Conversation
…kflows for improved CI/CD process - Deleted VERIFICATION.md, WORKFLOW_MODULARIZATION_SUMMARY.md, plan.md, requirements.md, and specs.md as they are no longer relevant. - Updated LoginPage.css to remove background image styles. - Removed unused inspiration images. - Introduced new modular workflows for deployment and destruction of Azure resources, enhancing flexibility and efficiency. - Added comprehensive documentation in docs/Copilot.md and restructured development plan in docs/plan.md. - Established a new CHANGELOG.md and CONTRIBUTING.md for better project management and contribution guidelines.
…nce UI with responsive design and improved styles
Fixes #67 remove ms login
Fixes #67 update
Fixes #67 auth correction
Fixes #67 auth correction
Fixes #67 inspiration
Fixes #61 Remove development plan and requirements documents; consolidate specifications into a single file.
Fixes #61 ✨Revise specifications document for AlpineBot, enhancing clarity and detail on user authentication, functional requirements, and design principles.
Fixes #61 ✨Update specifications document with structured sections for context, functional requirements, non-functional requirements, technical design, and acceptance criteria.
Fixes #61 test
Fixes #61 plan update
Fixes #67 remove apertus
Co-authored-by: fpittelo <3135901+fpittelo@users.noreply.github.com>
Co-authored-by: fpittelo <3135901+fpittelo@users.noreply.github.com>
Co-authored-by: fpittelo <3135901+fpittelo@users.noreply.github.com>
Co-authored-by: fpittelo <3135901+fpittelo@users.noreply.github.com>
…page Rework lanoding page to align with specifications (Task 1.2.1)
Co-authored-by: fpittelo <3135901+fpittelo@users.noreply.github.com>
Co-authored-by: fpittelo <3135901+fpittelo@users.noreply.github.com>
Fixes #61 update of the specs
…erface Implement basic chatbot interface with voting, copy, and refresh controls
… useWebsite Design (Stays Open) Fixes #67
Fixes #67 Guidelines link correction
Fixes #67 correction
Fixes #67 Homage guidelines and chat box higher up
Fixes #67 Homepage correction
Co-authored-by: fpittelo <3135901+fpittelo@users.noreply.github.com>
Co-authored-by: fpittelo <3135901+fpittelo@users.noreply.github.com>
…atbot-backend Add Azure Functions backend with OpenAI integration for chatbot
Co-authored-by: fpittelo <3135901+fpittelo@users.noreply.github.com>
Co-authored-by: fpittelo <3135901+fpittelo@users.noreply.github.com>
Co-authored-by: fpittelo <3135901+fpittelo@users.noreply.github.com>
Co-authored-by: fpittelo <3135901+fpittelo@users.noreply.github.com>
Co-authored-by: fpittelo <3135901+fpittelo@users.noreply.github.com>
…yment Add Azure Function App deployment infrastructure per environment
Summary of ChangesHello @fpittelo, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request significantly advances the AlpineBot project by introducing core chat functionality, streamlining user authentication, and establishing robust development and deployment practices. It features a redesigned frontend with a functional chat interface and static content pages, backed by a new Python Azure Function that integrates with Azure OpenAI. Concurrently, the project's documentation has been formalized and updated, and the infrastructure has been expanded to support these new components, setting a clear path for future development. Highlights
Ignored Files
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces a major refactoring and set of new features, significantly advancing the project. Key changes include the addition of a Python-based Azure Function backend, a complete redesign of the React frontend to a modern chat interface, and the introduction of a detailed specifications.md document. The infrastructure-as-code has also been updated to support the new backend and to remove the deprecated Microsoft authentication provider, focusing solely on Google for user sign-in. My review identifies a critical issue with a backend dependency version that would prevent deployment, a high-severity security concern regarding error message leakage, and a few medium-severity documentation inconsistencies that should be addressed to maintain clarity and correctness.
| # azure-monitor-opentelemetry | ||
|
|
||
| azure-functions==1.24.0 | ||
| openai==2.8.1 No newline at end of file |
There was a problem hiding this comment.
The specified version 2.8.1 for the openai package is not a valid version on PyPI, which will cause the dependency installation to fail. The code in function_app.py uses the AzureOpenAI client, which is part of the v1.x SDK. Please update this to a correct version, for example, ~=1.28.0.
openai~=1.28.0
| except Exception as e: | ||
| logging.error(f"Error processing chat request: {str(e)}") | ||
| return func.HttpResponse( | ||
| json.dumps({"error": f"An error occurred: {str(e)}"}), | ||
| mimetype="application/json", | ||
| status_code=500 | ||
| ) No newline at end of file |
There was a problem hiding this comment.
The general exception handler returns the full exception message to the client. This can leak sensitive internal implementation details, which is a security risk. It's better to log the detailed error on the server (using exc_info=True for the full stack trace) and return a generic error message to the client.
| except Exception as e: | |
| logging.error(f"Error processing chat request: {str(e)}") | |
| return func.HttpResponse( | |
| json.dumps({"error": f"An error occurred: {str(e)}"}), | |
| mimetype="application/json", | |
| status_code=500 | |
| ) | |
| except Exception as e: | |
| logging.error(f"An unexpected error occurred: {str(e)}", exc_info=True) | |
| return func.HttpResponse( | |
| json.dumps({"error": "An unexpected error occurred. Please try again later."}), | |
| mimetype="application/json", | |
| status_code=500 | |
| ) |
| ``` | ||
| /frontend - React web application | ||
| /backend - Azure Functions | ||
| /terraform - Infrastructure as Code |
There was a problem hiding this comment.
The project structure documentation refers to /terraform, but this directory has been renamed to /infra in this pull request. Please update this line to reflect the new project structure.
| /terraform - Infrastructure as Code | |
| /infra - Infrastructure as Code |
|
|
||
| - **FR4.1:** The user profile shall allow each users to manage their profile securely. | ||
| - **FR4.2:** The user profile portal shall support to manage a profile picture similar to github profile picture. | ||
| - **FR4.3:** The user profile portal shall support to manage th |
There was a problem hiding this comment.
This line appears to be incomplete. Please review and complete the functional requirement.
| - **FR9.1:** A *guidelines" page containing generice guidelines. The page will be accessible with link available on the login page between "Privacy" and "About". | ||
| - **FR9.2:** A *data" page containing information about how data is used. The page will be accessible with link available on the login page between "Privacy" and "About". |
There was a problem hiding this comment.
There are minor typos in this section. The markdown for the page names seems to have extra quotes, and generice is misspelled. It should be *guidelines* and *data*.
| - **FR9.1:** A *guidelines" page containing generice guidelines. The page will be accessible with link available on the login page between "Privacy" and "About". | |
| - **FR9.2:** A *data" page containing information about how data is used. The page will be accessible with link available on the login page between "Privacy" and "About". | |
| - **FR9.1:** A *guidelines* page containing generic guidelines. The page will be accessible with link available on the login page between "Privacy" and "About". | |
| - **FR9.2:** A *data* page containing information about how data is used. The page will be accessible with link available on the login page between "Privacy" and "About". |
| require_authentication = false | ||
| unauthenticated_action = "AllowAnonymous" |
There was a problem hiding this comment.
Setting require_authentication to false and unauthenticated_action to AllowAnonymous is correct for allowing the frontend React app to handle its own routing and display a custom login page. However, this means the application itself is now fully responsible for protecting routes. While the current App.js implementation does this, it's a critical security change to be aware of. Any future endpoints or pages added to the frontend must be explicitly protected in the client-side code.
|
ok |
Dev to qa