better way to use posthog

[misrasaurabh1]

PR Type

Enhancement

---

Description

• Switch docs tracking to PostHog integration

• Remove custom PostHog bootstrap script

• Update docs config integrations block

---

Diagram Walkthrough

flowchart LR
  docs_json["docs/docs.json: use integrations.posthog"] -- "configure API key" --> tracking["Mintlify built-in tracking"]
  posthog_js["docs/posthog.js: remove custom init"] -- "rely on config" --> tracking

Loading

File Walkthrough

Relevant files

Enhancement

docs.json Configure PostHog via Mintlify integrations                            docs/docs.json Replace integrations.intercom with integrations.posthog. Add apiKey for PostHog integration. +2/-2      posthog.js Remove custom PostHog bootstrap script                                      docs/posthog.js Remove custom PostHog loader and init snippet. Rely on configuration-based integration instead. +0/-6

---

[github-actions]

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪

🧪 No relevant tests

🔒 Security concerns Sensitive information exposure: A PostHog API key is added directly in 'docs/docs.json'. If this is not the public client key meant for browser-side tracking, it should not be committed. Even for public keys, validate scope and rotate if previously private. Ensure no additional secrets were removed with 'docs/posthog.js' and that data collection complies with privacy requirements (e.g., anonymization, consent banners) when enabling tracking.

⚡ Recommended focus areas for review Sensitive Key in Repo The PostHog API key is committed in plain text. Confirm whether this is a public client key intended for frontend use and environment; if not, move it to an environment variable or secret and rotate the key. "posthog": { "apiKey": "phc_aUO790jHd7z1SXwsYCz8dRApxueplZlZWeDSpKc5hol" } Missing Host/Project Config Depending on deployment, PostHog may require additional fields (e.g., 'host') or project settings to route events correctly; verify integration options align with your PostHog instance (EU/US, self-hosted). "posthog": { "apiKey": "phc_aUO790jHd7z1SXwsYCz8dRApxueplZlZWeDSpKc5hol" }

[github-actions]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
Security	Remove hardcoded analytics secret Avoid committing a live analytics secret to a public repo. Move the PostHog API key to a secure config (environment variable or deployment secret) and reference it via your docs platform’s supported variable mechanism. Rotate the exposed key immediately. docs/docs.json [11-14] "integrations": { "posthog": { - "apiKey": "phc_aUO790jHd7z1SXwsYCz8dRApxueplZlZWeDSpKc5hol" + "apiKey": "${POSTHOG_API_KEY}" } }, Suggestion importance[1-10]: 10 __ Why: The suggestion correctly flags a hardcoded PostHog API key introduced in the new hunk ("apiKey": "phc_...") and proposes using a secure variable reference. This is a critical security issue, and the improved code accurately reflects the intended change.	High