Conversation
gearnode
force-pushed
the
add-new-provider-embdeding
branch
from
0f113e7 to
895aacc
Compare
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
7 issues found across 24 files
Prompt for AI agents (unresolved issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="pkg/llm/openai/embedding_test.go">
<violation number="1" location="pkg/llm/openai/embedding_test.go:44">
P2: Avoid `require.NoError` inside the `httptest` handler goroutine; use a non-`FailNow` assertion there.
(Based on your team's feedback about only flagging `require`/`FailNow` misuse inside goroutines.) [FEEDBACK_USED]</violation>
</file>
<file name="pkg/llm/bedrock/provider_test.go">
<violation number="1" location="pkg/llm/bedrock/provider_test.go:54">
P1: Avoid `require.*` inside `httptest` handlers; use non-terminating assertions and return from the handler on failure.
(Based on your team's feedback about not using `FailNow`-style assertions from non-test goroutines.) [FEEDBACK_USED]</violation>
<violation number="2" location="pkg/llm/bedrock/provider_test.go:295">
P2: Check and assert the JSON decode error before accessing decoded fields to avoid panic-based test failures.</violation>
</file>
<file name="pkg/llm/ollama/provider_test.go">
<violation number="1" location="pkg/llm/ollama/provider_test.go:44">
P2: Avoid `require.*` inside `httptest` handlers; use non-`FailNow` assertions (or explicit error + return) because handlers run in separate goroutines.
(Based on your team's feedback about `require`/`FailNow` misuse inside goroutines.) [FEEDBACK_USED]</violation>
</file>
<file name="pkg/llm/anthropic/provider_test.go">
<violation number="1" location="pkg/llm/anthropic/provider_test.go:45">
P2: Avoid `require.*` inside `httptest` handlers; use non-`FailNow` assertions (or explicit error handling) because handlers run in separate goroutines.
(Based on your team's feedback about only flagging `FailNow` misuse in non-test goroutines.) [FEEDBACK_USED]</violation>
</file>
<file name="pkg/llm/perplexity/provider.go">
<violation number="1" location="pkg/llm/perplexity/provider.go:138">
P1: `buildParams` silently ignores request options like stop sequences, tools, tool choice, and response format, so caller intent is dropped for this provider.</violation>
<violation number="2" location="pkg/llm/perplexity/provider.go:154">
P1: Tool-calling conversation state is lost because `buildMessages` omits assistant tool calls and `RoleTool` messages.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
Contributor
There was a problem hiding this comment.
5 issues found across 5 files (changes from recent commits).
Prompt for AI agents (unresolved issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="pkg/llm/ollama/provider_test.go">
<violation number="1" location="pkg/llm/ollama/provider_test.go:44">
P2: Use `require.NoError` here so the test stops before unsafe request-field type assertions when JSON decode fails.</violation>
<violation number="2" location="pkg/llm/ollama/provider_test.go:274">
P2: Keep this as `require.True` so the test aborts before calling `Flush()` on a non-flusher response writer.</violation>
<violation number="3" location="pkg/llm/ollama/provider_test.go:405">
P2: Use `require.Len` before fixed-index access to avoid panics and keep failures attributable to the actual length mismatch.</violation>
</file>
<file name="pkg/llm/anthropic/provider_test.go">
<violation number="1" location="pkg/llm/anthropic/provider_test.go:171">
P2: Use a guard when asserting `system` length before indexing `system[0]`; the current non-fatal assert can lead to panic.</violation>
<violation number="2" location="pkg/llm/anthropic/provider_test.go:178">
P2: Guard the `messages` length assertion before indexing `messages[0]` to avoid index-out-of-range panic in the test handler.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
gearnode
force-pushed
the
add-new-provider-embdeding
branch
from
2cf3946 to
badbd87
Compare
gearnode
force-pushed
the
add-new-provider-embdeding
branch
from
badbd87 to
d5879d9
Compare
codenem
approved these changes
Mar 30, 2026
SachaProbo
force-pushed
the
add-new-provider-embdeding
branch
from
d5879d9 to
2c4665a
Compare
SafeRedirect previously matched against a single static host string, so OIDC callbacks always fell back to the console instead of redirecting back to compliance pages on custom domains. Refactor AllowedHost into a dynamic AllowedHostFunc and wire a trust-service lookup into the connect handler so custom domain hosts are accepted. Signed-off-by: Bryan Frimin <bryan@getprobo.com>
gearnode
force-pushed
the
add-new-provider-embdeding
branch
from
2c4665a to
419c93f
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary by cubic
Fixes compliance page login redirects to custom domains by making redirect host checks dynamic and validating against Trust service domains. OIDC/SAML callbacks now return users to the correct custom domain instead of falling back to the console.
pkg/saferedirect: addedAllowedHostFunc,New, andStaticHosts;ValidateandGetSafeRedirectURLnow takecontext.Context.pkg/server/api/api.go: builds aSafeRedirectthat allowscfg.BaseURL.Host()and any host found via Trust (GetByDomainName).StaticHostsfor base URL and OAuth provider hosts (slack.com,accounts.google.com).ContinueviaValidate(ctx, ...).Written for commit 419c93f. Summary will update on new commits.