Skip to content

[CI] (1776c51) nuxt/movies-nuxt-3-6#2726

Closed
wizard-ci-bot[bot] wants to merge 1 commit into
mainfrom
wizard-ci-1776c51-nuxt-movies-nuxt-3-6
Closed

[CI] (1776c51) nuxt/movies-nuxt-3-6#2726
wizard-ci-bot[bot] wants to merge 1 commit into
mainfrom
wizard-ci-1776c51-nuxt-movies-nuxt-3-6

Conversation

@wizard-ci-bot

@wizard-ci-bot wizard-ci-bot Bot commented Jul 10, 2026

Copy link
Copy Markdown

Automated wizard CI run

Source: wizard-pr
Trigger ID: 1776c51
App: nuxt/movies-nuxt-3-6
App directory: apps/nuxt/movies-nuxt-3-6
Workbench branch: wizard-ci-1776c51-nuxt-movies-nuxt-3-6
Wizard branch: release-please--branches--main--components--wizard
Context Mill branch: main
PostHog (MCP) branch: master
Timestamp: 2026-07-10T23:33:16.019Z
Duration: 313.3s

YARA Scanner

✓ 141 tool calls scanned, 0 violations detected

No violations: ✓ 141 clean scans

@wizard-ci-bot

wizard-ci-bot Bot commented Jul 10, 2026

Copy link
Copy Markdown
Author

PR Evaluation Report

Summary

This PR integrates PostHog into a Nuxt 3.0-3.6 movies app using the posthog-js client plugin pattern and posthog-node for server-side event capture. It adds client-side initialization via a Nuxt plugin, captures meaningful user actions (login, logout, search, media views, trailer plays, tab changes), implements user identification, error tracking, and server-side event capture for auth flows.

Files changed Lines added Lines removed
17 +234 -29

Confidence score: 4/5 👍

  • Redundant PostHog client instantiation on server: The login endpoint creates a new PostHog instance twice (once in the success path, once in the catch block) instead of reusing a single instance. This is wasteful but functional. [MEDIUM]
  • No .env.example update: The PR introduces NUXT_PUBLIC_POSTHOG_PROJECT_TOKEN and NUXT_PUBLIC_POSTHOG_HOST env vars but does not update any .env.example file to document them. [MEDIUM]
  • No reverse proxy configured: No reverse proxy is set up for the client-side PostHog SDK, meaning ad blockers can intercept events. [MEDIUM]

File changes

Filename Score Description
plugins/posthog.client.ts 4/5 New client plugin initializing PostHog with runtime config, re-identifying on page load, and hooking into Vue errors
composables/useAuth.ts 5/5 Adds identify on login, capture on login/logout, and reset on logout
server/api/auth/login.post.ts 3/5 Server-side capture of login events with posthog-node; redundant client instantiation in error path
server/api/auth/logout.post.ts 4/5 Server-side capture of logout events with proper shutdown
nuxt.config.ts 4/5 Adds PostHog runtime config with env var references
package.json 5/5 Adds posthog-js and posthog-node dependencies
pages/[type]/[id].vue 5/5 Captures media detail view with enriched properties
pages/search.vue 5/5 Captures search events and search errors
components/media/Details.vue 5/5 Captures tab selection events
components/media/Hero.vue 5/5 Captures trailer play from hero section
components/video/Card.vue 5/5 Captures trailer play from video cards
error.vue 5/5 Captures exceptions from Nuxt error page
pages/login.vue 5/5 Captures login exceptions
types/nuxt-app.d.ts 5/5 TypeScript declarations for
posthog-setup-report.md 4/5 Setup report documenting events and next steps

App sanity check ✅

Criteria Result Description
App builds and runs Yes No syntax errors, valid Nuxt plugin pattern, correct imports
Preserves existing env vars & configs Yes Existing runtime config and functionality preserved
No syntax or type errors Yes TypeScript types added, optional chaining used correctly
Correct imports/exports Yes posthog-js imported client-side only, posthog-node on server
Minimal, focused changes Yes Minor style reformatting (brace removal, whitespace) but nothing disruptive
Pre-existing issues None N/A

Issues

  • No .env.example update: New environment variables NUXT_PUBLIC_POSTHOG_PROJECT_TOKEN and NUXT_PUBLIC_POSTHOG_HOST are not documented in any .env.example file. Add them so collaborators know what to configure. [MEDIUM]

Other completed criteria

  • Build configuration valid — package.json correctly adds both posthog-js and posthog-node as dependencies
  • All changes relate to PostHog integration
  • Code follows existing codebase patterns (Nuxt composables, runtime config, plugin pattern)

PostHog implementation ⚠️

Criteria Result Description
PostHog SDKs installed Yes posthog-js ^1.399.2 and posthog-node ^5.40.0 added to package.json
PostHog client initialized Yes Initialized in plugins/posthog.client.ts using runtime config, with defaults, capture_pageview: 'history_change', and __add_tracing_headers
capture() Yes Multiple meaningful capture calls across components and pages
identify() Yes identify() called on login in useAuth, and on page load for returning users in the plugin's loaded callback; reset() called on logout
Error tracking Yes captureException in error.vue, login.vue, search.vue, and via vue:error hook in plugin; server-side captureException in login error path
Reverse proxy No No reverse proxy configured; __add_tracing_headers is set but no proxy rewrites are defined

Issues

  • No reverse proxy: Client-side PostHog requests go directly to us.i.posthog.com with no reverse proxy, making them susceptible to ad blockers. Configure Nuxt server middleware or a proxy rewrite to route through /ingest or similar. [MEDIUM]
  • Redundant PostHog Node client in login handler: The login endpoint creates two separate PostHog instances — one for the success path and one for the error path. A single instance created at the top of the handler and shared across both paths would be cleaner and more efficient. [MEDIUM]

Other completed criteria

  • API key loaded from environment variables via runtime config (NUXT_PUBLIC_POSTHOG_PROJECT_TOKEN)
  • API host correctly configured via environment variables (NUXT_PUBLIC_POSTHOG_HOST)
  • Server-side events use withContext for session/distinct ID linking
  • posthog.shutdown() called after server-side captures
  • Returning user identification handled in plugin loaded callback

PostHog insights and events ✅

Filename PostHog events Description
composables/useAuth.ts user_logged_in, user_logged_out Tracks login with method property, logout with session state
server/api/auth/login.post.ts auth_login_succeeded, captureException Server-side login tracking and error capture
server/api/auth/logout.post.ts auth_logout_completed Server-side logout tracking with cookie session flag
pages/[type]/[id].vue media_detail_viewed Tracks media detail page views with type, ID, and recommendation presence
pages/search.vue search_performed, captureException Tracks searches with query length and captures search errors
components/media/Details.vue media_tab_selected Tracks tab switches with media context
components/media/Hero.vue trailer_played Tracks trailer plays from hero section
components/video/Card.vue trailer_played Tracks trailer plays from video cards with source differentiation
error.vue captureException Captures Nuxt error page exceptions
pages/login.vue captureException Captures login form exceptions
plugins/posthog.client.ts captureException (via vue:error hook) Captures all Vue runtime errors

Issues

  • Search query not included in event: The search_performed event captures query_length but omits the actual search term. While this avoids potential PII, including a sanitized or truncated query would improve product insights significantly. [LOW]

Other completed criteria

  • Events represent real user actions (login, logout, search, media views, trailer plays, tab changes)
  • Events enable product insights — login-to-media-detail funnel, search trends, trailer engagement by source
  • Events include relevant properties (media_id, media_type, playback_source, login_method, etc.)
  • No PII in event properties — username used as distinct_id (acceptable for this demo app), no emails/names in capture properties
  • Event names are descriptive and use consistent snake_case convention

Reviewed by wizard workbench PR evaluator

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants