Skip to content

Comments

fix: hash emails before sending as PostHog distinct_id#2002

Open
cherkanovart wants to merge 1 commit intomainfrom
fix/eng-378-hash-emails-in-posthog
Open

fix: hash emails before sending as PostHog distinct_id#2002
cherkanovart wants to merge 1 commit intomainfrom
fix/eng-378-hash-emails-in-posthog

Conversation

@cherkanovart
Copy link
Contributor

@cherkanovart cherkanovart commented Feb 20, 2026

Summary

  • Hash emails with SHA-256 before using as PostHog distinct_id across cli, compiler, and new-compiler packages
  • Same email always produces the same hash, so user correlation in PostHog is preserved
  • No raw PII is sent to PostHog anymore

Changed files

  • packages/cli/src/cli/utils/observability.ts
  • packages/compiler/src/utils/observability.ts
  • packages/new-compiler/src/utils/observability.ts

Test plan

  • Existing observability.spec.ts tests pass
  • Typecheck passes (pre-existing prettier type issue in compiler is unrelated)

Closes ENG-378

🤖 Generated with Claude Code

Summary by CodeRabbit

  • Bug Fixes
    • Updated email data handling in analytics tracking across packages to use hashed values instead of raw email addresses.

Use SHA-256 hash of email instead of raw email for PostHog distinct_id
across cli, compiler, and new-compiler packages to avoid sending PII.

Closes ENG-378

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Feb 20, 2026

No actionable comments were generated in the recent review. 🎉


📝 Walkthrough

Walkthrough

This change adds SHA-256 hashing of email addresses before sending them to PostHog as distinct_id identifiers. The crypto import and hashing logic are applied consistently across three observability utility files in separate packages (cli, compiler, new-compiler), with a corresponding changeset documenting the patch-level updates.

Changes

Cohort / File(s) Summary
Changeset Documentation
.changeset/fix-emails-posthog.md
Declares patch-level version bumps for lingo.dev, @lingo.dev/_compiler, and @lingo.dev/compiler packages to document the email hashing security fix.
Observability Email Hashing
packages/cli/src/cli/utils/observability.ts, packages/compiler/src/utils/observability.ts, packages/new-compiler/src/utils/observability.ts
Each file now imports the crypto module and applies SHA-256 hashing to email addresses before using them as PostHog distinct_id values. The hashed email (hex-encoded) replaces the raw email string while maintaining distinct_id_source as "email". All other identity fallbacks (org_id, device-based IDs) and control flow remain unchanged.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Possibly related PRs

  • chore: simplify observability #1874: Modifies the same observability distinct-id logic paths in observability.ts files across packages, restructuring repository→org identification and payload fields.

Poem

🐰 A hash of care for privacy's sake,
SHA-256 tokens we gently make,
No raw emails sent astray,
PostHog tracks in a safer way,
Three observant files awake!

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (2 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly and accurately describes the main change: hashing emails before sending them to PostHog as distinct_id.
Description check ✅ Passed The description covers the main changes and includes test results, but lacks business logic test descriptions and before/after visuals per the template.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
  • 📝 Generate docstrings (stacked PR)
  • 📝 Generate docstrings (commit on current branch)
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch fix/eng-378-hash-emails-in-posthog

Comment @coderabbitai help to get the list of available commands and usage tips.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants