Skip to content

feat: unify voice infrastructure, AI model service, and interview fixes#509

Merged
bhekanik merged 10 commits into
mainfrom
feat/unify-voice-infrastructure
Mar 7, 2026
Merged

feat: unify voice infrastructure, AI model service, and interview fixes#509
bhekanik merged 10 commits into
mainfrom
feat/unify-voice-infrastructure

Conversation

@bhekanik

@bhekanik bhekanik commented Mar 7, 2026

Copy link
Copy Markdown
Collaborator

Summary

  • Centralized AI model service with operation-based model selection and Helicone monitoring
  • AI SDK v6 migration across all AI utilities, API routes, and analysis sections
  • Inngest background functions for report generation, audio processing, and text extraction
  • Interview page crash fixes — resolved infinite render loops and WebSocket connection failures
  • Job creation improvements — default CV support, extraction streaming via SSE

Key Changes

AI Infrastructure

  • New lib/ai/models/ module: config, providers, service for centralized model selection
  • All 22+ AI files migrated from scattered model instantiation to unified service
  • Upgraded @humeai/voice-react to 0.2.14, AI SDK to v6.0.116

Interview Fixes (Critical)

  • Removed VoiceProvider from lobby page (caused "Maximum update depth exceeded" crash)
  • Fixed forceSave infinite loop in InterviewController with useRef pattern
  • Fixed WebSocket TIMEOUT: session settings now sent as WS message instead of URL query params (URL was exceeding length limits with long interview context)
  • Added 100ms connection delay to survive React Strict Mode double-mount

Inngest Functions

  • extract-file, extract-url: background text extraction
  • generate-report: parallel interview analysis sections
  • save-audio-to-s3, generate-missing-audio: audio pipeline
  • vet-review: migrated from legacy OpenAI to AI SDK
  • regenerate-incomplete-reports: scheduled cleanup

Job Creation Flow

  • Default CV save/load API endpoint
  • Extraction progress streaming via SSE
  • Server-side extraction store for progress tracking

Database

  • Added defaultCvText and defaultCvFilename columns to users table
  • Migration 0010

Testing

  • ✅ All 161 tests pass
  • ✅ Build passes
  • ✅ Linting passes
  • ✅ TypeScript checks pass

Type of Change

  • Bug fix (interview page crashes)
  • New feature (AI model service, Inngest, default CV)
  • Refactor (AI SDK v6 migration)

Checklist

  • Code follows project style guidelines
  • Self-review completed
  • Tests pass
  • Build passes

bhekanik added 9 commits March 7, 2026 11:14
@bhekanik
refactor: migrate to centralized AI model service with AI SDK v6
a118e8d 
- Add operation-based model selection (extraction, analysis, review)
- Unified Helicone monitoring across all AI providers
- Upgrade AI SDK to v6, replace LanguageModelV1 with LanguageModel
- Migrate all API routes and AI utilities to use model service
- Upgrade @humeai/voice-react to 0.2.14
@bhekanik
feat: add Inngest background functions for report generation and audio
138e09b 
- Extract-file and extract-url Inngest functions
- Generate-report with parallel section analysis
- Save-audio-to-s3 and generate-missing-audio functions
- Vet-review migration from legacy OpenAI to AI SDK
- Regenerate-incomplete-reports scheduled function
- S3 audio utility helpers
- Terraform S3 bucket configuration updates
@bhekanik
feat: improve job creation flow with default CV and extraction streaming
97742f3 
- Add default CV save/load API endpoint
- Add extraction progress streaming via SSE
- Extraction store for server-side progress tracking
- Update job submission to save default CV preference
- Improve extraction text hook with streaming support
@bhekanik
fix: resolve interview page crashes and voice connection failures
dbb36db 
- Remove VoiceProvider from lobby page (caused infinite render loop)
- Memoize random background values to prevent re-render cascades
- Fix forceSave infinite loop with useRef pattern in InterviewController
- Send session settings over WebSocket message instead of URL query params
  to avoid URL length limits causing connection TIMEOUT errors
- Add 100ms connection delay to survive React Strict Mode double-mount
@bhekanik
feat: add default CV fields to users schema
a088f4c 
- Add defaultCvText and defaultCvFilename columns to users table
- Migration 0010 for new columns
- Update report page for compatibility
@bhekanik
docs: streamline CLAUDE.md and add AGENTS.md
da5caf3 
- Condense CLAUDE.md to essential project context
- Add AGENTS.md with agent-specific instructions
- Add terraform/tfplan to .gitignore
@bhekanik
fix: align AI SDK v6 property names
21a1bb3 
- Rename inputTokens/outputTokens to promptTokens/completionTokens
- Fix FilePart to use base64 data + mimeType instead of data URL
- Fix maxOutputTokens to maxTokens
@bhekanik
fix: correct AI SDK v6 property names for installed version
5bcc07c 
- Revert promptTokens/completionTokens back to inputTokens/outputTokens
  (AI SDK v6.0.116 still uses original names)
- Fix FilePart to use mediaType (not mimeType)
- Fix maxOutputTokens (not maxTokens) for generateText
@bhekanik
chore: update bun.lock
e7150e1
@vercel

vercel Bot commented Mar 7, 2026

Copy link
Copy Markdown

@bhekanik must be a member of the Bhekani Khumalo team on Vercel to deploy.
- Click here to add @bhekanik to the team.
- If you initiated this build, request access.

Learn more about collaboration on Vercel and other options here.

@claude

claude Bot commented Mar 7, 2026
edited
Loading

Copy link
Copy Markdown

Claude finished @bhekanik's task —— View job

Issues Found

[lib/inngest/functions/extract-url.ts:28] SSRF vulnerability - fetching arbitrary URLs without validation. Add URL allow-listing or at minimum block internal IPs:

if (url.startsWith('http://localhost') || url.startsWith('http://127.0.0.1')) throw new Error('Blocked');

Quick Wins

  • Good WebSocket fix - Moving session settings from URL params to WS messages prevents timeout issues with long interview contexts
  • Smart connection handling - Global flag to survive React Strict Mode is clever

Good Patterns

  • Proper error boundaries with Sentry integration for production debugging
  • AI model fallback system prevents outages when primary models fail
  • useRef patterns prevent infinite render loops (line 136 in interview-controller)

Recommendation

⚠️ FIX FIRST - SSRF vulnerability needs addressing before production

The interview fixes are solid and will prevent the crashes. AI infrastructure unification is clean. Just patch that URL validation and you're good to ship.

@github-actions

github-actions Bot commented Mar 7, 2026

Copy link
Copy Markdown

🔒 Security Audit Summary

Security vulnerabilities were detected in the dependency update.

Scan Results

Scanner Status
Bun Security Check ✅ Passed
Snyk ✅ Passed
OSV Scanner ❌ Failed

Recommended Actions

  1. Review the security reports in the workflow artifacts
  2. Run bun update locally to get latest patches
  3. Check OSV Scanner results for known vulnerabilities
  4. Consider using dependency overrides for false positives

For more details, check the workflow run.

@github-actions

github-actions Bot commented Mar 7, 2026

Copy link
Copy Markdown

⚖️ License Compliance Alert

Potential license compatibility issues detected.

Issues Found

  • Incompatible or unknown licenses detected
  • Review the license report in workflow artifacts

Allowed Licenses

MIT, Apache-2.0, BSD-3-Clause, BSD-2-Clause, ISC, 
CC0-1.0, 0BSD, Unlicense, Python-2.0, BlueOak-1.0.0

All other licenses are automatically blocked.

Please review dependencies with incompatible licenses before merging.

@bhekanik
fix: add permissions and continue-on-error to migration workflow
be2d17e 
- Add pull-requests:write and issues:write permissions for PR comments
- Add continue-on-error to comment step so it doesn't fail the job
@vercel

vercel Bot commented Mar 7, 2026
edited
Loading

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
interviewoptimiser Ready Ready Preview, Comment Mar 7, 2026 1:36pm

@claude

claude Bot commented Mar 7, 2026
edited
Loading

Copy link
Copy Markdown

Claude finished @bhekanik's task —— View job

Code Review Complete

Todo List:

  • Review SSRF vulnerability in extract-url.ts
  • Check interview crash fixes
  • Examine AI infrastructure changes
  • Look for any blocking security issues
  • Provide final recommendation

Issues Found

[lib/inngest/functions/extract-url.ts:28] SSRF vulnerability - fetching arbitrary URLs without validation:

if (url.startsWith('http://localhost') || /^https?:\/\/(127\.|10\.|172\.(1[6-9]|2[0-9]|3[01])\.|192\.168\.)/.test(url)) throw new Error('Internal IP blocked');

Quick Wins

  • Good WebSocket fix - Moving session settings from URL params (line 72-76) prevents timeout with long contexts
  • Smart connection handling - Global flag + 100ms delay survives React Strict Mode (line 113-131)

Good Patterns

  • useRef patterns prevent infinite render loops (interview-controller.tsx:136)
  • AI model fallback system prevents outages when primary models fail

Recommendation

⚠️ FIX FIRST - SSRF vulnerability needs addressing before production

Interview fixes are solid and will prevent crashes. AI infrastructure unification is clean. Just patch that URL validation and you're good to ship.

@github-actions

github-actions Bot commented Mar 7, 2026

Copy link
Copy Markdown

Database Migration Dry-Run

Migration generation failed.
There was an issue generating migrations. Please check the logs.

@github-actions

github-actions Bot commented Mar 7, 2026

Copy link
Copy Markdown

🔒 Security Audit Summary

Security vulnerabilities were detected in the dependency update.

Scan Results

Scanner Status
Bun Security Check ✅ Passed
Snyk ✅ Passed
OSV Scanner ❌ Failed

Recommended Actions

  1. Review the security reports in the workflow artifacts
  2. Run bun update locally to get latest patches
  3. Check OSV Scanner results for known vulnerabilities
  4. Consider using dependency overrides for false positives

For more details, check the workflow run.

@github-actions

github-actions Bot commented Mar 7, 2026

Copy link
Copy Markdown

⚖️ License Compliance Alert

Potential license compatibility issues detected.

Issues Found

  • Incompatible or unknown licenses detected
  • Review the license report in workflow artifacts

Allowed Licenses

MIT, Apache-2.0, BSD-3-Clause, BSD-2-Clause, ISC, 
CC0-1.0, 0BSD, Unlicense, Python-2.0, BlueOak-1.0.0

All other licenses are automatically blocked.

Please review dependencies with incompatible licenses before merging.

@bhekanik bhekanik merged commit d91c13a into main Mar 7, 2026
17 of 18 checks passed
@bhekanik bhekanik deleted the feat/unify-voice-infrastructure branch March 7, 2026 13:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@bhekanik