Skip to content

[CI] (tune-54-med) next-js/15-app-router-saas#2408

Closed
wizard-ci-bot[bot] wants to merge 1 commit into
mainfrom
wizard-ci-tune-54-med-next-js-15-app-router-saas
Closed

[CI] (tune-54-med) next-js/15-app-router-saas#2408
wizard-ci-bot[bot] wants to merge 1 commit into
mainfrom
wizard-ci-tune-54-med-next-js-15-app-router-saas

Conversation

@wizard-ci-bot

@wizard-ci-bot wizard-ci-bot Bot commented Jul 3, 2026

Copy link
Copy Markdown

Automated wizard CI run

Source: manual
Trigger ID: tune-54-med
App: next-js/15-app-router-saas
App directory: apps/next-js/15-app-router-saas
Workbench branch: wizard-ci-tune-54-med-next-js-15-app-router-saas
Wizard branch: 9f76b79948dd91bde15b8ff25aba5c96df50d5d3
Context Mill branch: main
PostHog (MCP) branch: master
Timestamp: 2026-07-03T17:19:23.092Z
Duration: 1361.3s

YARA Scanner

✓ 184 tool calls scanned, 0 violations detected

No violations: ✓ 184 clean scans

@wizard-ci-bot

wizard-ci-bot Bot commented Jul 3, 2026

Copy link
Copy Markdown
Author

Now I have all the context I need. Let me produce the evaluation report.


PR Evaluation Report

Summary

This PR integrates PostHog into a Next.js 15 App Router SaaS application. It adds both client-side (posthog-js) and server-side (posthog-node) SDKs, initializes the client via instrumentation-client.ts, sets up a reverse proxy via Next.js rewrites, and instruments auth, billing, and team management flows with meaningful events across 12 files.

Files changed Lines added Lines removed
12 +324 -30

Confidence score: 4/5 👍

  • .env.example not updated: The PostHog environment variables (NEXT_PUBLIC_POSTHOG_PROJECT_TOKEN, NEXT_PUBLIC_POSTHOG_HOST) are not documented in .env.example, only in .env.local. New developers won't know to set them. [MEDIUM]
  • API key committed in .env.local: The .env.local file contains a real PostHog project token (phc_xxxx...xxxx). While .env.local is typically gitignored, the .env.example should document the variable names without values. [LOW]
  • Hardcoded API key exposure in posthog-setup-report.md: The setup report contains direct links to a specific PostHog project (project ID 483112) which leaks organizational info. [LOW]

File changes

Filename Score Description
instrumentation-client.ts 5/5 New file correctly initializes posthog-js with env vars, reverse proxy host, error tracking, and defaults
lib/posthog-server.ts 5/5 New server-side PostHog client using posthog-node with flushAt:1/flushInterval:0 and helper functions using *Immediate methods
next.config.ts 5/5 Reverse proxy rewrites correctly route /ingest/static/*, /ingest/array/*, and /ingest/* to appropriate PostHog hosts
package.json 5/5 Both posthog-js and posthog-node added as dependencies
app/(dashboard)/layout.tsx 4/5 Identifies user on load and calls reset() on sign out; uses useEffect appropriately for external system sync
app/(login)/actions.ts 5/5 Comprehensive server-side event capture for sign-in, sign-up, password update, account delete/update, team member invite/remove
app/(login)/login.tsx 4/5 Client-side form submission tracking for sign-in and sign-up
app/(dashboard)/pricing/submit-button.tsx 5/5 Captures pricing CTA click in event handler
lib/payments/actions.ts 4/5 Server-side checkout and billing portal events with team context
app/api/stripe/checkout/route.ts 5/5 Captures checkout completion and exceptions
app/api/stripe/webhook/route.ts 5/5 Captures webhook processing and signature verification errors
posthog-setup-report.md N/A Setup documentation, not evaluated for code quality

App sanity check ⚠️

Criteria Result Description
App builds and runs Yes Code is syntactically correct; build blocked only by pre-existing missing POSTGRES_URL
Preserves existing env vars & configs Yes Existing configs preserved; only PostHog additions made
No syntax or type errors Yes All TypeScript usage is correct; *Immediate methods confirmed to exist in posthog-node v5.39.4
Correct imports/exports Yes All imports are valid — posthog-js client-side, posthog-node server-side, server-only guard on server module
Minimal, focused changes Yes All changes relate to PostHog integration
Pre-existing issues Missing POSTGRES_URL prevents full build verification

Issues

  • Environment variables not documented in .env.example: NEXT_PUBLIC_POSTHOG_PROJECT_TOKEN and NEXT_PUBLIC_POSTHOG_HOST are missing from .env.example. Add them so collaborators know what to configure. [MEDIUM]

Other completed criteria

  • Build configuration is valid with correct rewrites and skipTrailingSlashRedirect in next.config.ts
  • server-only import in lib/posthog-server.ts correctly prevents accidental client-side usage
  • No existing functionality broken — form actions, auth flows, and Stripe integrations preserved

PostHog implementation ✅

Criteria Result Description
PostHog SDKs installed Yes posthog-js@^1.396.6 and posthog-node@^5.39.4 in package.json
PostHog client initialized Yes Client: instrumentation-client.ts with posthog.init(). Server: singleton PostHog instance in lib/posthog-server.ts with flushAt:1, flushInterval:0
capture() Yes Multiple meaningful capture() calls on both client and server
identify() Yes Client-side posthog.identify(user.id.toString(), { role }) in dashboard layout; server-side identifyImmediate on sign-in/sign-up; posthog.reset() on logout
Error tracking Yes capture_exceptions: true in init config enables autocapture; captureServerException used for Stripe errors
Reverse proxy Yes Next.js rewrites in next.config.ts correctly route /ingest/static/* and /ingest/array/* to assets host, and /ingest/* to API host; api_host: '/ingest' and ui_host configured

Other completed criteria

  • API key loaded from process.env.NEXT_PUBLIC_POSTHOG_PROJECT_TOKEN environment variable (not hardcoded in source)
  • Host correctly configured via process.env.NEXT_PUBLIC_POSTHOG_HOST
  • Reverse proxy correctly derives assets host by replacing //us. with //us-assets. and //eu. with //eu-assets.
  • defaults: '2026-05-30' set per current docs
  • debug mode correctly conditional on development environment

PostHog insights and events ✅

Filename PostHog events Description
app/(login)/login.tsx sign_in_submitted, sign_up_submitted Client-side form submission tracking with redirect and invite context
app/(login)/actions.ts user_signed_in, user_signed_up, password_updated, account_deleted, account_updated, team_member_removed, team_member_invited Server-side auth and team management events with enriched properties
app/(dashboard)/pricing/submit-button.tsx pricing_cta_clicked Client-side pricing CTA click
lib/payments/actions.ts checkout_started, billing_portal_opened Server-side billing flow events
app/api/stripe/checkout/route.ts subscription_checkout_completed, captureServerException Checkout completion and error tracking
app/api/stripe/webhook/route.ts subscription_webhook_processed, captureServerException Webhook processing and signature verification errors
app/(dashboard)/layout.tsx identify, reset User identification on load and reset on logout

Other completed criteria

  • Events represent real user actions mapping to actual product flows (auth, billing, team management)
  • Events enable product insights — can build auth funnels (submitted → signed in), billing funnels (CTA → checkout → completed), and team management trends
  • Events include enriched properties (team_id, authentication_flow, stripe_subscription_status, plan_name, etc.)
  • No PII in event properties — only role, team_id, booleans, and status fields; email/name not sent in capture properties
  • Event names follow consistent snake_case convention with descriptive action names

Reviewed by wizard workbench PR evaluator

@wizard-ci-bot wizard-ci-bot Bot added the CI/CD label Jul 3, 2026
@wizard-ci-bot wizard-ci-bot Bot closed this Jul 3, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants