[CI] (6fb03e7) rails/fizzy#1481
Closed
wizard-ci-bot[bot] wants to merge 1 commit into
Closed
Conversation
Author
|
The CSP initializer wasn't modified in this PR. The snippet uses a nonce which is good. Now I have enough context to write the evaluation. PR Evaluation ReportSummaryThis PR integrates PostHog into a Ruby on Rails kanban app ("Fizzy") by adding
Confidence score: 4/5 👍
File changes
App sanity check
|
| Criteria | Result | Description |
|---|---|---|
| App builds and runs | Yes | Gem additions and Ruby code are syntactically correct |
| Preserves existing env vars & configs | Yes | Only additions, no existing code removed (except minor refactor in assignments_controller) |
| No syntax or type errors | Yes | All Ruby and ERB syntax is valid |
| Correct imports/exports | Yes | Uses PostHog.capture / PostHog.identify class-level methods correctly per posthog-rails |
| Minimal, focused changes | Yes | All changes relate to PostHog integration |
| Pre-existing issues | None | No pre-existing issues observed |
Issues
- No .env.example file:
POSTHOG_PROJECT_TOKENandPOSTHOG_HOSTare required by the initializer and JS snippet but not documented in any committed file. A.env.exampleshould be added so new developers know which variables to set. [MEDIUM]
Other completed criteria
- App builds without errors — gem additions and code are syntactically valid
- Existing app functionality preserved — only additive changes
- Changes are minimal and focused on PostHog integration
- Build configuration (Gemfile) is valid
PostHog implementation ⚠️
| Criteria | Result | Description |
|---|---|---|
| PostHog SDKs installed | Yes | posthog-ruby and posthog-rails in Gemfile; posthog-js via <script> tag in layout |
| PostHog client initialized | Yes | PostHog.init with env-based config + PostHog::Rails.configure with error tracking, ActiveJob instrumentation, and user context |
| capture() | Yes | 12 meaningful events captured across 11 controllers using PostHog.capture() class method |
| identify() | No | Uses raw email addresses as distinct_id (identity&.email_address). Multiple controllers bypass posthog_distinct_id and use email directly, causing fragmented data |
| Error tracking | Yes | auto_capture_exceptions: true, report_rescued_exceptions: true, auto_instrument_active_job: true — comprehensive error tracking |
| Reverse proxy | No | posthog-js snippet loaded directly from PostHog CDN with no reverse proxy configured |
Issues
- Raw email as distinct_id: The
posthog_distinct_idmethod returnsidentity&.email_address || id.to_s, making email the primary distinct ID. This is a PostHog anti-pattern — emails are PII, can change, and should not be used as the canonical identifier. The method should returnid.to_sas primary and set email via person properties. [CRITICAL] - Inconsistent distinct_id usage:
sessions_controller.rbusesCurrent.identity.email_address,magic_links_controller.rbusesmagic_link.identity.email_address, andjoin_codes_controller.rbuses@identity.email_address— all bypassing theposthog_distinct_idmethod. Events from the same user will be split across different identifiers. [MEDIUM] - No reverse proxy: Client-side posthog-js connects directly to PostHog, making it susceptible to ad blockers. A reverse proxy through the Rails app would improve data collection reliability. [MEDIUM]
Other completed criteria
- PostHog SDK correctly added to Gemfile
- Initializer follows documented posthog-rails pattern with
PostHog.initblock - API key loaded from
ENV.fetch("POSTHOG_PROJECT_TOKEN", nil)— not hardcoded - Host loaded from
ENV.fetch("POSTHOG_HOST", nil)— correctly configured current_userhelper method properly added to ApplicationController for posthog-rails user contextuser_id_method: :posthog_distinct_idcorrectly configured in Rails config- posthog-js snippet uses CSP nonce for security
- Client-side identify conditionally called only when user is authenticated
PostHog insights and events ✅
| Filename | PostHog events | Description |
|---|---|---|
signups/completions_controller.rb |
signed_up |
Captures new account creation with account_id; also calls identify with person properties |
sessions/magic_links_controller.rb |
signed_in |
Captures magic link authentication with login_method property; also calls identify |
sessions_controller.rb |
signed_out |
Captures session termination |
account/cancellations_controller.rb |
account_cancelled |
Captures account deletion (churn event) with account_id |
boards_controller.rb |
board_created |
Captures board creation with board_id and board_name |
boards/publications_controller.rb |
board_published |
Captures board publication with board_id and board_name |
cards_controller.rb |
card_created |
Captures card creation with board_id and card_id |
cards/closures_controller.rb |
card_closed |
Captures card completion with card_id and board_id |
cards/triages_controller.rb |
card_triaged |
Captures card triage with card_id, board_id, and column_id |
cards/comments_controller.rb |
card_commented |
Captures comment creation with card_id and board_id |
cards/assignments_controller.rb |
card_assigned |
Captures card assignment with card_id, board_id, and assignee_id |
join_codes_controller.rb |
joined_via_invite |
Captures invite code redemption with account_id |
config/initializers/posthog.rb |
capturedException |
Auto-captures controller exceptions, rescued exceptions, and ActiveJob failures |
Issues
No event quality issues — events are well-named, represent real user actions, and include relevant contextual properties.
Other completed criteria
- Events represent real user actions across the full product lifecycle (signup → usage → churn)
- Events enable product insights: signup-to-first-card funnel, DAU trends, churn tracking, card completion rates
- All events include relevant contextual properties (board_id, card_id, account_id, etc.)
- No PII in event properties — emails only appear as distinct_id (separate concern) and in person properties via identify
- Event names are descriptive, consistent snake_case, and follow
[object]_[verb]convention
Reviewed by wizard workbench PR evaluator
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Automated wizard CI run
Source: scheduled
Trigger ID:
6fb03e7App:
rails/fizzyApp directory:
apps/rails/fizzyWorkbench branch:
wizard-ci-6fb03e7-rails-fizzyWizard branch:
mainContext Mill branch:
mainPostHog (MCP) branch:
masterTimestamp: 2026-05-13T17:37:03.569Z
Duration: 511.2s