Gathering detailed insights and metrics for posthog-js
Gathering detailed insights and metrics for posthog-js
Gathering detailed insights and metrics for posthog-js
Gathering detailed insights and metrics for posthog-js
posthog-js-lite
> 🚧 This is a reduced feature set package. Currently the only officially supported feature complete way of using PostHog on the web is [posthog-js](https://github.com/PostHog/posthog-js)
posthog-node
PostHog Node.js integration
posthog-react-native
Please see the main [PostHog docs](https://www.posthog.com/docs).
posthog-docusaurus
🦔 PostHog plugin for Docusaurus
Send usage data from your web app or site to PostHog, with autocapture.
npm install posthog-js
Module System
Min. Node Version
Typescript Support
Node Version
NPM Version
303 Stars
1,964 Commits
126 Forks
10 Watching
140 Branches
78 Contributors
Updated on 27 Nov 2024
Minified
Minified + Gzipped
TypeScript (97.63%)
HTML (1.59%)
JavaScript (0.77%)
CSS (0.01%)
Vue (0.01%)
Cumulative downloads
Total Downloads
Last day
-8.5%
131,975
Compared to previous day
Last week
-0.4%
680,085
Compared to previous week
Last month
16.2%
2,895,597
Compared to previous month
Last year
188.1%
23,537,184
Compared to previous year
4
69
For information on using this library in your app, see PostHog Docs.
This README is intended for developing the library itself.
Unit tests: run pnpm test
.
Cypress: run pnpm start
to have a test server running and separately pnpm cypress
to launch Cypress test engine.
Testing on IE11 requires a bit more setup. TestCafe tests will use the
playground application to test the locally built array.full.js bundle. It will
also verify that the events emitted during the testing of playground are loaded
into the PostHog app. By default it uses https://us.i.posthog.com and the
project with ID 11213. See the testcafe tests to see how to override these if
needed. For PostHog internal users ask @benjackwhite or @hazzadous to invite you
to the Project. You'll need to set POSTHOG_API_KEY
to your personal API key, and
POSTHOG_PROJECT_KEY
to the key for the project you are using.
You'll also need to sign up to BrowserStack. Note that if you are using CodeSpaces, these variables will already be available in your shell env variables.
After all this, you'll be able to run through the below steps:
nodemon -w src/ --exec bash -c "pnpm build-rollup"
.export BROWSERSTACK_USERNAME=xxx BROWSERSTACK_ACCESS_KEY=xxx
.npx testcafe "browserstack:ie" testcafe/e2e.spec.js
.You can use the create react app setup in playground/nextjs
to test posthog-js as an npm module in a Nextjs application.
posthog
locally on port 8000 (DEBUG=1 TEST=1 ./bin/start
).python manage.py setup_dev --no-data
on posthog repo, which sets up a demo account.http://localhost:8000/project/settings
and save it for the last step.cd playground/nextjs
.pnpm i
to install dependencies.pnpm run build-posthog-js
to build posthog-js
locally.NEXT_PUBLIC_POSTHOG_KEY='<your-local-api-key>' NEXT_PUBLIC_POSTHOG_HOST='http://localhost:8000' pnpm dev
to start the application.Install pnpm to link a local version of posthog-js
in another JS project: npm install -g pnpm
We have 2 options for linking this project to your local version: via pnpm link or via local paths
posthog-js
, go to the package.json
of that file, and replace the posthog-js
dependency version number with file:<relative_or_absolute_path_to_local_module>
package.json
within posthog
, replace "posthog-js": "1.131.4"
with "posthog-js": "file:../posthog-js"
pnpm install
from the root of the project in which you just created a local pathThen, once this link has been created, any time you need to make a change to posthog-js
, you can run pnpm build
from the posthog-js
root and the changes will appear in the other repo.
pnpm link
posthog-js
directory: pnpm link --global
posthog
this means: pnpm link --global posthog-js && pnpm i && pnpm copy-scripts
)pnpm link --global posthog-js
from within posthog
Just put a bump patch/minor/major
label on your PR! Once the PR is merged, a new version with the appropriate version bump will be released, and the dependency will be updated in posthog/PostHog – automatically.
If you forget to add the label, don't try to update the version locally as you won't be able to push that commit to the main branch. Instead, just make a new PR.
To release an alpha or beta version, you'll need to use the CLI locally:
Only one person is set as a collaborator on NPM, so they're the only person that can manually publish alphas
Make sure you're a collaborator on posthog-js
in npm (check here).
Make sure you're logged into the npm CLI (npm login
).
Check out your work-in-progress branch (do not release an alpha/beta from main
).
Run the following commands, using the same bump level (major/minor/patch) as your PR:
1npm version [premajor | preminor | prepatch] --preid=beta 2npm publish --tag beta 3git push --tags
Enjoy the new prerelease version. You can now use it locally, in a dummy app, or in the main repo.
Use the "release alpha" label on your PR to have an alpha version published automatically. This automation currently doesn't check whether an alpha exists for the version it will try to publish. If you need to publish two alphas from one PR you'll need to fix that
Remember that these versions are public and folk might use them, so make sure they're not too alpha 🙈
The latest stable version of the package.
Stable Version
1
5.4/10
Summary
Potential for cross-site scripting in PostHog-js
Affected Versions
< 1.57.2
Patched Versions
1.57.2
Reason
30 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
packaging workflow detected
Details
Reason
license file detected
Details
Reason
Found 18/30 approved changesets -- score normalized to 6
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
detected GitHub workflow tokens with excessive permissions
Details
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
Reason
security policy file not detected
Details
Reason
project is not fuzzed
Details
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
Reason
23 existing vulnerabilities detected
Details
Score
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More