Skip to content

Refactor AI Providers #653

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

Refactor AI Providers #653

wants to merge 5 commits into from

Conversation

modelorona
Copy link
Collaborator

goal is to make it easier to extend providers, add settings for models via the UI and env variables, and prevent pre-defined providers from being deleted

@modelorona
refactor ai provider backend to make adding providers easier, add mod…
66c4b94 
…el settings configurable in UI and via environment, and allow naming of providers added via the UI
@modelorona
Refactor AI providers hook to simplify provider loading and selection…
797a09c 
… logic. Remove unnecessary mappings and ensure API keys are consistently handled. Maintain current provider selection more efficiently on updates.
@modelorona
shoudl be annoying bug where providers weren't available on restart f…
b7f3098 
…ixed. remove duplicate providers.
@modelorona
prevent duplicate provider names
f84aa68
@modelorona
add instructions for the different providers
3b3de66
@jazzberry-ai Jazzberry AI
Copy link

jazzberry-ai bot commented Oct 4, 2025
edited
Loading

An error occured.

This error may be due to rate limits. If this error persists, please email us.

@github-actions GitHub Actions
Copy link

github-actions bot commented Oct 4, 2025

Hey, leave a @claude-review comment below and I'll do a code review!

@modelorona
Copy link
Collaborator Author

@claude-review

@claude Claude
Copy link
Contributor

claude bot commented Oct 5, 2025

PR Review: Refactor AI Providers

This PR successfully refactors the AI provider system. Overall excellent work with clean architecture.

Critical Issues

1. API Key Exposure Risk (HIGH PRIORITY)

  • Location: core/graph/schema.resolvers.go:165-173, 221-229, 848-856
  • Issue: Settings are marshaled and returned without filtering sensitive fields
  • Risk: If API keys are stored in settings map, they would be exposed in GraphQL responses
  • Fix: Add sanitization to filter apiKey/api_key fields before marshaling settings

2. Ignored JSON Marshal Errors (MEDIUM)

  • Location: core/graph/schema.resolvers.go:156, 212, 839
  • Issue: Errors from json.Marshal are silently ignored
  • Fix: Handle errors with proper logging

3. Missing License Header (MEDIUM)

  • Location: core/graph/generated.go:1
  • Issue: Copyright header was removed from generated file
  • Check if code generator config needs adjustment

Medium Issues

4. Provider Persistence Missing

  • Location: core/src/llm/provider_registry.go:121, 152, 174
  • User-created providers lost on restart
  • Create follow-up issue for implementation

5. Potential Race Condition

  • Location: core/src/llm/llm_instance.go:28-65
  • Mutex unlocked before reading from provider registry
  • Consider extended lock scope or document safety

6. HTTP Resolver Changes

  • Location: core/graph/http.resolvers.go:152-197
  • Changes appear justified but against stated guidelines
  • Worth noting for future reviews

Strengths

  • Clean ProviderRegistry singleton pattern
  • Proper GraphQL-first approach
  • No SQL injection vulnerabilities
  • Plugin architecture respected
  • CE/EE separation maintained
  • Modern Go syntax throughout
  • Secure API key handling in memory

Recommendation

Approve with Changes - Solid refactor but address API key exposure before merge.

Priority:

  1. Add settings sanitization
  2. Handle marshal errors
  3. Track persistence as follow-up

Excellent architecture improvements overall!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@modelorona