feat: add published report assistant and charts#29
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
|
Warning Review limit reached
Next review available in: 8 minutes Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available. How can I continue?After more reviews become available, a review can be triggered using the To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews. How do review limits work?CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability. For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window. Please refer docs for additional details. Review details⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (13)
📝 WalkthroughWalkthroughAdds an AI-powered report assistant backed by OpenAI to published quarter report pages, along with static report charts. Extends ChangesDev Proxy Setup
Report Assistant & Charts
Sequence Diagram(s)sequenceDiagram
participant User
participant ReportAssistant
participant AssistantRoute as POST /assistant
participant planReportAssistantQuery
participant executeReportAssistantPlan
User->>ReportAssistant: Submit prompt
ReportAssistant->>ReportAssistant: Client-side prompt validation
ReportAssistant->>AssistantRoute: POST { prompt }
AssistantRoute->>AssistantRoute: Auth + rate limit check
AssistantRoute->>AssistantRoute: guardReportAssistantPrompt
AssistantRoute->>planReportAssistantQuery: sanitized prompt
planReportAssistantQuery->>planReportAssistantQuery: Deterministic/unsupported heuristics
planReportAssistantQuery-->>AssistantRoute: ReportAssistantPlan (or OpenAI call)
AssistantRoute->>executeReportAssistantPlan: plan + quarter + report
executeReportAssistantPlan-->>AssistantRoute: ReportAssistantResponse
AssistantRoute-->>ReportAssistant: JSON response
ReportAssistant->>ReportAssistant: Prepend to answers, update localStorage pins
ReportAssistant-->>User: Render AssistantCard
Estimated code review effort🎯 5 (Critical) | ⏱️ ~120 minutes Possibly related PRs
Poem
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Pull request overview
Adds an AI-powered “Report Assistant” experience for published quarter reports (API + UI) and introduces new report charts, alongside small dev/proxy configuration updates and improved admin publishing feedback.
Changes:
- Added a new report assistant backend pipeline (prompt guard → OpenAI planning → validated plan execution over published report data).
- Added new report UI components for assistant Q&A (with pinning) and new chart visuals, wired into the quarter report page.
- Improved local dev ergonomics (allowed dev origins + proxy-friendly dev script) and enhanced quarter publishing UX with
useActionState.
Reviewed changes
Copilot reviewed 16 out of 16 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| src/lib/report-assistant/types.ts | Defines assistant intents, plan, and response payload types. |
| src/lib/report-assistant/query-validator.ts | Validates/normalizes the planned query structure coming from the planner. |
| src/lib/report-assistant/query-executor.ts | Executes validated assistant plans against QuarterReportData to produce answers/tables/charts. |
| src/lib/report-assistant/prompt-guard.ts | Sanitizes/blocks unsafe or irrelevant prompts and enforces length limits. |
| src/lib/report-assistant/openai-planner.ts | Uses OpenAI Responses API to turn prompts into structured assistant plans (with deterministic shortcuts). |
| src/lib/quarter-report.ts | Extends quarter report data shape (expense breakdown + raid economics) used by new UI/assistant features. |
| src/components/reports/report-charts.tsx | Adds new chart components to visualize quarter flow, outflow mix, and top raids. |
| src/components/reports/report-assistant.tsx | Adds the client-side assistant UI with suggested prompts, tables/charts rendering, and pinned responses. |
| src/app/reports/quarters/[id]/page.tsx | Integrates the new charts and assistant into the published quarter report page. |
| src/app/api/reports/quarters/[id]/assistant/route.ts | Implements the assistant API endpoint (authz, prompt guard, plan, execute, basic rate limit, logging). |
| src/app/admin/quarters/publish-quarter-confirmation.tsx | Refactors publish confirmation modal to use useActionState and surface errors/pending state. |
| src/app/admin/quarters/actions.ts | Adds a stateful action wrapper returning {saved,error} for useActionState. |
| README.md | Documents dev/proxy workflow and configuration for allowed dev origins. |
| package.json | Adds dev:proxy script for proxy-friendly dev server settings. |
| next.config.ts | Adds allowedDevOrigins configuration from env. |
| .env.example | Documents new env vars (allowed dev origins + OpenAI configuration). |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Actionable comments posted: 9
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@README.md`:
- Around line 29-45: The proxy connection target in the README is inconsistent
with the dev server binding used by dev:proxy. Update the documented host
reference to match the actual bind address, or change the package.json dev:proxy
script to bind to localhost instead; keep the README and the dev server
definition aligned by referencing the same host in both places.
In `@src/app/admin/quarters/actions.ts`:
- Around line 257-264: The catch in updateQuarterStatus is mapping every thrown
Error into QuarterStatusFormState, which hides non-validation failures. Update
the updateQuarterStatus/formData flow to only convert known business-rule
failures into the returned form state, and rethrow unexpected errors so DB,
audit, or runtime issues are not treated as normal validation errors.
In `@src/app/api/reports/quarters/`[id]/assistant/route.ts:
- Around line 15-33: The current rate limiting in checkRateLimit uses an
in-memory Map, which is only per process and can be bypassed across instances.
Replace the local rateLimits store in this route with a shared backend-backed
limiter keyed by wallet + quarter, and update the checkRateLimit flow in the
assistant route to read/write through that shared store before allowing OpenAI
access.
- Around line 89-91: The error handling in the assistant route is leaking
internal planner/provider details through errorResponse, so update the logic in
the route handler to only return explicit validation or rate-limit messages to
clients. In the relevant error mapping around errorResponse, treat known
rate-limit cases as 429, return user-safe validation messages when intentionally
thrown, and map all other unexpected errors from the assistant/planner flow to a
generic 500 response instead of error.message.
- Around line 69-86: The report assistant logs in the route handler are exposing
a persistent user identifier via actorWalletAddress. Update the logging in the
query and error paths in the assistant route to avoid raw wallet addresses by
redacting, hashing, or omitting the value entirely. Keep the existing
report_assistant_query and report_assistant_error logging structure, but replace
the direct session.address usage with a non-identifying representation.
In `@src/components/reports/report-assistant.tsx`:
- Around line 38-48: `getStoredPinnedResponses` currently returns any parsed
array as `ReportAssistantResponse[]`, so malformed localStorage entries can
later break `getResponseKey()` or `AssistantCard` rendering. Update this
function in `report-assistant.tsx` to validate each parsed item with a runtime
guard before returning it, filtering out entries missing required fields like
`plan` or `provenance` and only storing validated responses in state.
In `@src/lib/report-assistant/openai-planner.ts`:
- Around line 195-236: Add a request timeout to the OpenAI planner fetch so the
assistant route cannot hang indefinitely. In openai-planner.ts, update the
response request around the fetch call to use an AbortController (or equivalent
timeout helper) and pass its signal into the OpenAI request, then clear the
timer afterward. If the timeout fires, abort the request and return a controlled
planner error from the same flow that handles fetch failures so callers get a
predictable response instead of waiting for platform aborts.
In `@src/lib/report-assistant/query-executor.ts`:
- Around line 216-224: The monthly breakdown sorting in
summarizeCategoriesByMonth currently orders all results by value, which is only
correct when selecting a single winner. Update the sorting logic so
revenue_by_month and expenses_by_month with limit === 1 keep the value-based
descending sort, but when limit is null or greater than 1, return results in
chronological monthKey order instead. Make the change in
summarizeCategoriesByMonth and apply the same rule to the related monthly result
handling around the referenced block so the month breakdown remains
chronological.
- Around line 403-439: Handle the expenses-by-category query before the generic
fallback aggregation in query-executor’s category summary logic, so
`expenses_by_category` does not reuse `REPORT_TOTAL_CATEGORIES` and return
revenue-style rows. Update the branching in `query-executor.ts` around the
category table construction to route `expenses_by_category` to its own
expense-only category mapping/labels first, then keep the existing fallback for
other category questions. Use the existing symbols `REPORT_TOTAL_CATEGORIES`,
`getCategoryLabel`, and the `makeResponse`/`chartFromRows` flow to keep the fix
localized.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: cf7b8fbf-ce29-470c-9d13-cf94f6e1bc14
📒 Files selected for processing (16)
.env.exampleREADME.mdnext.config.tspackage.jsonsrc/app/admin/quarters/actions.tssrc/app/admin/quarters/publish-quarter-confirmation.tsxsrc/app/api/reports/quarters/[id]/assistant/route.tssrc/app/reports/quarters/[id]/page.tsxsrc/components/reports/report-assistant.tsxsrc/components/reports/report-charts.tsxsrc/lib/quarter-report.tssrc/lib/report-assistant/openai-planner.tssrc/lib/report-assistant/prompt-guard.tssrc/lib/report-assistant/query-executor.tssrc/lib/report-assistant/query-validator.tssrc/lib/report-assistant/types.ts
This pull request adds a new "Report Assistant" feature for published quarter reports, allowing users to ask questions and receive AI-generated analyses and rankings. It also introduces environment/configuration changes to support development behind HTTPS proxies, and improves the admin flow for publishing quarters with better error handling and feedback.
Key changes:
1. Report Assistant Feature
/api/reports/quarters/[id]/assistantAPI route, which authenticates the user, validates the quarter, rate-limits requests, and provides AI-powered responses to report-related prompts. (src/app/api/reports/quarters/[id]/assistant/route.tsR1-R94)ReportAssistantReact component that lets users ask questions about published reports, view suggested prompts, see answers with charts/tables, and pin favorite responses (persisted in localStorage).ReportAssistantcomponent into the published quarter report page, making it available only for published reports. (src/app/reports/quarters/[id]/page.tsxR10-R11, src/app/reports/quarters/[id]/page.tsxR382-R391)2. Development Environment Improvements
.env.exampleandnext.config.tsto support specifying allowed dev origins and running Next.js behind a local HTTPS proxy or remote tunnel. [1] [2]dev:proxyscript for running the dev server on a proxy-friendly port/host, and documents the setup inREADME.md. [1] [2]3. Admin Quarter Publishing UX
useActionStatefor better error handling and feedback, displaying errors to the user and closing the modal on success. [1] [2] [3] [4] [5]Summary by CodeRabbit
New Features
Bug Fixes