Add PostHog integration, email utilities, and GitHub Actions workflow for releases

[cubxxw]

User description

Integrate PostHog for event tracking and user identification, implement utility functions for email management, and establish a GitHub Actions workflow to automate the creation of release drafts.

FIX: #10

---

Description

• Integrated PostHog for event tracking and user identification.
• Implemented utility functions for email management.
• Established a GitHub Actions workflow to automate release draft creation.

---

Changes walkthrough 📝

	Relevant files
Configuration changes	release.yml GitHub Actions Workflow for Release Drafts                              .github/workflows/release.yml Added a GitHub Actions workflow for release draft creation. Includes steps for extracting changelog and creating a release draft. +61/-0
Enhancement	posthog.py PostHog Middleware for API Event Tracking                                backend/app/api/middlewares/posthog.py Implemented PostHogMiddleware for capturing API events. Middleware tracks request duration and user identification. +38/-0    config.py Configuration for PostHog Integration                                        backend/app/core/config.py Added PostHog configuration settings. Introduced a computed property to check if PostHog is enabled. +10/-0    main.py FastAPI Integration with PostHog                                                  backend/app/main.py Initialized PostHog in the FastAPI application. Added PostHog middleware to the app. +11/-0    posthog_tracker.py Utility for PostHog Event Tracking                                              backend/app/utils/posthog_tracker.py Created PostHogTracker utility for event capturing and user identification. Methods to capture events and identify users based on distinct IDs. +37/-0
Formatting	email.py Email Template Path Adjustment                                                      backend/app/utils/email.py Adjusted path for rendering email templates. +2/-2

---

💡 Penify usage:
Comment /help on the PR to get a list of all available Penify tools and their descriptions

[qodo-code-review]

Qodo Merge was enabled for this repository. To continue using it, please link your Git account with your Qodo account here.

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 3 🔵🔵🔵⚪⚪

🧪 No relevant tests

🔒 No security concerns identified

⚡ Recommended focus areas for review Non-English Comments The PostHogTracker class contains Chinese comments that should be translated to English for consistency with the rest of the codebase. """捕获 PostHog 事件""" if not settings.posthog_enabled: Exception Handling The middleware silently catches all exceptions when trying to get the user ID. Consider logging these exceptions or handling specific exception types instead of using a broad except clause. except Exception: pass Hardcoded Repository The summary step contains a hardcoded repository URL (nextjs-fastapi-template) which might not be correct for this project. echo "Visit the [Releases section](https://github.com/vintasoftware/nextjs-fastapi-template/releases) to review and publish the release." >> $GITHUB_STEP_SUMMARY echo "Once the draft is published, another action will automatically be triggered to publish the packages." >> $GITHUB_STEP_SUMMARY

[penify-dev]

PR Review 🔍

⏱️ Estimated effort to review [1-5]	4, because the PR introduces multiple new files and functionalities, including a GitHub Actions workflow, middleware for event tracking, and utility functions for email management, which require thorough testing and validation.
🧪 Relevant tests	No
⚡ Possible issues	Integration Complexity: The integration of PostHog may introduce complexity in tracking events, especially if the user authentication flow changes.
	Error Handling: The error handling in the GitHub Actions workflow could be improved to provide more informative feedback in case of failures.
🔒 Security concerns	No

[qodo-code-review]

Qodo Merge was enabled for this repository. To continue using it, please link your Git account with your Qodo account here.

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
Possible issue	Improve version matching The script assumes the version in CHANGELOG.md is exactly the same as the input version, but version formats might differ (e.g., "1.0" vs "1.0.0"). Consider using a more flexible pattern matching to find the correct version section. .github/workflows/release.yml [24-32] - name: Extract changelog for version run: | VERSION=${{ github.event.inputs.version }} - # Extract changelog for version - CHANGELOG=$(awk -v version="$VERSION" 'BEGIN{RS="## "; FS="\n"} $0 ~ version {print "## "$0}' CHANGELOG.md) + # Extract changelog for version (with more flexible matching) + CHANGELOG=$(awk -v version="$VERSION" 'BEGIN{RS="## "; FS="\n"} $0 ~ "^"version"(\\.[0-9]+)*" {print "## "$0}' CHANGELOG.md) # Remove the first line (version title) CHANGELOG=$(echo "$CHANGELOG" | sed '1d') Apply this suggestion Suggestion importance[1-10]: 6 __ Why: The suggestion correctly identifies a potential issue where the awk script might fail if the version format in CHANGELOG.md doesn't exactly match the input version. The proposed change makes the script more robust.	Low
Update

[penify-dev]

PR Code Suggestions ✨

Category	Suggestion	Score
Security	Use environment variables for sensitive configuration values Consider using environment variables for the POSTHOG_API_KEY and POSTHOG_HOST to enhance security and flexibility in different environments. backend/app/core/config.py [148] -POSTHOG_API_KEY: str | None = None +POSTHOG_API_KEY: str | None = os.getenv("POSTHOG_API_KEY") Suggestion importance[1-10]: 9 Why: This suggestion significantly improves security by recommending the use of environment variables for sensitive information, which is a best practice in application configuration.	9
Possible issue	Capture events only for successful API requests Ensure that the PostHogTracker.capture_event method is called only if the response status code indicates a successful request (e.g., 2xx status codes). backend/app/api/middlewares/posthog.py [27-36] -PostHogTracker.capture_event( +if 200 <= response.status_code < 300: + PostHogTracker.capture_event( Suggestion importance[1-10]: 8 Why: This suggestion addresses a potential issue where events could be captured for unsuccessful requests, which could lead to misleading analytics. It correctly identifies a necessary condition for capturing events.	8
Maintainability	Implement error handling for event capturing to prevent silent failures Add error handling for the posthog.capture and posthog.identify methods to log any exceptions that may occur during event capturing. backend/app/utils/posthog_tracker.py [18-23] -posthog.capture( +try: + posthog.capture( +except Exception as e: + # Log the error (consider using a logging framework) + print(f"Error capturing event: {e}") Suggestion importance[1-10]: 7 Why: Implementing error handling is important for maintainability, but the suggestion lacks specificity on how to log errors effectively, which could limit its usefulness.	7
Enhancement	Validate the version input format for the release process Consider adding a step to validate the version input to ensure it follows semantic versioning or a specific format before proceeding with the release process. .github/workflows/release.yml [6-9] -version: +version: + description: "Version of the release (must follow semantic versioning)" + required: true + type: string Suggestion importance[1-10]: 6 Why: While validating the version input is a good practice, the suggestion does not provide a concrete implementation for validation and only suggests changing the description.	6