chore: update PostHog SDKs to latest versions#5673
Merged
0xArshdeep merged 5 commits intomainfrom Mar 17, 2026
Merged
Conversation
- Update posthog-node from ^3.6.2 to ^5.28.1 (backend) - Update posthog-js from ^1.198.0 to ^1.360.1 (frontend) - Fix breaking change: shutdownAsync() -> shutdown() in telemetry service Co-Authored-By: arsh <[email protected]>
Contributor
Author
🤖 Devin AI EngineerI'll be helping with this pull request! Here's what you should know: ✅ I will automatically:
Note: I can only respond to comments from users who have write access to this repository. ⚙️ Control Options:
|
Contributor
Greptile SummaryThis PR updates the PostHog SDKs to their latest versions: Key changes:
Confidence Score: 4/5
Important Files Changed
Last reviewed commit: 63b0e70 |
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
Address Greptile review: shutdown() in v5 returns void (fire-and-forget), so use _shutdown() which returns Promise<void> to preserve awaitable graceful shutdown behavior. Co-Authored-By: arsh <[email protected]>
Contributor
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
Address Greptile review: _shutdown() is an internal underscore-prefixed method with no public API stability guarantee. Use the public flush() (returns Promise) to await event delivery, then shutdown() for cleanup. Co-Authored-By: arsh <[email protected]>
![devin-ai-integration[bot]](https://avatars.githubusercontent.com/in/811515?s=60&v=4){kind=small}
The underlying @posthog/core class returns Promise<void> from shutdown(), so await it directly. This both satisfies the linter and ensures graceful flush before process exit. Co-Authored-By: arsh <[email protected]>
Contributor
Collaborator
✅ Snyk checks have passed. No issues have been found so far.
💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse. |
Contributor
varonix0
approved these changes
Mar 17, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Context
PostHog flagged outdated SDK versions sending >10-20% of events in the last 7 days:
posthog-node):^3.6.2→^5.28.1(latest: 5.28.1)posthog-js):^1.198.0→^1.360.1(latest: 1.360.1)The
posthog-nodeupgrade is a major version bump (3→5). The oldshutdownAsync()method was removed; the graceful-shutdown path intelemetry-service.tsnow usesawait postHog.shutdown(), which returnsPromise<void>in the v5@posthog/corebase class (it flushes all pending events and cleans up before resolving).Updates since last revision
flush()+shutdown()two-step pattern with a singleawait postHog.shutdown(). In posthog-node v5, the underlying@posthog/coreclass declaresshutdown(): Promise<void>as a public method that both flushes pending events and performs cleanup. This satisfies the@typescript-eslint/no-floating-promiseslint rule and keeps the code simple.shutdown()return type discrepancy: TheIPostHoginterface inposthog-node/dist/types.d.tsdeclaresshutdown(): void, but the actualPostHogCoreStatelessbase class in@posthog/coredeclaresshutdown(): Promise<void>. TypeScript resolves to the class implementation so this compiles and lints cleanly, but the mismatch is worth being aware of — a future SDK restructuring could break this.[email protected]requiresnode: "^20.20.0 || >=22.22.0". Verify production Dockerfiles satisfy this (currently pinned tonode:20.20.0-trixie-slim).posthog-jsv1.360 pulls in@opentelemetry/*packages (potential frontend bundle size increase).posthog-nodev5 adds@posthog/core(withcross-spawn). Low risk but worth noting.capture(),identify(), andgroupIdentify()all type-checked cleanly, but worth a quick sanity check that telemetry events still reach PostHog after deploying to staging.Steps to verify the change
npm run type:checkin both)Type
Checklist
Link to Devin Session: https://app.devin.ai/sessions/34f1346eea8b45e7b549d4a4cb2b1a2a
Requested by: @0xArshdeep