add AI docs integration.

[vLuckyyy]

No description provided.

[netlify]

✅ Deploy Preview for eternalcodeteam-website ready!

Name	Link
🔨 Latest commit	c809436
🔍 Latest deploy log	https://app.netlify.com/projects/eternalcodeteam-website/deploys/69a4cf39ed6eb7000844060a
😎 Deploy Preview	https://deploy-preview-238--eternalcodeteam-website.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
Lighthouse	1 paths audited Performance: 82 (🔴 down 2 from production) Accessibility: 96 (no change from production) Best Practices: 83 (🔴 down 17 from production) SEO: 100 (no change from production) PWA: 90 (no change from production) View the detailed breakdown and full score reports

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[chatgpt-codex-connector]

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.
To continue using code reviews, you can upgrade your account or add credits to your account and enable them for code reviews in your settings.

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the documentation experience by integrating an AI-powered assistant. It provides users with a conversational interface to find answers within the documentation, backed by a robust system for processing and indexing content using vector embeddings. The changes span from new API routes and UI components to backend utilities for content chunking and embedding generation, ensuring a seamless and intelligent search capability.

Highlights

• AI Documentation Integration: Introduced a new AI-powered documentation assistant, enabling users to query documentation using natural language.
• API Endpoint for AI Queries: Added a new API route (/api/ai/query) to handle AI questions, including rate limiting, input sanitization, and integration with OpenAI for embeddings and chat completions.
• Interactive AI Chat UI: Implemented a floating AI chat button and a chat panel component, providing a user-friendly interface for interacting with the documentation assistant.
• Documentation Vector Indexing: Developed a system for chunking Markdown documentation, generating embeddings using OpenAI, and creating a vector index for efficient similarity search.
• Build Process Updates: Modified the build scripts and configuration to automatically generate and update the documentation vector index during the build process.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Changelog

• app/api/ai/query/route.ts
  • Added a new API route for AI documentation queries, including rate limiting, input sanitization, context building, and OpenAI integration.
• app/docs/(content)/layout.tsx
  • Integrated the AiChatButton component into the documentation layout.
• bun.lock
  • Updated dependencies to include openai.
• components/ai/ai-chat-button.tsx
  • Added a new React component for a floating AI chat button with animation and portal rendering.
• components/ai/ai-chat-panel.tsx
  • Added a new React component for the AI chat panel, displaying messages, suggested questions, and handling chat state.
• components/ai/ai-input.tsx
  • Added a new React component for the AI chat input field with send functionality and dynamic resizing.
• components/ai/ai-message.tsx
  • Added a new React component to display individual AI chat messages, including user/assistant roles, streaming indicators, and source links.
• components/docs/content/copy-page-button.tsx
  • Added a new React component for copying page content as Markdown and opening pages in external LLMs (ChatGPT, Claude).
• hooks/use-ai-chat.ts
  • Added a new React hook for managing AI chat state, sending messages, and handling API responses.
• lib/ai/chunker.ts
  • Added a new utility for chunking Markdown content into smaller, embeddable pieces, including markdown stripping and heading-based sectioning.
• lib/ai/embeddings.ts
  • Added new utility functions for calculating cosine similarity and retrieving top-K similar chunks from a vector index.
• lib/ai/types.ts
  • Added new TypeScript type definitions for AI-related data structures like VectorChunk, VectorIndex, AiSource, AiQueryRequest, AiQueryResponse, and ChatMessage.
• lib/ai/vector-store.ts
  • Added new utility functions for loading and invalidating the vector index from a JSON file.
• netlify.toml
  • Updated the build command to include the build:index script.
• next.config.mjs
  • Updated serverExternalPackages to include openai.
• package.json
  • Added a new build:index script and openai dependency.
• scripts/build-vector-index.ts
  • Added a new script to build the vector index by finding MDX files, chunking their content, generating embeddings using OpenAI, and saving the index and manifest.

Activity

• No human activity has been recorded on this pull request yet.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces an AI-powered documentation assistant, a significant new feature, implementing a new API route for queries, React components, a custom hook for state management, and a build script for vector embeddings. The code is generally well-structured, especially the build script which cleverly uses a manifest to avoid re-embedding unchanged documents. However, critical security vulnerabilities were identified in the API route: the IP address identification for rate limiting is vulnerable to spoofing via the X-Forwarded-For header, and the user's question is directly concatenated into the LLM prompt without sufficient protection against prompt injection. Furthermore, the current rate-limiting strategy is not suitable for a serverless environment. Additionally, there are medium-severity opportunities for improvement regarding unique ID generation and code cleanliness.

[gemini-code-assist]

The current rate-limiting implementation uses an in-memory Map. This approach is not effective in a serverless environment (like Vercel) where each request might be handled by a different, short-lived function instance. Each instance would have its own rateLimitMap, allowing users to bypass the rate limit by making subsequent requests that are routed to different instances.

For robust rate limiting, consider using a centralized store like Redis (e.g., with Upstash) to share rate-limiting state across all serverless instances.

[gemini-code-assist]

The application attempts to identify the client's IP address for rate limiting by checking the x-forwarded-for header before x-real-ip. Furthermore, it takes the first element of the x-forwarded-for header. This allows an attacker to spoof their IP address by providing a custom X-Forwarded-For header, effectively bypassing the rate limit. Since this API endpoint interacts with OpenAI, bypassing rate limits could lead to increased costs or denial of service.

Suggested change

	const ip =
	req.headers.get("x-forwarded-for")?.split(",")[0]?.trim() ??
	req.headers.get("x-real-ip") ??
	"unknown";
	const ip =
	req.headers.get("x-real-ip") ??
	req.headers.get("x-forwarded-for")?.split(",").at(-1)?.trim() ??
	"unknown";

[gemini-code-assist]

Untrusted user input from the question field is directly concatenated into the LLM prompt. While there is a sanitizeInput function, it only removes control characters and does not prevent prompt injection attacks. An attacker could craft a question that manipulates the LLM's behavior, potentially bypassing the documentation-only rules or leaking the system prompt contents.

[gemini-code-assist]

The generateId function uses Math.random(), which is not guaranteed to produce cryptographically secure or sufficiently unique identifiers. While collisions are unlikely for this specific use case, it's better practice to use a more robust method for generating unique IDs. The Web Crypto API's crypto.randomUUID() is a modern, standard, and secure way to generate unique IDs in the browser.

Suggested change

	function generateId(): string {
	return Math.random().toString(36).slice(2, 9);
	}
	function generateId(): string {
	return crypto.randomUUID();
	}

[gemini-code-assist]

The variable _category is assigned a value but is never used. It should be removed to improve code clarity and avoid confusion.