypeScript

Added

  • [HEAP-27083] Segment support for heap.js
  • [HEAP-28816] Allow wildcard matching on tags

[4.17.0] - 2022-02-10

Fixed

  • [HEAP-26974] Handle edge cases where click events weren't registering on mobile safari

[4.16.0] - 2022-01-27

Fixed

  • [HEAP-26225] Prevent usage of console functions on IE9 browsers

[4.15.0] - 2021-09-24

Fixed

  • [HEAP-23977] Remove both key and value when a null value in an object is detected during serialization

Added

  • [HEAP-24336] Add debug mode for heap.js

[4.14.1] - 2021-05-14

Fixed

  • [HEAP-22539] Fixed hrefs not being properly redacted for some heap-redact elements.

[4.14.0] - 2021-03-12

Added

  • [HEAP-21467] Block {{ customer.email }} identities.

Changed

  • [HEAP-19173] Change array iteration on dom_util to use indices instead of props in the array.
  • [HEAP-20041] Convert attribute_util to typescript.
  • [HEAP-18810] Remove unnecessary parameter in isSupportedClient.
  • [HEAP-20665] Rename files to non-suffixed naming scheme.

Fixed

  • [HEAP-21219] Prevent events from being assigned to an expired session.
  • [HEAP-21086] Limit max recursive calls between heap.identify and identifyV3 to 3.

[4.13.2] - 2020-12-08

Added

  • [HEAP-19037] Fill EV telemetry gaps.
  • [HEAP-19302] Send status updates to EV loading screen.

Changed

  • [HEAP-18784] Factor remaining constants out of heap.js.
  • [HEAP-19318] Add argument validation to addEventProperties.
  • [HEAP-14986] Refactor StringBuilder into module and add unit tests.

[4.13.1] - 2020-11-06

Fixed

  • [HEAP-18409] Assign correct URL properties to events when pushstate is updated synchronously during page redirects.

[4.13.0] - 2020-09-29

Added

  • Added the ability to configure secureCookie from the Privacy & Security Center.
  • Add the ability to configure disableTextCapture from the Privacy & Security Center.

Fixed

  • Updated custom track events to have the correct timestamp when used with rewrite.
  • Restricted Snapshots to exact selectors.

[4.12.0] 2020-08-17

Fixed

  • Updated custom track events to have the correct timestamp when used with rewrite.
  • Restricted snapshots to exact selectors.

Changed

  • Extracted getSearchKeyword into library.

[4.11.2] 2020-07-07

Changed

  • Decreased user cookie timeout to less than 13 months for GDPR compliance.

[4.11.1] 2020-06-29

Fixed

  • Properly truncated hierarchies from the bottom-up instead of top-down.

[4.10.0] - 2020-05-26

Changed

  • Change IDv4 API to default to IDv3 and addUserProperties calls for non-whitelisted environments.
  • Change heap-ignore behavior to redact target text when a descendant element has a heap-ignore attribute.

[4.9.0] - 2020-05-11

Changed

  • Set SameSite=None;Secure when secureCookie is set.
  • Extract custom track calls out into library.
  • Update EV instantiation flow.

[4.8.2] - 2020-04-30

Added

  • Send telemetry for secureCookie and inline frame usage.

[4.7.0] - 2020-04-06

Added

  • Selector snapshots now extract the value of the nearest matching element instead of the first matching element on the page.
  • We now automatically redact id_token, access_token, refresh_token, and auth_token from captured query strings and hashes.
  • Heap.js builds will now fail if the bundle size is too large.

Changed

  • Updated the minimum supported IE version to IE9.
  • Moved internal Heap EV app ID to constants.
  • Moved the maximum attribute length to constants.
  • Removed json2.js.

[4.6.1] - 2020-03-30

Changed

  • Add SameSite attribute to hp2 cookies.
  • Update identify blacklist to handle some case-insensitive identities.

[4.6.0] - 2020-02-21

Changed

  • Capture previous page.
  • Don't sanitize undefined attribute values.

[4.5.1] - 2020-02-18

Changed

  • Set expiration on hld cookie.
  • Do not send telemetry on pixel failure.

[4.5.0] - 2020-02-07

Fixed

  • Removed ID parameters from telemetry calls.
  • No longer capturing target text on text area elements.

Added

  • Added rewrite API.

[4.4.2] - 2020-01-13

Fixed

  • Trim leading zeroes from IDs.
  • Fix browser incompatibilities in heap.js.

[4.4.1] - 2020-01-10

Fixed

  • Make lint fixes.

[4.4.0] - 2019-12-11

Added

  • Added check in heap.identify which blocks identify calls that are clearly invalid.

[4.3.0] - 2019-11-21

Added

  • Add support for wildcards in snapshot definitions.

[4.2.2] - 2019-11-11

Added

  • Added telemetry to record various parameters about cookie size.

[4.2.1] - 2019-10-29

Fixed

  • Lint fixes.

[4.2.0] - 2019-10-28

Added

  • Add support for tracking the full landing page URL at the session level, including the full query string and the landing page hash.

[4.1.0] - 2019-09-13

Added

  • Added trackingServer init argument.

[4.0.13] - 2019-09-12

Added

  • Introduced the ability to enable or disable tracking programatically by setting heap.loaded to a boolean value.

[4.0.12] - 2019-09-11

Fixed

  • Removed several globally scoped variables.
  • Updated Heap to no longer collect data on Google Translate pages.

[4.0.11] - 2019-09-10

Fixed

  • Removed globally scoped variable.

[4.0.10] - 2019-08-29

Changed

  • Refactored and generalized error telemetry endpoint.

[4.0.9] - 2019-08-16

Fixed

  • Fixed a bug in heap.js that was causing us to fire a Chameleon-specific error telemetry in cases where a customer erroneously called heap.track with a non-string "type".

[4.0.8] - 2019-08-14

Fixed

  • Optimized the script size by changing a document reference into a documentAlias reference.

[4.0.7] - 2019-07-17

Fixed

Fixed a bug in heap.js was causing new sessions and users to not be sent successfully to Heap. This affected some pages that redirected immediately by setting window.location.href. The bug allowed the Heap session cookie to be set even when the new session was not successfully sent to Heap, meaning all pageviews within that session would have session id XYZ but no session actually existed with id XYZ.

This fix implements a retry system for new session and new user requests. We will try to send the request upon each page load until we receive a response from our server that it was successfully received.

[4.0.6] - 2019-06-10

Fixed

  • Fixed a bug where heap.js was still sending data even when the Event Visualizer was in use.

[4.0.5] - 2019-06-10

Changed

  • Send error telemetry.

[4.0.4] - 2019-04-05

Changed

  • Reload front end source data after pushState, popState, and hashChange but before pageview metadata is sent.

[4.0.3] - 2018-12-12

Fixed

  • Another fix for a bug in heap.js causing clicks on < a > tags inside < svg > tags to throw an error. The initial fix did not catch conditions when the link is followed, since it is not possible to replicate that in automated environments.

[4.0.2] - 2018-12-06

Fixed

  • Fixed a bug in heap.js causing clicks on < a > tags inside < svg > tags to throw an error.

[4.0.1] - 2018-12-03

  • Fixed a bug that could result in track calls without app ID or user params in apps with an async source enabled.

[4.0.0] - 2018-11-06

Changed

  • Added changelog & versions.json to track heap.js progress