-
Notifications
You must be signed in to change notification settings - Fork 1
Refactor App.tsx, fix MathEvaluator, and optimize bundles #10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -596,7 +596,7 @@ ipcMain.on('open-settings', () => { | |
| preload: path.join(__dirname, 'preload.js'), | ||
| nodeIntegration: false, | ||
| contextIsolation: true, | ||
| webSecurity: false, | ||
| webSecurity: true, | ||
| }, | ||
| }) | ||
|
|
||
|
|
@@ -614,6 +614,24 @@ ipcMain.on('open-settings', () => { | |
| }) | ||
| }) | ||
|
|
||
|
|
||
| ipcMain.handle('openai-chat', async (_, { model, messages, apiKey, baseURL }) => { | ||
| try { | ||
| const OpenAI = (await import('openai')).default | ||
| const openai = new OpenAI({ | ||
| apiKey: apiKey || 'dummy', | ||
| baseURL: baseURL || undefined, | ||
| }) | ||
| const completion = await openai.chat.completions.create({ | ||
| model: model, | ||
| messages: messages, | ||
| }) | ||
| return completion | ||
| } catch (error: any) { | ||
| throw new Error(error.message || 'Unknown API Error') | ||
|
Comment on lines
+617
to
+631
Contributor
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🧩 Analysis chain🏁 Script executed: #!/bin/bash
# Description: Inspect declared TS/Node/Electron targets for ErrorOptions support.
fd -i '^(package\.json|tsconfig.*)$' -x sh -c 'echo "===== $1"; sed -n "1,220p" "$1"' sh {}Repository: VariableThe/PaperCache Length of output: 4605 🏁 Script executed: # Locate electron/main.ts file
find . -name "main.ts" -type f | head -20Repository: VariableThe/PaperCache Length of output: 85 🏁 Script executed: # Check the directory structure
ls -la electron/ 2>/dev/null || echo "No electron directory found in root"
find . -path "*/electron/main.ts" -type fRepository: VariableThe/PaperCache Length of output: 322 🏁 Script executed: # Check if there's a separate tsconfig for electron
fd -i '^tsconfig.*\.json$' | xargs cat | grep -A 5 -B 5 "electron" 2>/dev/null || echo "No electron-specific tsconfig found"Repository: VariableThe/PaperCache Length of output: 102 🏁 Script executed: # Read lines around 617-631 to verify the code
sed -n '610,640p' ./electron/main.tsRepository: VariableThe/PaperCache Length of output: 774 🏁 Script executed: # Check file size and line count
wc -l ./electron/main.tsRepository: VariableThe/PaperCache Length of output: 89 🏁 Script executed: # Check vite.config.ts for electron configuration
cat vite.config.ts 2>/dev/null || echo "Not in root"
find . -name "vite.config.ts" -type f -exec cat {} \;Repository: VariableThe/PaperCache Length of output: 1658 🏁 Script executed: # Check package.json for build process and electron handling
grep -A 5 '"build"' ./package.jsonRepository: VariableThe/PaperCache Length of output: 457 🏁 Script executed: # Check ESLint configuration
find . -name ".eslintrc*" -o -name "eslint.config.*" | xargs cat 2>/dev/nullRepository: VariableThe/PaperCache Length of output: 8847 🏁 Script executed: # Verify ErrorOptions is supported by checking if TypeScript 6.0.2 supports Error constructor with cause
python3 << 'PY'
# ES2022 and later support Error constructor with { cause } option
# TypeScript 4.6+ (2022) supports this
# The project uses TypeScript 6.0.2 and target ES2023, so ErrorOptions is fully supported
ts_version = "6.0.2"
target = "es2023"
error_options_support = True # Available since TS 4.6 and ES2022
print(f"TypeScript version: {ts_version}")
print(f"Target: {target}")
print(f"ErrorOptions ({ cause: ... }) support: {error_options_support}")
print()
print("Analysis:")
print("✓ ES2023 target supports Error constructor with cause parameter")
print("✓ TypeScript 6.0.2 supports ErrorOptions type definition")
print("✓ The proposed fix is valid and will work without fallback")
PYRepository: VariableThe/PaperCache Length of output: 262 Preserve the caught SDK error when rethrowing. The current code at lines 617-631 loses error context by catching Proposed fix ipcMain.handle('openai-chat', async (_, { model, messages, apiKey, baseURL }) => {
try {
const OpenAI = (await import('openai')).default
const openai = new OpenAI({
apiKey: apiKey || 'dummy',
baseURL: baseURL || undefined,
})
const completion = await openai.chat.completions.create({
model: model,
messages: messages,
})
return completion
- } catch (error: any) {
- throw new Error(error.message || 'Unknown API Error')
+ } catch (error: unknown) {
+ const message = error instanceof Error ? error.message : 'Unknown API Error'
+ throw new Error(message, { cause: error })
}
})Your project targets ES2023 with TypeScript 6.0.2, both of which fully support 🧰 Tools🪛 ESLint[error] 617-618: Delete (prettier/prettier) [error] 631-631: There is no (preserve-caught-error) 🤖 Prompt for AI AgentsSource: Linters/SAST tools |
||
| } | ||
| }) | ||
|
|
||
| ipcMain.on('quit-app', () => { | ||
| app.quit() | ||
| }) | ||
|
|
||
| Original file line number | Diff line number | Diff line change | ||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
@@ -6,6 +6,7 @@ contextBridge.exposeInMainWorld('electronAPI', { | |||||||||||||||
| saveNote: (id: string, content: string) => ipcRenderer.invoke('save-note', { id, content }), | ||||||||||||||||
| deleteNote: (id: string) => ipcRenderer.invoke('delete-note', id), | ||||||||||||||||
| renameNote: (oldId: string, newId: string) => ipcRenderer.invoke('rename-note', { oldId, newId }), | ||||||||||||||||
| openAIChat: (args: { model: string, messages: { role: string; content: string }[], apiKey: string, baseURL: string }) => ipcRenderer.invoke('openai-chat', args), | ||||||||||||||||
|
Contributor
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Wrap the The one-line object type is currently flagged by 🧹 Proposed formatting fix- openAIChat: (args: { model: string, messages: { role: string; content: string }[], apiKey: string, baseURL: string }) => ipcRenderer.invoke('openai-chat', args),
+ openAIChat: (args: {
+ model: string
+ messages: { role: string; content: string }[]
+ apiKey: string
+ baseURL: string
+ }) => ipcRenderer.invoke('openai-chat', args),📝 Committable suggestion
Suggested change
🧰 Tools🪛 ESLint[error] 9-9: Replace (prettier/prettier) 🤖 Prompt for AI AgentsSource: Linters/SAST tools |
||||||||||||||||
| readNote: (id: string) => ipcRenderer.invoke('read-note', id), | ||||||||||||||||
| exportNote: (filename: string, content: string) => | ||||||||||||||||
| ipcRenderer.invoke('export-note', filename, content), | ||||||||||||||||
|
|
||||||||||||||||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🧩 Analysis chain
🏁 Script executed:
Repository: VariableThe/PaperCache
Length of output: 94
🏁 Script executed:
Repository: VariableThe/PaperCache
Length of output: 456
🏁 Script executed:
Repository: VariableThe/PaperCache
Length of output: 641
🏁 Script executed:
Repository: VariableThe/PaperCache
Length of output: 1909
🏁 Script executed:
Repository: VariableThe/PaperCache
Length of output: 2313
🏁 Script executed:
Repository: VariableThe/PaperCache
Length of output: 2374
🏁 Script executed:
Repository: VariableThe/PaperCache
Length of output: 1404
🏁 Script executed:
Repository: VariableThe/PaperCache
Length of output: 656
🏁 Script executed:
Repository: VariableThe/PaperCache
Length of output: 1334
Validate the renderer-supplied
baseURLbefore creating the OpenAI client.The
baseURLat line 623 is sourced from user settings in localStorage (papercache-api-base-url) and passed directly to the OpenAI client constructor without validation. This allows an attacker to redirect API requests to arbitrary servers, leaking the API key to attacker-controlled endpoints. Add an allowlist of trusted provider origins (e.g.,https://api.openai.com/v1,https://openrouter.ai/api/v1) and validate the URL against it before use.🛡️ Suggested allowlist guard
🤖 Prompt for AI Agents