chore(deps): bump posthog-js from 1.352.1 to 1.356.2

[dependabot]

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

---

Bumps posthog-js from 1.352.1 to 1.356.2.

Release notes

Sourced from posthog-js's releases.

posthog-js@1.356.2

1.356.2

Patch Changes

• #3174 e9127d8 Thanks @​TueHaulund! - Detect and report when rrweb fails to initialize. rrweb's record() silently swallows startup errors and returns undefined, which previously left the SDK reporting an active recording status while capturing zero data. The SDK now checks the return value and reports a new rrweb_error status, making the failure visible in debug properties. (2026-03-02)

• #3175 6ee5f12 Thanks @​TueHaulund! - Fix memory leak in canvas recording on Safari < 16.4 where ImageBitmaps were never closed when OffscreenCanvas was unavailable in the web worker. (2026-03-02)

• #3178 186871a Thanks @​TueHaulund! - Skip canvas FPS recording entirely on browsers without OffscreenCanvas support (Safari < 16.4) instead of running a wasteful requestAnimationFrame loop that can never produce data. Also includes displayWidth/displayHeight in canvas mutation data for correct replay sizing. (2026-03-02)

• #3176 87bae20 Thanks @​dustinbyrne! - fix: Drop explicit exports (2026-03-02)

• #3172 2e46959 Thanks @​dustinbyrne! - fix: Compressed requests use ArrayBuffer (2026-03-02)

• Updated dependencies []:

  • @​posthog/types@​1.356.2

posthog-js@1.356.1

1.356.1

Patch Changes

• #3128 a500d14 Thanks @​ksvat! - wait for fresh config before recording start decision, add new recorder status, output recording started event (2026-02-27)
• Updated dependencies []:
  • @​posthog/types@​1.356.1

posthog-js@1.356.0

1.356.0

Minor Changes

• #3142 ec54fd8 Thanks @​dmarticus! - Add feature_flag_cache_ttl_ms config to prevent stale flag values (2026-02-26)

Patch Changes

• #3154 a47179c Thanks @​slshults! - fix: Improve tablet device type detection when Chrome sends desktop-like UA strings

  Chrome on Android tablets defaults to "request desktop site" mode, sending a UA string indistinguishable from desktop Linux. This uses the Client Hints API (navigator.userAgentData.platform) and touch capability (navigator.maxTouchPoints) to correctly classify these devices as Tablet or Mobile when UA-based detection falls through to the Desktop default. (2026-02-26)

• #3145 d741668 Thanks @​dmarticus! - Adds a remote_config_refresh_interval_ms config option to control how often feature flags are automatically refreshed in long-running sessions.

... (truncated)

Commits

• f149eb9 chore: update versions and lockfile [version bump]
• 2e46959 fix(browser): Send gzipped request body as ArrayBuffer (#3172)
• 186871a chore(deps): bump @​posthog/rrweb-* to 0.0.44 (#3178)
• 87bae20 fix(browser): Drop explicit exports in package.json (#3176)
• e9127d8 fix(replay): detect and report rrweb silent initialization failure (#3174)
• 6ee5f12 chore(deps): bump @​posthog/rrweb-* to 0.0.43 (#3175)
• 0dc03b0 feat(node): Add timestamp tracking for debugging local feature flag evaluatio...
• 18dfcc1 docs: add backwards compatibility warnings to recorder entrypoints (#3167)
• 7ba6a27 chore: update versions and lockfile [version bump]
• a500d14 fix(replay): wait for new config before recording decision (#3128)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)