Skip to content

Chore/cleanup ux palette refactor#3

Merged
MohamedAklamaash merged 19 commits into
mainfrom
chore/cleanup-ux-palette-refactor
Jun 25, 2026
Merged

Chore/cleanup ux palette refactor#3
MohamedAklamaash merged 19 commits into
mainfrom
chore/cleanup-ux-palette-refactor

Conversation

@MohamedAklamaash

@MohamedAklamaash MohamedAklamaash commented Jun 25, 2026

Copy link
Copy Markdown
Owner

🧾 High-Level Summary

This PR adds GitHub OAuth/login, repo access control, private-repo ingestion, SSE chat streaming, graph/file auth gating, and a major frontend UI/routing refactor. Overall code health is mixed: the feature set is substantial and fairly well-covered by tests, but there are a few security and correctness risks around auth flows, token handling, and caching.

🚨 Critical Issues (Must Fix)

  • logout/session auth flow is only as strong as CSRF handling; the custom CSRF-exempt session auth for logout is risky and should be tightly constrained and reviewed for accidental reuse.
  • OAuth and GitHub token handling now touches encrypted credentials, reauth flags, and GitHub probing; any failure path that logs or returns sensitive error details should be audited to ensure secrets never leak.
  • Repo access enforcement is broad but highly coupled across apps; a missed route or stale cache entry could still expose repo data if not consistently guarded.

⚠️ Warnings (Should Fix)

  • RepositoryAccess + is_private introduce more branchy access logic; the private/public inference and reauth behavior needs careful edge-case review for 401/403/404 consistency.
  • Several new frontend API paths rely on backend error codes (needs_reauth, no_access, github_unreachable, etc.); mismatches will produce confusing UX.
  • The SSE chat implementation and streaming state handling are more complex than the prior request/response flow and should be watched for partial-response and abort edge cases.
  • The new cache-backed repo/repo-list behavior may serve stale data if invalidation is incomplete.

💡 Suggestions (Nice to Have)

  • Add integration tests for token decryption failure, logout CSRF boundaries, and GitHub probe/rate-limit edge cases.
  • Centralize repo-access error mapping so backend and frontend stay in sync.
  • Consider splitting the large repos/views.py and chat/views.py changes into smaller service modules for maintainability.
  • Revisit frontend state restoration and router behavior for deep links and reloads.

🔐 Security Verdict

Risky — the PR improves access control and credential handling overall, but it also introduces sensitive OAuth/token paths, custom auth behavior, and broader cache-driven repo gating that need careful hardening.

📊 Final PR Rating

4/5 — strong feature work with good test coverage and meaningful security improvements, but not production-ready without a closer audit of auth/token edge cases and cache/invalidation behavior.

📝 Suggested Prompt Update

The prompt is missing a way to handle PRs where the base branch has no merge base in the sandbox. It should ask for either:

  • a commit-by-commit summary from git show --stat --summary <commit>, or
  • a pasted commit list/message set from the user,
    when git diff main...HEAD is unavailable.

It also needs a fallback instruction for “per-commit review” when only a flattened change summary is available:

  • clearly state that individual commit ratings cannot be verified from the provided data,
  • and provide a best-effort chronological risk trend based on the available summaries.

MohamedAklamaash and others added 19 commits May 11, 2026 08:22
21 tests for github_api.{get_identity_or_reauth, decrypt_token_or_reauth,
github_get} including the 403/429 Retry-After tuple shape and the
needs_reauth persistence on decrypt failure.

9 tests for repos._view_helpers.{normalize_or_400, get_user_repo_or_404_response}
and the RepoStatus enum value-strings (drift-guard for the frontend mirror).
- Stream the chat endpoint as SSE (meta citations -> tokens -> done);
  retrieval + access gate stay synchronous so 4xx errors stay clean JSON.
- Switch Gemini SDK to REST transport to fix the gRPC c-ares DNS failures
  ("Could not contact DNS servers") seen during embedding/chat.
- Update model gemini-2.0-flash -> gemini-2.5-flash (2.0 was retired,
  which surfaced as "generation failed").
- Make embeddings resilient: retry transient transport/availability errors
  with backoff + per-call timeout.
- Drop the redundant second LLM call for chat follow-up suggestions.
- Graph: hide dunder/boilerplate functions (__init__, …) at the DB-query
  level by default; opt back in with ?include_boilerplate=true, return a
  `hidden` count, and drop edges dangling to filtered-out nodes.
- Test settings: stream-aware genai stub + GoogleAPICallError/RetryError.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
- Streaming chat client (fetch + ReadableStream) with markdown, citation
  chips that focus/center the cited node in the graph, and a Cmd/Ctrl-K
  Ask palette; chat state lifted into a shared useChat hook.
- Design system: Tailwind v4 + tokenized zinc+indigo palette with light
  mode + toggle, Inter/JetBrains Mono, focus rings, custom scrollbars.
- react-router for shareable URLs (/r/:repoId); reserved /share + /orgs.
- Resizable dashboard panels; Explorer & Chat are collapsible (open by
  default) via top-bar toggles; mobile stacked layout + bottom tab bar.
- Tasteful framer-motion animations (palette, dropdown, messages,
  inspector, processing steps).
- Enterprise marketing landing/sign-in page (hero, product mockup,
  feature grid, steps, CTA) with a two-tone wordmark.
- Graph: user-defined vs all-functions toggle (server-driven), empty
  state, theme-aware colors, focus/center on citation.
- Processing retry button (pull latest & re-analyze); strip repo names
  to the project; new node-graph favicon; topbar dropdown z-index fix.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Avoids clashing with other local apps. CORS/CSRF/redirect URIs and the
Vite proxy target are aligned to the new ports. Local secrets stay in the
gitignored .env / .env.local.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
AI-first chat + design-system overhaul, resilient backend, server-side graph filtering
@MohamedAklamaash MohamedAklamaash self-assigned this Jun 25, 2026
@coderabbitai

coderabbitai Bot commented Jun 25, 2026

Copy link
Copy Markdown

Review Change Stack

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: c6a4ec55-567f-492a-ad2e-8a1486b638b5

📥 Commits

Reviewing files that changed from the base of the PR and between 982dc2d and 60a4813.

⛔ Files ignored due to path filters (4)
  • demo/graph.png is excluded by !**/*.png
  • frontend/package-lock.json is excluded by !**/package-lock.json
  • frontend/pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml
  • frontend/public/favicon.svg is excluded by !**/*.svg
📒 Files selected for processing (70)
  • .gitignore
  • backend/apps/auth_github/__init__.py
  • backend/apps/auth_github/apps.py
  • backend/apps/auth_github/crypto.py
  • backend/apps/auth_github/github_api.py
  • backend/apps/auth_github/migrations/0001_initial.py
  • backend/apps/auth_github/migrations/__init__.py
  • backend/apps/auth_github/models.py
  • backend/apps/auth_github/tests/__init__.py
  • backend/apps/auth_github/tests/test_crypto.py
  • backend/apps/auth_github/tests/test_github_api.py
  • backend/apps/auth_github/tests/test_github_repos_view.py
  • backend/apps/auth_github/tests/test_oauth_callback.py
  • backend/apps/auth_github/urls.py
  • backend/apps/auth_github/views.py
  • backend/apps/chat/views.py
  • backend/apps/embeddings/client.py
  • backend/apps/files/views.py
  • backend/apps/graph/views.py
  • backend/apps/repos/_view_helpers.py
  • backend/apps/repos/migrations/0002_repository_first_ingested_by_repository_is_private_and_more.py
  • backend/apps/repos/migrations/0003_alter_repository_status.py
  • backend/apps/repos/models.py
  • backend/apps/repos/tasks.py
  • backend/apps/repos/tests/__init__.py
  • backend/apps/repos/tests/conftest.py
  • backend/apps/repos/tests/test_attach.py
  • backend/apps/repos/tests/test_cross_app_gating.py
  • backend/apps/repos/tests/test_cross_repo_idor.py
  • backend/apps/repos/tests/test_redact.py
  • backend/apps/repos/tests/test_repository_view.py
  • backend/apps/repos/tests/test_view_helpers.py
  • backend/apps/repos/urls.py
  • backend/apps/repos/utils.py
  • backend/apps/repos/views.py
  • backend/conftest.py
  • backend/core/settings.py
  • backend/core/test_settings.py
  • backend/core/test_urls.py
  • backend/core/urls.py
  • backend/env.local
  • backend/manage.py
  • backend/pytest.ini
  • backend/requirements.txt
  • docker-compose.yml
  • frontend/index.html
  • frontend/local.env
  • frontend/package.json
  • frontend/src/App.tsx
  • frontend/src/api/index.ts
  • frontend/src/auth/AuthContext.tsx
  • frontend/src/components/AskPalette.tsx
  • frontend/src/components/ChatPanel.tsx
  • frontend/src/components/Dashboard.tsx
  • frontend/src/components/GithubRepoPicker.tsx
  • frontend/src/components/GraphPanel.tsx
  • frontend/src/components/Landing.tsx
  • frontend/src/components/Login.tsx
  • frontend/src/components/Processing.tsx
  • frontend/src/components/RepoSwitcher.tsx
  • frontend/src/components/Sidebar.tsx
  • frontend/src/components/ThemeToggle.tsx
  • frontend/src/constants/repoStatus.ts
  • frontend/src/hooks/useChat.ts
  • frontend/src/hooks/useMediaQuery.ts
  • frontend/src/index.css
  • frontend/src/main.tsx
  • frontend/src/theme.ts
  • frontend/src/types/index.ts
  • frontend/vite.config.js

📝 Walkthrough

Walkthrough

Adds GitHub OAuth login, encrypted identity storage, repository access probing and ingestion, repo-scoped chat/graph/file enforcement, and a routed frontend with streaming chat, GitHub repo selection, and theme/auth state.

Changes

GitHub auth, repo access, and streaming UI

Layer / File(s) Summary
Runtime and test bootstrap
.gitignore, backend/conftest.py, backend/core/{settings.py,test_settings.py,test_urls.py,urls.py}, backend/env.local, backend/manage.py, backend/pytest.ini, backend/requirements.txt, docker-compose.yml, frontend/{index.html,local.env,package.json,vite.config.js}
Local dev, test, and container settings now use the new ports and defaults, and the ignore list covers the expanded Python, Node, cache, and editor artifacts.
GitHub identity helpers
backend/apps/auth_github/{apps.py,crypto.py,github_api.py,models.py,migrations/0001_initial.py}, backend/apps/auth_github/tests/{test_crypto.py,test_github_api.py}
Adds the GitHubIdentity model, Fernet token helpers, reauth helpers, and tests for token round-trips and GitHub request mapping.
GitHub OAuth endpoints
backend/apps/auth_github/{urls.py,views.py}, backend/apps/auth_github/tests/{test_oauth_callback.py,test_github_repos_view.py}
Implements GitHub OAuth start/callback, logout, CSRF, me, and repo-list endpoints with tests for callback validation, identity creation, and repo responses.
Repository schema and helpers
backend/apps/repos/{_view_helpers.py,models.py,utils.py,migrations/*}, backend/apps/repos/tests/test_view_helpers.py
Introduces repository status enums, access metadata, URL helpers, and tests for the new repository helper and enum contracts.
Repository submission and ingestion
backend/apps/repos/{urls.py,tasks.py,views.py}, backend/apps/repos/tests/{conftest.py,test_repository_view.py,test_attach.py,test_redact.py}
Reworks repository submission and attachment around URL normalization, GitHub probing, access rows, and privacy-aware ingestion, with tests for access, normalization, and redaction.
Repo-scoped enforcement
backend/apps/{chat,files,graph,embeddings}/*.py, backend/apps/repos/tests/{test_cross_app_gating.py,test_cross_repo_idor.py}
Adds repo-access checks to chat, files, graph, and embedding paths, switches chat to SSE streaming, and tests cross-repo and cross-app gating.
Frontend auth, routing, and shared contracts
frontend/src/{App.tsx,api/index.ts,auth/AuthContext.tsx,constants/repoStatus.ts,hooks/*,main.tsx,theme.ts,types/index.ts,components/{Login.tsx,ThemeToggle.tsx}}
Adds auth state, CSRF-aware API calls, theme persistence, streaming chat state, repo-status/type contracts, and a routed auth shell.
Frontend workspace and presentation
frontend/src/components/{AskPalette.tsx,ChatPanel.tsx,Dashboard.tsx,GithubRepoPicker.tsx,GraphPanel.tsx,Landing.tsx,Processing.tsx,RepoSwitcher.tsx,Sidebar.tsx}, frontend/src/index.css
Builds the repo-selection and analysis workspace UI, including GitHub repo picking, streaming chat, graph focus, processing retry, responsive layouts, and updated styling.

Sequence Diagram(s)

OAuth login flow

sequenceDiagram
  participant Frontend
  participant GithubOAuthStartView
  participant GitHub
  participant GithubOAuthCallbackView
  participant User
  participant GitHubIdentity
  Frontend->>GithubOAuthStartView: GET /auth/github/start/
  GithubOAuthStartView->>Frontend: authorization URL and state
  Frontend->>GithubOAuthCallbackView: GET callback with code and state
  GithubOAuthCallbackView->>GitHub: exchange code and fetch user profile
  GithubOAuthCallbackView->>User: upsert user
  GithubOAuthCallbackView->>GitHubIdentity: encrypt token, store scopes, clear needs_reauth
  GithubOAuthCallbackView->>Frontend: redirect to FRONTEND_BASE_URL
Loading

Repository submission and ingest flow

sequenceDiagram
  participant Frontend
  participant RepositoryView
  participant _can_grant_access
  participant _probe_github
  participant GitHub
  participant ingest_repository
  participant Repository
  Frontend->>RepositoryView: POST /api/repos/
  RepositoryView->>_can_grant_access: normalize URL and check access
  _can_grant_access->>_probe_github: probe owner/name
  _probe_github->>GitHub: GET api.github.com/repos/{owner}/{name}
  RepositoryView->>ingest_repository: delay(repo_id, user_id)
  ingest_repository->>Repository: set status, is_private, and clone source
Loading

Estimated code review effort

🎯 5 (Critical) | ⏱️ ~120 minutes

Poem

🐰 I hopped through GitHub gates tonight,
With tokens tucked in Fernet light.
Repos glow, the chat hops free,
Graphs and streams hum softly to me,
CodeGraph twirls—what a merry warren!

✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 Biome (2.5.0)
frontend/src/index.css

File contains syntax errors that prevent linting: Line 10: Tailwind-specific syntax is disabled.


Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@MohamedAklamaash
MohamedAklamaash merged commit 0f994ca into main Jun 25, 2026
1 of 4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant