fix: satisfy SDK compliance harness 0.8.0

[marandaneto]

Problem

The SDK compliance workflow and local harness need to use SDK test harness release 0.8.0, with reusable GitHub workflow calls pinned to the release commit SHA instead of a mutable tag/branch. Running the updated harness exposed SDK/adapter compliance gaps in this repository.

Changes

• Pins the reusable SDK compliance workflow to PostHog/posthog-sdk-test-harness commit be8b8d5a3f94a249659844e94832e874f049c1e4.\n- Uses ghcr.io/posthog/sdk-test-harness:0.8.0 for local Docker harness runs / workflow harness version inputs.\n- Updates SDK compliance adapter and/or SDK behavior needed to pass the 0.8.0 compliance contract.

Tests

• flutter analyze passed; SDK compliance Docker harness passed locally with project posthog_flutter_compliance.

[greptile-apps]

_{Reviews (1): Last reviewed commit: "chore: add SDK compliance harness 0.8.0" | Re-trigger Greptile}

[github-actions]

posthog-flutter Compliance Report

Date: 2026-06-29 14:48:55 UTC
Duration: 96798ms

✅ All Tests Passed!

45/45 tests passed

---

Capture Tests

✅ 29/29 tests passed

View Details

Test	Status	Duration
Format Validation.Event Has Required Fields	✅	139ms
Format Validation.Event Has Uuid	✅	117ms
Format Validation.Event Has Lib Properties	✅	116ms
Format Validation.Distinct Id Is String	✅	114ms
Format Validation.Token Is Present	✅	114ms
Format Validation.Custom Properties Preserved	✅	116ms
Format Validation.Event Has Timestamp	✅	118ms
Retry Behavior.Retries On 503	✅	5330ms
Retry Behavior.Does Not Retry On 400	✅	2118ms
Retry Behavior.Does Not Retry On 401	✅	2116ms
Retry Behavior.Respects Retry After Header	✅	8125ms
Retry Behavior.Implements Backoff	✅	15445ms
Retry Behavior.Retries On 500	✅	5225ms
Retry Behavior.Retries On 502	✅	5225ms
Retry Behavior.Retries On 504	✅	5224ms
Retry Behavior.Max Retries Respected	✅	15444ms
Deduplication.Generates Unique Uuids	✅	124ms
Deduplication.Preserves Uuid On Retry	✅	5223ms
Deduplication.Preserves Uuid And Timestamp On Retry	✅	10333ms
Deduplication.Preserves Uuid And Timestamp On Batch Retry	✅	5229ms
Deduplication.No Duplicate Events In Batch	✅	123ms
Deduplication.Different Events Have Different Uuids	✅	116ms
Compression.Sends Gzip When Enabled	✅	116ms
Batch Format.Uses Proper Batch Structure	✅	112ms
Batch Format.Flush With No Events Sends Nothing	✅	108ms
Batch Format.Multiple Events Batched Together	✅	124ms
Error Handling.Does Not Retry On 403	✅	2115ms
Error Handling.Does Not Retry On 413	✅	2117ms
Error Handling.Retries On 408	✅	5223ms

Feature_Flags Tests

✅ 16/16 tests passed

View Details

Test	Status	Duration
Request Payload.Request With Person Properties Device Id	✅	11ms
Request Payload.Flags Request Uses V2 Query Param	✅	9ms
Request Payload.Flags Request Hits Flags Path Not Decide	✅	10ms
Request Payload.Flags Request Omits Authorization Header	✅	9ms
Request Payload.Token In Flags Body Matches Init	✅	9ms
Request Payload.Groups Round Trip	✅	9ms
Request Payload.Groups Default To Empty Object	✅	9ms
Request Payload.Person Properties Distinct Id Auto Populated When Caller Omits It	✅	10ms
Request Payload.Disable Geoip False Propagates As Geoip Disable False	✅	9ms
Request Payload.Disable Geoip Omitted Defaults To False	✅	9ms
Request Payload.Flag Keys To Evaluate Contains Only Requested Key	✅	10ms
Request Lifecycle.No Flags Request On Init Alone	✅	4ms
Request Lifecycle.No Flags Request On Normal Capture	✅	112ms
Request Lifecycle.Two Flag Calls Produce Two Remote Requests	✅	16ms
Request Lifecycle.Mock Response Value Is Returned To Caller	✅	9ms
Side Effect Events.Get Feature Flag Captures Feature Flag Called Event	✅	115ms

[greptile-apps]

_{Reviews (2): Last reviewed commit: "fix: keep flags api key field" | Re-trigger Greptile}

[greptile-apps]

resetAdapterState leaves in-flight flush running against the new state

_activeFlush is never cleared here and the timer is only cancelled — any ongoing flush (triggered by the timer or a previous capture) keeps running. It holds a reference to this, so after state = _AdapterState() is executed it writes to the freshly created state object: state.totalEventsSent += batch.length runs against the new clean state and corrupts it. Concurrently, flush() guards on _activeFlush != null and returns the stale future, so the first explicit /flush call from the harness after /reset does nothing — it just awaits the old operation. A compliance scenario of "reset → init → capture → flush → check state" will see non-zero total_events_sent before any event was intentionally sent in the new session.

[greptile-apps]

Events silently discarded on batch failure

removeWhere runs unconditionally regardless of success. When all retries are exhausted and success is false, every event in the batch is removed from the queue and pending_events drops to 0, yet total_events_sent is not updated. Any compliance scenario that checks pending_events after a permanent send failure will see 0 instead of the number of events that could not be delivered.