Skip to content

Features/refine chat window#406

Merged
iceljc merged 3 commits intoSciSharp:mainfrom
iceljc:features/refine-chat-window
Dec 17, 2025
Merged

Features/refine chat window#406
iceljc merged 3 commits intoSciSharp:mainfrom
iceljc:features/refine-chat-window

Conversation

@iceljc
Copy link
Collaborator

@iceljc iceljc commented Dec 15, 2025
edited by qodo-code-review bot
Loading

PR Type

Enhancement

Description

  • Add knowledge base dictionary page with tokenization functionality

  • Create reusable table item component for expandable detail rows

  • Refine styling for knowledge base UI components and responsiveness

  • Add tokenizer API endpoints and service methods

  • Update HTTP loader skip patterns for tokenization endpoints

  • Add TypeScript type definitions for tokenization requests/responses

Diagram Walkthrough

flowchart LR
  A["Dictionary Page<br/>+page.svelte"] -->|uses| B["TableItem<br/>Component"]
  A -->|calls| C["Knowledge Base<br/>Service"]
  C -->|requests| D["Tokenizer<br/>API Endpoints"]
  E["SCSS Styles<br/>_knowledgebase.scss"] -->|styles| A
  E -->|styles| B
  F["Type Definitions<br/>commonTypes.js<br/>knowledgeTypes.js"] -->|defines| A
  F -->|defines| C
Loading

File Walkthrough
Relevant files
Enhancement
10 files
+page.svelte
New dictionary page with tokenization search                         
+374/-0 
table-item.svelte
Reusable expandable table row component                                   
+119/-0 
_knowledgebase.scss
Refined responsive styles and detail display                         
+23/-7   
knowledge-base-service.js
Add tokenizer API service methods                                               
+33/-0   
api-endpoints.js
Add tokenizer endpoint URLs                                                           
+4/-0     
knowledgeTypes.js
Add tokenization request/response types                                   
+29/-0   
commonTypes.js
Add table item configuration type                                               
+6/-0     
common.js
Add separator parameter to text split function                     
+3/-2     
+page.svelte
Update header and font size styling                                           
+2/-2     
+page.svelte
Update header and font size styling                                           
+2/-2     
Configuration changes
2 files
http.js
Skip loader for tokenization endpoints                                     
+3/-0     
svelte.config.js
Register dictionary page route                                                     
+2/-1     
Formatting
1 files
Breadcrumb.svelte
Fix indentation formatting                                                             
+1/-1     

@qodo-code-review
Copy link

qodo-code-review bot commented Dec 15, 2025
edited
Loading

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
🟢
No security concerns identified No security vulnerabilities detected by AI analysis. Human verification advised for critical code.
Ticket Compliance
🎫 No ticket provided
  • Create ticket/issue
Codebase Duplication Compliance
Codebase context is not defined

Follow the guide to enable codebase context checks.

Custom Compliance
🟢
Generic: Meaningful Naming and Self-Documenting Code

Objective: Ensure all identifiers clearly express their purpose and intent, making code
self-documenting

Status: Passed

Learn more about managing compliance generic rules or creating your own custom rules

🔴
Generic: Robust Error Handling and Edge Case Management

Objective: Ensure comprehensive error handling that provides meaningful context and graceful
degradation

Status:
Missing error handling: The tokenization request failure path only logs the error and resets totalDataCount
without setting UI error state (e.g., isError/errorText) or providing actionable context
to the user.

Referred Code 
function getTokenizeResult() {
    return new Promise((resolve, reject) => {
        const request = {
            text: util.trim(text),
            provider: selectedTokenizer,
            options: {
                data_providers: selectedDataLoaders?.length > 0 ? selectedDataLoaders : null
            }
        };

        tokenize(request).then(res => {
            items = res?.results || [];
            totalDataCount = items.length;
            resolve(res);
        }).catch(err => {
            totalDataCount = null;
            console.log(err);
            reject(err);
        });
    });

Learn more about managing compliance generic rules or creating your own custom rules

Generic: Secure Logging Practices

Objective: To ensure logs are useful for debugging and auditing without exposing sensitive
information like PII, PHI, or cardholder data.

Status:
Insecure console logging: The new code logs raw errors using console.log(err), which is unstructured and may leak
sensitive request/context data in client-accessible logs.

Referred Code 
}).catch(err => {
    totalDataCount = null;
    console.log(err);
    reject(err);
});

Learn more about managing compliance generic rules or creating your own custom rules

Generic: Comprehensive Audit Trails

Objective: To create a detailed and reliable record of critical system actions for security analysis
and compliance.

Status:
No audit logging: The new tokenization-related actions (getTokenizers, getTokenizerDataLoaders, tokenize) do
not show any audit logging and it is not verifiable from the diff whether the backend
records user/action context for these operations.

Referred Code 
export async function getTokenizers() {
    const url = endpoints.tokenizersUrl;
    const response = await axios.get(url);
    return response.data;
}

/**
 * @returns {Promise<string[]>}
 */
export async function getTokenizerDataLoaders() {
    const url = endpoints.tokenizerDataLoadersUrl;
    const response = await axios.get(url);
    return response.data;
}

/**
 * @param {import('$knowledgeTypes').TokenizeRequest} request
 * @returns {Promise<import('$knowledgeTypes').TokenizeResponse>}
 */
export async function tokenize(request) {
    const url = endpoints.tokenizeUrl;


 ... (clipped 5 lines)

Learn more about managing compliance generic rules or creating your own custom rules

Generic: Secure Error Handling

Objective: To prevent the leakage of sensitive system information through error messages while
providing sufficient detail for internal debugging.

Status:
Error details exposed: Client-side console.log(err) may expose internal error details to end-users via browser
console, and it is unclear whether err contains sensitive backend information.

Referred Code 
}).catch(err => {
    totalDataCount = null;
    console.log(err);
    reject(err);
});

Learn more about managing compliance generic rules or creating your own custom rules

Generic: Security-First Input Validation and Data Handling

Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent
vulnerabilities

Status:
Input validation unclear: The new tokenize API call forwards user-controlled request fields directly to the backend
and the diff does not show server-side validation/authz controls, so secure handling
cannot be confirmed from this change alone.

Referred Code 
/**
 * @param {import('$knowledgeTypes').TokenizeRequest} request
 * @returns {Promise<import('$knowledgeTypes').TokenizeResponse>}
 */
export async function tokenize(request) {
    const url = endpoints.tokenizeUrl;
    const response = await axios.post(url, {
        ...request
    });
    return response.data;

Learn more about managing compliance generic rules or creating your own custom rules

  • Update
Compliance status legend 🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

@qodo-code-review
Copy link

qodo-code-review bot commented Dec 15, 2025
edited
Loading

PR Code Suggestions ✨

Explore these optional code suggestions:

CategorySuggestion                                                                                                                                    Impact
Possible issue
Prevent unexpected rendering for primitives

Add a check to ensure item[detailKey] is a non-null object before using
Object.keys() to prevent incorrect rendering when the value is a primitive type.

src/routes/page/knowledge-base/common/table/table-item.svelte [105-112]

 {:else}
-    {#each Object.keys(item[detailKey]) as key, idx (idx)}
-        <li class="more-detail-item wrappable">
-            <span>{splitTextByCase(key)}: </span>
-            <span>{item[detailKey][key]}</span>
-        </li>
-    {/each}
+    {#if typeof item[detailKey] === 'object' && item[detailKey] !== null}
+        {#each Object.keys(item[detailKey]) as key, idx (idx)}
+            <li class="more-detail-item wrappable">
+                <span>{splitTextByCase(key)}: </span>
+                <span>{item[detailKey][key]}</span>
+            </li>
+        {/each}
+    {/if}
 {/if}
  • Apply / Chat
Suggestion importance[1-10]: 7

__

Why: The suggestion correctly identifies a potential runtime issue where iterating over a primitive value would lead to unexpected UI behavior, and proposes a robust check to prevent it.

Medium
High-level
Relocate the reusable component for discoverability

The new table-item.svelte component is reusable but located in a
feature-specific directory. It should be moved to a shared location like
src/lib/components/ to improve discoverability and project structure.

Examples:

src/routes/page/knowledge-base/common/table/table-item.svelte [1-119] 
<script>
    import { Button } from "@sveltestrap/sveltestrap";
    import { fly } from 'svelte/transition';
	import Loader from "$lib/common/Loader.svelte";
    import JSONTree from 'svelte-json-tree';
	import { formatObject, splitTextByCase } from "$lib/helpers/utils/common";

    /** @type {any} */
    export let item;


 ... (clipped 109 lines)

Solution Walkthrough:

Before:

src/
└── routes/
    └── page/
        └── knowledge-base/
            ├── common/
            │   └── table/
            │       └── table-item.svelte  # Reusable component
            └── dictionary/
                └── +page.svelte           # Uses table-item.svelte

After:

src/
├── lib/
│   └── components/              # Or another shared directory
│       └── table-item.svelte    # Reusable component moved here
└── routes/
    └── page/
        └── knowledge-base/
            └── dictionary/
                └── +page.svelte   # Now imports from /lib/components
Suggestion importance[1-10]: 6

__

Why: The suggestion correctly identifies a project structure issue by pointing out that a reusable component, table-item.svelte, is placed in a feature-specific directory, which hinders discoverability and future reuse.

Low
General
Simplify state handling in catch block

In the catch block of getTokenizerProviders, simplify the state reset by setting
selectedTokenizer directly to null instead of deriving undefined from an empty
tokenizers array.

src/routes/page/knowledge-base/dictionary/+page.svelte [140-153]

 function getTokenizerProviders() {
 		return new Promise((resolve, reject) => {
 			getTokenizers().then(res => {
 				const retProviders = res?.map(x => ({  label: x, value: x })) || [];
 				tokenizers = [ ...retProviders ];
 				selectedTokenizer = tokenizers[0]?.value;
 				resolve(res);
 			}).catch(err => {
 				tokenizers = [];
-				selectedTokenizer = tokenizers[0]?.value;
+				selectedTokenizer = null;
 				reject(err);
 			});
 		});
 	}
  • Apply / Chat
Suggestion importance[1-10]: 4

__

Why: The suggestion correctly identifies redundant code in the catch block and proposes a cleaner way to reset the state, improving code clarity and maintainability.

Low
  • Update

@iceljc iceljc merged commit 7664ede into SciSharp:main Dec 17, 2025
1 of 2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

Review effort 3/5

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@iceljc