Skip to content

Port aap_chatbot changes to ansible_ai_connect_chatbot#1602

Merged
TamiTakamiya merged 2 commits intomainfrom
TamiTakamiya/port-aap-chatbot-changes-to-cloud-version
Apr 4, 2025
Merged

Port aap_chatbot changes to ansible_ai_connect_chatbot#1602
TamiTakamiya merged 2 commits intomainfrom
TamiTakamiya/port-aap-chatbot-changes-to-cloud-version

Conversation

@TamiTakamiya
Copy link
Contributor

Jira Issue: n/a

Description

Some chatbot-related PRs updated codes under /aap_chatbot. If they are not specific to AAP-integration environment, they should be ported to the codes under /ansible_ai_connect_chatbot as well.

This PR ports the following three AAP chatbot PRs:

Testing

Steps to test

  1. Pull down the PR
  2. Run unit test

Scenarios tested

Unit tests + manual tests using local server.

Production deployment

  • This code change is ready for production on its own
  • This code change requires the following considerations before going to production:

@github-actions
Copy link

github-actions bot commented Apr 3, 2025

# npm audit report

prismjs  <1.30.0
Severity: moderate
PrismJS DOM Clobbering vulnerability - https://github.com/advisories/GHSA-x7hr-w5r2-h6wg
No fix available
node_modules/refractor/node_modules/prismjs
  refractor  <=4.6.0
  Depends on vulnerable versions of prismjs
  node_modules/refractor
    react-syntax-highlighter  >=6.0.0
    Depends on vulnerable versions of refractor
    node_modules/react-syntax-highlighter
      @patternfly/chatbot  *
      Depends on vulnerable versions of react-syntax-highlighter
      node_modules/@patternfly/chatbot

vite  6.2.0 - 6.2.3
Severity: moderate
Vite has a `server.fs.deny` bypassed for `inline` and `raw` with `?import` query - https://github.com/advisories/GHSA-4r4m-qw57-chr8
fix available via `npm audit fix`
node_modules/vite

5 moderate severity vulnerabilities

To address issues that do not require attention, run:
  npm audit fix

Some issues need review, and may require choosing
a different dependency.

@TamiTakamiya TamiTakamiya force-pushed the TamiTakamiya/port-aap-chatbot-changes-to-cloud-version branch from 161dc1a to 8eece14 Compare April 4, 2025 16:43
@github-actions
Copy link

github-actions bot commented Apr 4, 2025

# npm audit report

prismjs  <1.30.0
Severity: moderate
PrismJS DOM Clobbering vulnerability - https://github.com/advisories/GHSA-x7hr-w5r2-h6wg
No fix available
node_modules/refractor/node_modules/prismjs
  refractor  <=4.6.0
  Depends on vulnerable versions of prismjs
  node_modules/refractor
    react-syntax-highlighter  >=6.0.0
    Depends on vulnerable versions of refractor
    node_modules/react-syntax-highlighter
      @patternfly/chatbot  *
      Depends on vulnerable versions of react-syntax-highlighter
      node_modules/@patternfly/chatbot

4 moderate severity vulnerabilities

Some issues need review, and may require choosing
a different dependency.

@sonarqubecloud
Copy link

sonarqubecloud bot commented Apr 4, 2025

@TamiTakamiya TamiTakamiya marked this pull request as ready for review April 4, 2025 17:07
@TamiTakamiya
Copy link
Contributor Author

Although I am aware of the failure with npm audit, there seems no fix available now.

Current working directory: /home/runner/work/ansible-ai-connect-service/ansible-ai-connect-service/ansible_ai_connect_chatbot
# npm audit report

prismjs  <1.30.0
Severity: moderate
PrismJS DOM Clobbering vulnerability - https://github.com/advisories/GHSA-x7hr-w5r2-h6wg
No fix available
node_modules/refractor/node_modules/prismjs
  refractor  <=4.6.0
  Depends on vulnerable versions of prismjs
  node_modules/refractor
    react-syntax-highlighter  >=6.0.0
    Depends on vulnerable versions of refractor
    node_modules/react-syntax-highlighter
      @patternfly/chatbot  *
      Depends on vulnerable versions of react-syntax-highlighter
      node_modules/@patternfly/chatbot

4 moderate severity vulnerabilities

Some issues need review, and may require choosing
a different dependency.

Error: This repo has some vulnerabilities

@TamiTakamiya TamiTakamiya merged commit e2b9d6d into main Apr 4, 2025
10 of 11 checks passed
@TamiTakamiya TamiTakamiya deleted the TamiTakamiya/port-aap-chatbot-changes-to-cloud-version branch April 4, 2025 20:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants