feat: add secret_key config, deprecate personal_api_key#727
feat: add secret_key config, deprecate personal_api_key#727turnipdabeets wants to merge 4 commits into
Conversation
|
posthog-python Compliance ReportDate: 2026-07-02 16:43:01 UTC ✅ All Tests Passed!46/46 tests passed Capture Tests✅ 29/29 tests passed View Details
Feature_Flags Tests✅ 17/17 tests passed View Details
|
The local feature flag / remote config credential now accepts either a Personal API Key or a Project Secret API Key, so the field is renamed to secret_key. personal_api_key is kept as a deprecated alias that resolves into secret_key, with a DeprecationWarning, so existing code keeps working.
394b812 to
6034978
Compare
- Regenerate public API snapshot for the new secret_key field - Update the unauthorized-error test to assert secret_key - Collapse the three secret_key tests into one parameterized table - ruff format
…ey-to-secret-key # Conflicts: # references/public_api_snapshot.txt
Second assertion (in test_feature_flags) still pinned the old personal_api_key wording after the message was renamed to secret_key.
|
Reviews (2): Last reviewed commit: "test: assert secret_key in wrong-key err..." | Re-trigger Greptile |
Problem
The credential used for local feature flag evaluation and remote config accepts either a Personal API Key (
phx_...) or a Project Secret API Key (phs_...), but the config field is namedpersonal_api_key. Passing a project secret key to a field called "personal api key" is confusing now that project secret keys exist.Change
secret_keyas the canonical config field — accepts a Personal API Key or a Project Secret API Key.personal_api_keyas a deprecated alias that resolves intosecret_key. Non-breaking: existing code keeps working and gets aDeprecationWarning.secret_keywhen both are provided.secret_key.Context
From the Slack discussion + PostHog/posthog-js#4046. This covers the rename only. The other two items from that thread — making flag refresh opt-in, and a config to enable/disable local eval independent of the env var — are separate.
Part of a coordinated rename across the backend SDKs (python, node, php, ruby, go, dotnet, rs).