feat(js-sdk): Enable $web_vitals reporting when cookieless mode is enabled

[eli-r-ph]

Problem

Right now reporting of $web_vitals is disabled when cookieless_mode is enabled, because cookieless mode disables the session ID manager, which gates vitals logic.

I think this is a safe change because the ingestion (backend) processing because:

• Web vitals events carry the cookieless mode property
• A top-level $session_id is generated for cookieless-enabled events
• Cookieless enabled events that can't be hashed or generate a proper session ID are dropped

I think this is safe on the product (access path side) because:

• Access patterns I found in the product rely on page path not session ID
• Replay inspector relies on name, rating and value, not session ID
• Top level $session_id is available on cookieless web vitals events

Ad-hoc HogQL queries could attempt to access a nested session ID (available on cookieless-disabled events only) and this could break in the product. I'm not sure whether this is a blocker on shipping the change

Changes

• Enable publishing of $web_vitals events even when cookieless mode is enabled (session ID manager not present)
• Related test changes

Release info Sub-libraries affected

Libraries affected

• All of them
• posthog-js (web)
• posthog-js-lite (web lite)
• posthog-node
• posthog-react-native
• @posthog/react
• @posthog/ai
• @posthog/convex
• @posthog/next
• @posthog/nextjs-config
• @posthog/nuxt
• @posthog/rollup-plugin
• @posthog/webpack-plugin
• @posthog/types

Checklist

• Tests for new code
• Accounted for the impact of any changes across different platforms
• Accounted for backwards compatibility of any changes (no breaking changes!)
• Took care not to unnecessarily increase the bundle size

If releasing new changes

• Ran pnpm changeset to generate a changeset file

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
posthog-example-next-app-router	Error		May 13, 2026 1:49pm
posthog-js	Error		May 13, 2026 1:49pm
posthog-nextjs-config	Error		May 13, 2026 1:49pm

[github-actions]

📝 No Changeset Found

This PR doesn't include a changeset. A changeset is required to release a new version.

How to add a changeset

Run this command and follow the prompts:

pnpm changeset

Remember: Never use major version bumps for posthog-js as it's autoloaded by clients.

[github-actions]

⚠️ 2 packages modified but this PR has no changeset

This is informational — the PR is not blocked. Click the triangle above to collapse, or push a fix and this comment will auto-delete.

Modified in this PR but no changeset added:

• @posthog/types
• posthog-js

If this change should ship, run pnpm changeset and select a bump level.
If it isn't user-facing (refactor with no behavior change, internal tooling, generated files), no action needed.