▸Install the Flutter SDK
# pubspec.yaml
dependencies:
flutter:
sdk: flutter
respectlytics_flutter: ^3.0.0Pure Dart — no platform channels for analytics. Same code on every platform Flutter compiles to (iOS, Android, web, macOS, Windows, Linux). On web, events are sent via the REST API; mobile platforms use the same path.
▸Initialize Respectlytics in Flutter
import 'package:flutter/material.dart';
import 'package:respectlytics_flutter/respectlytics_flutter.dart';
Future<void> main() async {
WidgetsFlutterBinding.ensureInitialized();
await Respectlytics.configure(appKey: '<YOUR_APP_KEY>');
runApp(const MyApp());
}Initialize in main() after WidgetsFlutterBinding.ensureInitialized() and before runApp(). The future completes immediately on configuration; events queued before completion are flushed once the network is available.
✦Privacy & implementation notes
Open-source SDKs are the ground truth for security audits — a closed-source SDK requires you to trust vendor claims about behaviour, while an open one lets your security team verify behaviour from source. For regulated industries, this is often a procurement-gating requirement.
MIT (SDK) + AGPL (server) is the same license split used by GitLab, Sentry, MinIO, and other source-available SaaS. The pattern lets you ship the SDK with maximum permissiveness (no obligations on the consumer) while protecting the server from being forked into closed-source competing services.
The Flutter SDK is pure Dart. No MethodChannel, no platform-specific iOS or Android plugin code. The same code runs on every platform Flutter supports — including web and desktop targets. This eliminates one common audit surface ("what's the Android implementation doing?").
Always initialize after WidgetsFlutterBinding.ensureInitialized() and before runApp(). If you skip the binding step, the configure call will throw on platforms that need a binding for asynchronous I/O. The SDK documentation example uses this pattern by default.
⇋How this compares to other analytics SDKs
| SDK source availability | Firebase Analytics | Mixpanel | Amplitude | Respectlytics |
|---|---|---|---|---|
| Source publicly available | Partial | Yes (Apache 2.0) | Yes (MIT) | Yes (MIT) |
| Build artifacts match public source | Partial | Yes | Yes | Yes |
| Fork-and-modify allowed | Limited | Yes | Yes | Yes |
| Compile from source for audit | Limited | Yes | Yes | Yes |
| Public commit history | Limited | Yes | Yes | Yes |
❓Frequently asked questions
Where are the SDK repositories?
Each SDK has its own public repository under the Respectlytics organisation on GitHub. The repo URLs are linked from [/sdk/](https://respectlytics.com/sdk/). The repos contain source, tests, release tags, and CI configuration.
Are the published binaries reproducible from source?
Yes. Build instructions in each repo's README produce artifacts that match the published packages (CocoaPods/SPM/Maven Central/npm/pub.dev). The CI pipeline that publishes uses the same build commands. Reproducible builds are a goal we test against; if you observe a discrepancy, please file an issue.
Can we modify the SDK and ship our fork?
Yes — the MIT license allows it without restriction. Many enterprises fork to adjust logging, add internal tracing, or vendor the SDK into their build. The license covers this entirely.
What about the SERVER — is it also open source?
The server is AGPL-3.0 (a stronger copyleft license than the SDK's MIT). See the self-hosted-option page for details. SDK is MIT; server is AGPL — that's the standard split for source-available SaaS.