[CI] (582c032) tanstack-start/tanstack-start-saas

[wizard-ci-bot]

Automated wizard CI run

Source: wizard-pr
Trigger ID: 582c032
App: tanstack-start/tanstack-start-saas
App directory: apps/tanstack-start/tanstack-start-saas
Workbench branch: wizard-ci-582c032-tanstack-start-tanstack-start-saas
Wizard branch: agent-jail
Context Mill branch: main
PostHog (MCP) branch: master
Timestamp: 2026-03-12T22:58:46.167Z
Duration: 1675.3s

[wizard-ci-bot]

Now I have all the information needed to write the evaluation. Let me compile the PR evaluation report:

---

PR Evaluation Report

Summary

This PR integrates PostHog analytics into a TanStack Start SaaS application. It adds both client-side (@posthog/react) and server-side (posthog-node) tracking, implements exception capture in the error boundary, configures a Vite dev proxy for ad-blocker circumvention, and instruments various invoice-related user actions across the application.

Files changed	Lines added	Lines removed
13	+204	-3

Confidence score: 3/5 🤔

• Reverse proxy only works in development: The Vite server.proxy configuration does not apply in production builds. Production deployments will fail to send events through /ingest endpoint without additional Nitro proxy configuration. [CRITICAL]
• No .env.example or environment variable documentation: The integration requires VITE_PUBLIC_POSTHOG_PROJECT_TOKEN and VITE_PUBLIC_POSTHOG_HOST but these are not documented anywhere in the project. [MEDIUM]
• Server-side events use invoice IDs as distinctId: Using invoice- as the distinctId prevents proper user attribution and session linking for server-side events. [MEDIUM]

---

File changes

Filename	Score	Description
package.json	5/5	Correctly adds @posthog/react ^1.8.2 and posthog-node ^5.28.1 dependencies
posthog-setup-report.md	4/5	Documentation of instrumented events; useful for onboarding but claims app_error_caught event which actually uses captureException
src/components/DefaultCatchBoundary.tsx	4/5	Adds exception capture using usePostHog hook; missing posthog in useEffect dependency array
src/routes/__root.tsx	4/5	PostHogProvider wrapper with proper configuration; uses latest SDK defaults and exception capture
src/routes/api/invoices..pay.ts	3/5	Server-side event capture for payment processing; uses invoice ID as distinctId instead of user
src/routes/api/invoices..ts	3/5	Server-side events for update/delete; same distinctId issue; properly captures operation metadata
src/routes/api/invoices.ts	3/5	Server-side event for invoice creation; same distinctId pattern issue
src/routes/posts..tsx	4/5	Client-side events for invoice detail view and mark as paid; missing posthog in useEffect deps
src/routes/posts.index.tsx	5/5	Clean integration capturing invoice creation with relevant properties
src/routes/posts_..deep.tsx	5/5	Captures mark as paid and PDF download click with proper properties
src/routes/users..tsx	4/5	Team member viewed event; missing posthog in useEffect dependency array
src/utils/posthog-server.ts	4/5	Singleton PostHog client; uses both process.env and import.meta.env fallback; proper flush settings
vite.config.ts	2/5	Dev-only proxy configuration; won't work in production

---

App sanity check: 4/5 ✅

Criteria	Result	Description
App builds and runs	Yes	Build completes successfully with no errors
Preserves existing env vars & configs	Yes	No existing configuration modified beyond necessary additions
No syntax or type errors	Yes	TypeScript compilation passes without errors
Correct imports/exports	Yes	All imports properly structured with correct paths
Minimal, focused changes	Yes	Changes are focused on PostHog integration only

Issues

• Missing environment variable documentation: VITE_PUBLIC_POSTHOG_PROJECT_TOKEN and VITE_PUBLIC_POSTHOG_HOST are required but not documented in README or an .env.example file. [MEDIUM]
• useEffect dependency warnings: Several useEffect hooks are missing posthog in their dependency arrays (DefaultCatchBoundary.tsx, posts..tsx, users..tsx). While this works due to PostHog's stable reference, it violates React exhaustive-deps rules. [LOW]

Other completed criteria

• Clear, readable code following existing patterns
• Consistent naming conventions
• Error handling preserved in all modified files
• No unnecessary code changes

---

PostHog implementation: 3/5 ⚠️

Criteria	Result	Description
PostHog SDKs installed	Yes	@posthog/react ^1.8.2 and posthog-node ^5.28.1 in dependencies
PostHog client initialized	Yes	PostHogProvider in __root.tsx shell component wraps entire app; server client singleton in posthog-server.ts
capture()	Yes	Multiple events captured: invoice_created, invoice_detail_viewed, invoice_marked_paid, invoice_pdf_download_clicked, team_member_viewed, and server-side events
Identify()	No	No posthog.identify() calls present; users are not identified
Error tracking	Yes	posthog.captureException(error) in DefaultCatchBoundary with capture_exceptions: true in config
Reverse proxy	Partial	Vite dev server proxy configured for /ingest → https://us.i.posthog.com, but this only works in development mode

Issues

• Production reverse proxy missing: The server.proxy configuration in vite.config.ts only works during Vite dev server. Production builds using Nitro need route rules or a separate proxy configuration. Events will fail to send in production. [CRITICAL]
• No user identification: The integration lacks posthog.identify() calls. Without user identification, all events are tied to anonymous users and cannot be attributed to specific authenticated users. [MEDIUM]
• Server-side distinctId uses invoice ID: Server-side events use invoice- as the distinctId instead of the actual user ID. This breaks user attribution and prevents proper funnel analysis across client and server events. [MEDIUM]

Other completed criteria

• API key sourced from environment variable (not hardcoded)
• Modern SDK defaults (defaults: '2025-05-24')
• Debug mode enabled only in development (debug: import.meta.env.DEV)
• Proper ui_host configuration separate from api_host
• Server-side client uses flushAt: 1 and flushInterval: 0 for immediate event delivery
• Session ID forwarding attempted via X-PostHog-Session-Id header

---

PostHog insights and events: 4/5 ✅

Filename	PostHog events	Description
posts.index.tsx	invoice_created	Captures invoice creation with title, amount, due_date - supports creation trends
posts..tsx	invoice_detail_viewed, invoice_marked_paid	Tracks funnel from viewing invoice to payment - enables conversion analysis
posts_..deep.tsx	invoice_marked_paid, invoice_pdf_download_clicked	Captures deep view actions; PDF download indicates export intent
users..tsx	team_member_viewed	Tracks team member profile views with user_id, name, role
DefaultCatchBoundary.tsx	captureException	Captures application errors with full error context
api/invoices.ts	invoice_created_server	Server-side invoice creation - enables backend validation of client events
api/invoices..ts	invoice_updated, invoice_deleted	Captures CRUD operations with field-level change tracking
api/invoices..pay.ts	invoice_payment_processed	Server-side payment processing event with amount

Issues

• Duplicate event naming: Both client-side and server-side have invoice creation events (invoice_created vs invoice_created_server). Consider unifying naming or clearly distinguishing source in properties. [LOW]

Other completed criteria

• Events represent real user actions (create, view, pay, download)
• Events can build meaningful funnels (view → pay)
• Properties include relevant context (amount, status, invoice_id)
• Server-side events include source: 'api' for differentiation
• No PII in event properties (uses IDs rather than sensitive data)
• Events align with documented insights in setup report

---

Reviewed by wizard workbench PR evaluator