Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(brainsSettings): handle nullish value from api call #1080

Merged
merged 1 commit into from
Aug 31, 2023

Conversation

mamadoudicko
Copy link
Contributor

@mamadoudicko mamadoudicko commented Aug 31, 2023

  • handle nullish value to prevent unnecessary validation while updating brain settings

@mamadoudicko mamadoudicko temporarily deployed to preview August 31, 2023 14:14 — with GitHub Actions Inactive
@vercel
Copy link

vercel bot commented Aug 31, 2023

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
docs ✅ Ready (Inspect) Visit Preview 💬 Add feedback Aug 31, 2023 2:19pm
quivrapp ✅ Ready (Inspect) Visit Preview 💬 Add feedback Aug 31, 2023 2:19pm

@mamadoudicko mamadoudicko temporarily deployed to preview August 31, 2023 14:15 — with GitHub Actions Inactive
@github-actions
Copy link
Contributor

github-actions bot commented Aug 31, 2023

Risk Level 3 - /home/runner/work/quivr/quivr/frontend/app/brains-management/[brainId]/components/BrainManagementTabs/components/SettingsTab/hooks/useSettingsTab.ts

The code seems to be handling sensitive data such as API keys. The line setValue(\"openAiKey\", brain[\"openai_api_key\"] ?? \"\"); is setting the value of openAiKey to the openai_api_key from the brain object. If this brain object is coming from an untrusted source or if it's being logged somewhere, it could potentially expose sensitive data. Consider using secure ways to handle sensitive data.

Also, the handleSubmit function is quite large and doing a lot of things. It's updating the brain, handling errors, publishing messages, and fetching all brains. Consider breaking it down into smaller functions to improve readability and maintainability.

Lastly, the setTimeout function is being used to set the value of model after 50ms. This could potentially lead to race conditions if the model value is used elsewhere before the 50ms delay. Consider finding a way to eliminate the need for setTimeout.


🔑🔒, 📚💡, ⏱️🚫


Powered by Code Review GPT

@gozineb gozineb merged commit 47b8d69 into main Aug 31, 2023
8 checks passed
StanGirard pushed a commit that referenced this pull request Sep 12, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants