Streamlit with text query#72
Conversation
CI Pipeline
Add virtual environment setup instructions
Feature/dockerization
Prompt engineering framework
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| name: Lint, type-check, and tests | ||
| runs-on: ubuntu-latest | ||
| timeout-minutes: 45 | ||
|
|
||
| defaults: | ||
| run: | ||
| shell: bash -l {0} # login shell so conda is available | ||
|
|
||
| steps: | ||
| - name: Checkout | ||
| uses: actions/checkout@v4 | ||
|
|
||
| # Set up a fast conda with mamba and create env from environment.yml | ||
| - name: Set up Miniforge (Conda + Mamba) | ||
| uses: conda-incubator/setup-miniconda@v3 | ||
| with: | ||
| auto-update-conda: true | ||
| miniforge-version: latest | ||
| activate-environment: baio | ||
| environment-file: environment.yml | ||
| use-mamba: true | ||
| auto-activate-base: false | ||
|
|
||
| # Optional: cache the conda package cache for faster solves | ||
| - name: Cache conda pkgs | ||
| uses: actions/cache@v4 | ||
| with: | ||
| path: ~/.conda/pkgs | ||
| key: ${{ runner.os }}-conda-${{ hashFiles('environment.yml') }} | ||
| restore-keys: | | ||
| ${{ runner.os }}-conda- | ||
|
|
||
| - name: Show tool versions | ||
| run: | | ||
| python --version | ||
| which python | ||
| pip --version || true | ||
| conda info | ||
| conda list | head -n 50 || true | ||
|
|
||
| # Ensure CI tooling is present (in case it's not pinned in environment.yml) | ||
| - name: Install CI tools (pre-commit, mypy, pytest, build) | ||
| run: | | ||
| python -m pip install --upgrade pip | ||
| pip install pre-commit mypy pytest build | ||
|
|
||
| - name: Pre-commit (formatting & lint) | ||
| run: pre-commit run --all-files | ||
|
|
||
| - name: Type check (mypy) | ||
| run: | | ||
| # Adjust the paths to match your code layout | ||
| mypy metaseq app | ||
|
|
||
| - name: Run unit tests (pytest) | ||
| env: | ||
| PYTHONWARNINGS: default | ||
| run: | | ||
| # Run tests if they exist, otherwise just report | ||
| if [ -d "tests" ] && [ -n "$(find tests -name 'test_*.py' -o -name '*_test.py')" ]; then | ||
| pytest -q --maxfail=1 --disable-warnings | ||
| else | ||
| echo "No tests found - skipping test execution" | ||
| fi | ||
|
|
||
| # If a pyproject.toml exists, verify that the project builds | ||
| - name: Verify packaging (pyproject) | ||
| if: hashFiles('pyproject.toml') != '' | ||
| run: | | ||
| python -m build | ||
| ls -lah dist | ||
|
No newline at end of file |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 6 months ago
The problem is that the workflow does not explicitly set the permissions for the GITHUB_TOKEN, so it defaults to potentially overly permissive settings. To fix this, you should add a permissions block at either the root of the workflow (above jobs:) or at the job level if job-specific permissions are needed. In this case, contents: read is likely all that is necessary, as the job only reads source code and does not perform any actions that require write access. Add the following block above the jobs: key (and beneath any existing top-level workflow settings such as name, on, concurrency):
permissions:
contents: readNo additional imports, methods, or dependencies are required, and all changes should be made within the shown .github/workflows/ci.yml snippet.
| @@ -11,6 +11,8 @@ | ||
| group: ci-${{ github.workflow }}-${{ github.ref }} | ||
| cancel-in-progress: true | ||
|
|
||
| permissions: | ||
| contents: read | ||
| jobs: | ||
| lint-and-test: | ||
| name: Lint, type-check, and tests |
5 participants
Fixes #60
What was changed?
A Streamlit-based front-end was added to the application, enabling users to interact with the assistant through a web interface. The new streamlit_app.py manages user inputs, displays responses, and keeps track of conversation history.
Why was it changed?
To provide a user-friendly way to test and engage with the assistant, transforming backend functionality into a practical, accessible prototype.*
How was it changed?
*- Created the Streamlit app to handle input, output, and session state.
Connected existing LLM response logic to the UI for real-time interaction.
Added validation and error handling for smoother user experience.
Designed UI components to display conversation history and allow continuous chat flow.*