Web instances: Add flags to enable unsafe extra features (#438)

source/plugins/languages/README.md

@@ -30,9 +30,11 @@ If you work a lot with other people, these numbers may be less representative of
 
 The `plugin_languages_indepth` option lets you get more accurate metrics by cloning each repository you contributed to, running [github/linguist](https://github.com/github/linguist) on it and then iterating over patches matching your username from `git log`. This method is slower than the first one.
 
-> ⚠️ Although *metrics* does not send any code to external sources, you must understand that when using this option repositories are cloned locally temporarly on the GitHub Action runner. If you work with sensitive data or company code, it is advised to keep this option disabled. *Metrics* cannot be held responsible for any eventual code leaks, use at your own risk.
+> ⚠️ Although *metrics* does not send any code to external sources, you must understand that when using this option repositories are cloned locally temporarly on the GitHub Action runner. If you work with sensitive data or company code, it is advised to keep this option disabled. *Metrics* and its authors cannot be held responsible for any eventual code leaks, use at your own risk.
 > Source code is available for auditing at [analyzers.mjs](/source/plugins/languages/analyzers.mjs)
 
+> 🔣 On web instances, `indepth` is an extra feature and must be enabled globally in `settings.json`
+
 #### `commits_authoring` option
 
 Since Git lets you use any email and name for commits, metrics may not be able to detect whether you own a commit or not. By default, it'll check whether it matches your GitHub login.

source/plugins/languages/index.mjs

@@ -2,7 +2,7 @@
 import { indepth as indepth_analyzer, recent as recent_analyzer } from "./analyzers.mjs"
 
 //Setup
-export default async function({login, data, imports, q, rest, account}, {enabled = false} = {}) {
+export default async function({login, data, imports, q, rest, account}, {enabled = false, extras = false} = {}) {
   //Plugin execution
   try {
     //Check if plugin is enabled and requirements are met
@@ -52,17 +52,20 @@ export default async function({login, data, imports, q, rest, account}, {enabled
       }
     }
 
-    //Recently used languages
-    if ((sections.includes("recently-used"))&&(context.mode === "user")) {
-      console.debug(`metrics/compute/${login}/plugins > languages > using recent analyzer`)
-      languages["stats.recent"] = await recent_analyzer({login, data, imports, rest, account}, {skipped, days:_recent_days, load:_recent_load})
-    }
+    //Extras features
+    if (extras) {
+      //Recently used languages
+      if ((sections.includes("recently-used"))&&(context.mode === "user")) {
+        console.debug(`metrics/compute/${login}/plugins > languages > using recent analyzer`)
+        languages["stats.recent"] = await recent_analyzer({login, data, imports, rest, account}, {skipped, days:_recent_days, load:_recent_load})
+      }
 
-    //Indepth mode
-    if (indepth) {
-      console.debug(`metrics/compute/${login}/plugins > languages > switching to indepth mode (this may take some time)`)
-      Object.assign(languages, await indepth_analyzer({login, data, imports, repositories}, {skipped}))
-      console.debug(`metrics/compute/${login}/plugins > languages > indepth analysis missed ${languages.missed} commits`)
+      //Indepth mode
+      if (indepth) {
+        console.debug(`metrics/compute/${login}/plugins > languages > switching to indepth mode (this may take some time)`)
+        Object.assign(languages, await indepth_analyzer({login, data, imports, repositories}, {skipped}))
+        console.debug(`metrics/compute/${login}/plugins > languages > indepth analysis missed ${languages.missed} commits`)
+      }
     }
 
     //Compute languages stats