npm - posthog-node - Versions diffs - 5.2.1 → 5.3.1 - Mend

posthog-node 5.2.1 → 5.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,9 @@
 # Next
+# 5.3.1 - 2025-07-07
+1. feat: decouple feature flag local evaluation from personal API keys; support decrypting remote config payloads without relying on the feature flags poller
 # 5.2.1 - 2025-07-07
 1. feat: add captureExceptionImmediate method on posthog client

package/lib/edge/index.cjs CHANGED Viewed

@@ -937,7 +937,7 @@ function setupExpressErrorHandler(_posthog, app) {
   });
 }
-var version = "5.2.1";
+var version = "5.3.1";
 var PostHogPersistedProperty;
 (function (PostHogPersistedProperty) {
@@ -2501,23 +2501,6 @@ class FeatureFlagsPoller {
   stopPoller() {
     clearTimeout(this.poller);
   }
-  _requestRemoteConfigPayload(flagKey) {
-    const url = `${this.host}/api/projects/@current/feature_flags/${flagKey}/remote_config/`;
-    const options = this.getPersonalApiKeyRequestOptions();
-    let abortTimeout = null;
-    if (this.timeout && typeof this.timeout === 'number') {
-      const controller = new AbortController();
-      abortTimeout = safeSetTimeout(() => {
-        controller.abort();
-      }, this.timeout);
-      options.signal = controller.signal;
-    }
-    try {
-      return this.fetch(url, options);
-    } finally {
-      clearTimeout(abortTimeout);
-    }
-  }
 }
 // # This function takes a distinct_id and a feature flag key and returns a float between 0 and 1.
 // # Given the same distinct_id and key, it'll always return the same float. These floats are
@@ -2802,21 +2785,25 @@ class PostHogBackendClient extends PostHogCoreStateless {
       if (options.personalApiKey.includes('phc_')) {
         throw new Error('Your Personal API key is invalid. These keys are prefixed with "phx_" and can be created in PostHog project settings.');
       }
-      this.featureFlagsPoller = new FeatureFlagsPoller({
-        pollingInterval: this.options.featureFlagsPollingInterval,
-        personalApiKey: options.personalApiKey,
-        projectApiKey: apiKey,
-        timeout: options.requestTimeout ?? 10000,
-        host: this.host,
-        fetch: options.fetch,
-        onError: err => {
-          this._events.emit('error', err);
-        },
-        onLoad: count => {
-          this._events.emit('localEvaluationFlagsLoaded', count);
-        },
-        customHeaders: this.getCustomHeaders()
-      });
+      // Only start the poller if local evaluation is enabled (defaults to true for backward compatibility)
+      const shouldEnableLocalEvaluation = options.enableLocalEvaluation !== false;
+      if (shouldEnableLocalEvaluation) {
+        this.featureFlagsPoller = new FeatureFlagsPoller({
+          pollingInterval: this.options.featureFlagsPollingInterval,
+          personalApiKey: options.personalApiKey,
+          projectApiKey: apiKey,
+          timeout: options.requestTimeout ?? 10000,
+          host: this.host,
+          fetch: options.fetch,
+          onError: err => {
+            this._events.emit('error', err);
+          },
+          onLoad: count => {
+            this._events.emit('localEvaluationFlagsLoaded', count);
+          },
+          customHeaders: this.getCustomHeaders()
+        });
+      }
     }
     this.errorTracking = new ErrorTracking(this, options);
     this.distinctIdHasSentFlagCalls = {};
@@ -3172,7 +3159,10 @@ class PostHogBackendClient extends PostHogCoreStateless {
     return response;
   }
   async getRemoteConfigPayload(flagKey) {
-    const response = await this.featureFlagsPoller?._requestRemoteConfigPayload(flagKey);
+    if (!this.options.personalApiKey) {
+      throw new Error('Personal API key is required for remote config payload decryption');
+    }
+    const response = await this._requestRemoteConfigPayload(flagKey);
     if (!response) {
       return undefined;
     }
@@ -3266,6 +3256,38 @@ class PostHogBackendClient extends PostHogCoreStateless {
     this.featureFlagsPoller?.stopPoller();
     return super._shutdown(shutdownTimeoutMs);
   }
+  async _requestRemoteConfigPayload(flagKey) {
+    if (!this.options.personalApiKey) {
+      return undefined;
+    }
+    const url = `${this.host}/api/projects/@current/feature_flags/${flagKey}/remote_config/`;
+    const options = {
+      method: 'GET',
+      headers: {
+        ...this.getCustomHeaders(),
+        'Content-Type': 'application/json',
+        Authorization: `Bearer ${this.options.personalApiKey}`
+      }
+    };
+    let abortTimeout = null;
+    if (this.options.requestTimeout && typeof this.options.requestTimeout === 'number') {
+      const controller = new AbortController();
+      abortTimeout = safeSetTimeout(() => {
+        controller.abort();
+      }, this.options.requestTimeout);
+      options.signal = controller.signal;
+    }
+    try {
+      return await this.fetch(url, options);
+    } catch (error) {
+      this._events.emit('error', error);
+      return undefined;
+    } finally {
+      if (abortTimeout) {
+        clearTimeout(abortTimeout);
+      }
+    }
+  }
   addLocalPersonAndGroupProperties(distinctId, groups, personProperties, groupProperties) {
     const allPersonProperties = {
       distinct_id: distinctId,