chore(analytics): [ENG-1524] add product analytics with Posthog#84
chore(analytics): [ENG-1524] add product analytics with Posthog#84henchaves wants to merge 20 commits into
Conversation
️✅ There are no secrets present in this pull request anymore.If these secrets were true positive and are still valid, we highly recommend you to revoke them. 🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request. |
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces telemetry tracking using PostHog across the SDK. It adds a new _analytics.py module to handle event capture and provides a disable_telemetry utility. Integration points include client initialization, API error handling, and resource creation for agents, datasets, projects, and scans. Feedback focuses on improving the robustness of the telemetry implementation, specifically handling missing API keys in make_distinct_id to prevent crashes, ensuring thread safety during client initialization, and capturing events before raising exceptions in helper methods to ensure complete telemetry coverage.
henchaves
requested review from
kevinmessiaen
and removed request for
kevinmessiaen
…o ensure ValueError is raised after event capture when in error state
|
/gemini review |
There was a problem hiding this comment.
Code Review
This pull request introduces telemetry tracking using PostHog. It adds a new _analytics.py module to handle event capture and opt-out logic, and integrates telemetry calls across the SDK, including client initialization, resource creation, and error handling. Feedback includes correcting a non-existent method call in the PostHog client, adding version constraints for the new dependency, and optimizing environment variable lookups.
| "distro>=1.7.0, <2", | ||
| "rich", | ||
| "sniffio", | ||
| "posthog", |
There was a problem hiding this comment.
It is recommended to specify a version range for new dependencies to ensure compatibility and prevent breaking changes from future updates. For example, posthog>=3.0.0,<4 if version 3 is the current stable major version.
| "posthog", | |
| "posthog>=3.0.0,<4", |
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
|
/gemini review |
There was a problem hiding this comment.
Code Review
This pull request implements anonymous product-usage telemetry using PostHog, including a new _analytics module, documentation for opt-out mechanisms, and integration across the SDK to track client initialization, resource creation, and errors. The review identifies a high-risk security concern where capturing full exception objects could leak sensitive data (PII) to PostHog, recommending sanitized event capture instead. Additionally, feedback suggests evaluating opt-out environment variables dynamically at runtime rather than once at module import to ensure user preferences are correctly respected if modified after the library is loaded.
1 participant
No description provided.