chore(deps): bump posthog-js from 1.266.0 to 1.276.0

[dependabot]

Bumps posthog-js from 1.266.0 to 1.276.0.

Release notes

Sourced from posthog-js's releases.

posthog-js@1.276.0

1.276.0

Minor Changes

• #2444 d50899e Thanks @​pauldambra! - chore: bump posthog rrweb version - not generally used yet

posthog-js@1.275.3

1.275.3

Patch Changes

• #2434 10b3d23 Thanks @​pauldambra! - fix: allow turning off debug mode

posthog-js@1.275.2

1.275.2

Patch Changes

• #2431 7d45a7a Thanks @​marandaneto! - fix: remove deprecated attribute $exception_personURL from exception events

• Updated dependencies [daf919b, 7d45a7a]:

  • @​posthog/core@​1.3.0

posthog-js@1.275.1

1.275.1

Patch Changes

• #2422 4e15fda Thanks @​pauldambra! - fix: possible memory leak in session id replacement in cookieless mode

posthog-js@1.275.0

1.275.0

Minor Changes

• #2426 ae941c2 Thanks @​thmsobrmlr! - Apply $current_url masking in web vitals and heatmaps extensions.

posthog-js@1.274.3

1.274.3

Patch Changes

• #2423 2d4eac4 Thanks @​pauldambra! - fix: another small potential memory leak in the recorder wrapping code"

posthog-js@1.274.2

1.274.2

Patch Changes

... (truncated)

Commits

• 4d9516f chore: update versions and lockfile
• d50899e feat: bump ph rrweb (#2444)
• 28f9ab9 Update generated references
• 431063a Update generated references
• 3696042 Update generated references
• 84a8853 fix: Use token on checkout step (#2443)
• 1b1d0ab fix: Use bot pat for SDK reference auto commit (#2441)
• b6114a0 chore: Fix scripts to persist references (#2409)
• d084cdc chore: update versions and lockfile
• 10b3d23 fix: allow turning off debug logging (#2434)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Labels

The following labels could not be found: bot:dependabot, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 3 package(s) with unknown licenses.

See the Details below.

License Issues

package-lock.json

Package	Version	License	Issue Type
@posthog/core	1.3.0	Null	Unknown License
posthog-js	1.276.0	Null	Unknown License

package.json

Package	Version	License	Issue Type
posthog-js	1.276.0	Null	Unknown License

OpenSSF Scorecard

Package	Version	Score	Details
npm/@posthog/core	1.3.0	🟢 5.7	Details Check Score Reason Code-Review 🟢 6 Found 20/30 approved changesets -- score normalized to 6 Maintained 🟢 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 9 license file detected Binary-Artifacts 🟢 9 binaries present in source code Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 58 existing vulnerabilities detected
npm/posthog-js	1.276.0	🟢 5.7	Details Check Score Reason Code-Review 🟢 6 Found 20/30 approved changesets -- score normalized to 6 Maintained 🟢 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 9 license file detected Binary-Artifacts 🟢 9 binaries present in source code Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 58 existing vulnerabilities detected
npm/posthog-js	1.276.0	🟢 5.7	Details Check Score Reason Code-Review 🟢 6 Found 20/30 approved changesets -- score normalized to 6 Maintained 🟢 10 30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 9 license file detected Binary-Artifacts 🟢 9 binaries present in source code Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy 🟢 10 security policy file detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Vulnerabilities ⚠️ 0 58 existing vulnerabilities detected

Scanned Files

• package-lock.json
• package.json

[dependabot]

Superseded by #58.