feat: format legacy plugins to new format #28017
Conversation
…nto feat/cyclotron-plugins
# Conflicts: # plugin-server/src/cdp/consumers/__snapshots__/cdp-cyclotron-plugins-worker.test.ts.snap # plugin-server/src/cdp/consumers/cdp-cyclotron-plugins-worker.consumer.ts # plugin-server/src/cdp/consumers/cdp-cyclotron-plugins-worker.test.ts # plugin-server/src/cdp/consumers/cdp-cyclotron-worker.consumer.ts # plugin-server/src/cdp/legacy-plugins/customerio/index.ts # plugin-server/src/cdp/legacy-plugins/intercom/index.ts # plugin-server/src/cdp/legacy-plugins/types.ts # plugin-server/src/main/pluginsServer.ts # posthog/cdp/migrations.py # posthog/models/plugin.py
|
tests are succeeding locally after creating a |
MarconLP
requested review from
benjackwhite
and removed request for
benjackwhite
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
There was a problem hiding this comment.
PR Summary
This PR significantly restructures legacy plugins in the PostHog plugin server, focusing on standardizing plugin formats and improving type safety.
- Removes multiple legacy plugins (currency-normalization, downsampling, taxonomy, timestamp-parser, etc.) while converting remaining plugins to TypeScript with proper type definitions
- Updates remaining plugins (Hubspot, Braze, GCS, etc.) to use LegacyPlugin interface instead of Plugin type, with standardized logging via meta.logger
- Replaces global fetch with meta.fetch across plugins and updates test files to use jest-fetch-mock
- Consolidates plugin exports in
src/cdp/legacy-plugins/index.tswith consistent plugin registration pattern - Adds comprehensive test coverage for converted plugins while removing tests for deprecated ones
116 file(s) reviewed, 43 comment(s)
Edit PR Review Bot Settings | Greptile
There was a problem hiding this comment.
logic: Removing currency normalization functionality without a clear replacement could break existing integrations that depend on currency conversion. Ensure this functionality is either migrated elsewhere or that this is an intentional deprecation.
There was a problem hiding this comment.
logic: This file is being completely removed. Ensure there is a replacement implementation in the new plugin format that maintains the same sampling functionality and backwards compatibility.
| @@ -178,6 +179,7 @@ function getEmailFromEvent(event) { | |||
|
|
|||
| export const hubspotPlugin: LegacyPlugin = { | |||
| id: 'hubspot', | |||
| onEvent, | |||
| metadata: metadata as any, | |||
There was a problem hiding this comment.
style: casting metadata as any bypasses type checking - consider defining proper type
| export const PLUGINS_BY_ID = { | ||
| [customerioPlugin.id]: customerioPlugin, | ||
| [intercomPlugin.id]: intercomPlugin, | ||
| [rudderstackPlugin.id]: rudderstackPlugin, | ||
| [hubspotPlugin.id]: hubspotPlugin, | ||
| [engagePlugin.id]: engagePlugin, | ||
| [avoPlugin.id]: avoPlugin, | ||
| [patternsPlugin.id]: patternsPlugin, | ||
| [brazePlugin.id]: brazePlugin, | ||
| [pubsubPlugin.id]: pubsubPlugin, | ||
| [sendgridPlugin.id]: sendgridPlugin, | ||
| [gcsPlugin.id]: gcsPlugin, | ||
| [salesforcePlugin.id]: salesforcePlugin, | ||
| [laudspeakerPlugin.id]: laudspeakerPlugin, | ||
| } |
There was a problem hiding this comment.
style: Consider alphabetizing the plugin entries in PLUGINS_BY_ID for better maintainability and easier lookup
| import { customerioPlugin } from './customerio' | ||
| import { hubspotPlugin } from './hubspot' | ||
| import { intercomPlugin } from './intercom' | ||
| import { avoPlugin } from './posthog-avo' | ||
| import { brazePlugin } from './posthog-braze-app' | ||
| import { engagePlugin } from './posthog-engage-so' | ||
| import { gcsPlugin } from './posthog-gcs' | ||
| import { laudspeakerPlugin } from './posthog-laudspeaker-app' | ||
| import { patternsPlugin } from './posthog-patterns-app' | ||
| import { pubsubPlugin } from './pubsub' | ||
| import { rudderstackPlugin } from './rudderstack-posthog' | ||
| import { salesforcePlugin } from './salesforce/src' | ||
| import { sendgridPlugin } from './sendgrid' |
There was a problem hiding this comment.
style: Consider grouping imports by internal/external dependencies and alphabetizing within groups
| metadata: metadata as any, | ||
| setupPlugin: setupPlugin as any, | ||
| onEvent, |
There was a problem hiding this comment.
style: unsafe type assertions with 'as any' could be replaced with proper types
| throw new Error(`Got bad response getting the token ${response.status}`) | ||
| } | ||
| const body = await response.json() | ||
| cache.set(CACHE_TOKEN, body.access_token, CACHE_TTL) | ||
| void cache.set(CACHE_TOKEN, body.access_token, CACHE_TTL) |
There was a problem hiding this comment.
style: void operator is unnecessary for Promise returned by cache.set
| config, | ||
| global, | ||
| logger: { error: jest.fn(), debug: jest.fn() }, | ||
| fetch: mockFetch as unknown, |
There was a problem hiding this comment.
style: mockFetch is already typed as jest.Mock, casting to unknown here is unnecessary and could hide type errors
| metadata: metadata as any, | ||
| setupPlugin: setupPlugin as any, |
There was a problem hiding this comment.
style: Type assertions to 'any' bypass TypeScript's type checking. Consider defining proper types for metadata and setupPlugin
| function isEmail(email) { | ||
| const re = /^(([^<>()[\]\\.,;:\s@"]+(\.[^<>()[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/ | ||
| const re = | ||
| /^(([^<>()[\]\\.,;:\s@"]+(\.[^<>()[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/ | ||
| return re.test(String(email).toLowerCase()) | ||
| } |
There was a problem hiding this comment.
style: Add type annotation for email parameter to maintain TypeScript consistency
benjackwhite
changed the base branch from
feat/cyclotron-plugins-all
to
master
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| const { getMeta, resetMeta } = require('@posthog/plugin-scaffold/test/utils') | ||
| const { engagePlugin } = require('../index') | ||
| const config = { | ||
| publicKey: 'ENGAGE_PUBLIC_KEY', |
Check failure
Code scanning / CodeQL
Hard-coded credentials Critical test
| const { engagePlugin } = require('../index') | ||
| const config = { | ||
| publicKey: 'ENGAGE_PUBLIC_KEY', | ||
| secret: 'ENGAGE_SEECRET', |
Check failure
Code scanning / CodeQL
Hard-coded credentials Critical test
| } | ||
|
|
||
| function result(target: any, path: any, value: any) { | ||
| target[path] = value |
Check warning
Code scanning / CodeQL
Prototype-polluting function Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI about 2 hours ago
To fix the problem, we need to ensure that the set function does not allow the assignment of properties that can lead to prototype pollution, such as __proto__ and constructor. We can achieve this by adding a check to skip these properties during the assignment process.
- Modify the
setfunction to include a check that skips the__proto__andconstructorproperties. - Ensure that the
resultfunction is only called if the property is not one of the dangerous properties.
| @@ -91,2 +91,6 @@ | ||
|
|
||
| if (prop === '__proto__' || prop === 'constructor') { | ||
| continue | ||
| } | ||
|
|
||
| if (!isObject(target[prop])) { |
| } | ||
|
|
||
| function result(target: any, path: any, value: any) { | ||
| target[path] = value |
Check warning
Code scanning / CodeQL
Prototype-polluting function Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI about 2 hours ago
To fix the problem, we need to ensure that the set function does not allow the assignment of properties like __proto__ or constructor that can lead to prototype pollution. We can achieve this by adding a check to skip these properties during the assignment process.
- Modify the
setfunction to include a check that skips the assignment if the property name is__proto__orconstructor. - This change should be made in the file
plugin-server/src/cdp/legacy-plugins/_destinations/rudderstack-posthog/index.tswithin thesetfunction.
| @@ -90,2 +90,6 @@ | ||
|
|
||
| if (prop === '__proto__' || prop === 'constructor') { | ||
| break | ||
| } | ||
|
|
||
| if (!isObject(target[prop])) { |
| global, | ||
| logger: { error: jest.fn(), debug: jest.fn() }, | ||
| } as unknown as SalesforceMeta, | ||
| 'token' |
Check failure
Code scanning / CodeQL
Hard-coded credentials Critical
|
|
||
| expect(mockFetch).toHaveBeenCalledWith('https://test.salesforce.com/test', { | ||
| body: '{"$current_url":"https://home/io"}', | ||
| headers: { Authorization: 'Bearer token', 'Content-Type': 'application/json' }, |
Check failure
Code scanning / CodeQL
Hard-coded credentials Critical
| properties: { $current_url: 'https://home/io' }, | ||
| } as unknown as ProcessedPluginEvent, | ||
| { config, global, logger: { error: jest.fn(), debug: jest.fn() } } as unknown as SalesforceMeta, | ||
| 'token' |
Check failure
Code scanning / CodeQL
Hard-coded credentials Critical
| expect(fetch).toHaveBeenCalledWith('https://api.sendgrid.com/v3/marketing/field_definitions', { | ||
| method: 'GET', | ||
| headers: { | ||
| Authorization: 'Bearer SENDGRID_API_KEY', |
Check failure
Code scanning / CodeQL
Hard-coded credentials Critical test
| expect(fetch).toHaveBeenCalledWith('https://api.sendgrid.com/v3/marketing/contacts', { | ||
| method: 'PUT', | ||
| headers: { | ||
| Authorization: 'Bearer SENDGRID_API_KEY', |
Check failure
Code scanning / CodeQL
Hard-coded credentials Critical test
| expect(fetch).toHaveBeenCalledWith('https://api.sendgrid.com/v3/marketing/contacts', { | ||
| method: 'PUT', | ||
| headers: { | ||
| Authorization: 'Bearer SENDGRID_API_KEY', |
Check failure
Code scanning / CodeQL
Hard-coded credentials Critical test
Changes
status for all plugins: https://docs.google.com/spreadsheets/d/1K7Y5ZaefxP_mGl_q2ubjbFj6NybQT1DB0Q53CsEAMek/edit?usp=sharing
Does this work well for both Cloud and self-hosted?
How did you test this code?