BigSet Add-on for Google Sheets#147
Open
MabudAlam wants to merge 11 commits into
Open
Conversation
Contributor
|
Important Review skippedReview was skipped due to path filters ⛔ Files ignored due to path filters (1)
CodeRabbit blocks several paths by default. You can override this behavior by explicitly including those paths in the path filters. For example, including ⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
📝 WalkthroughWalkthroughThis PR adds API key authentication and management across the backend and dashboard, adds Sheets enrichment run tracking and row-update operations in Convex, and expands the Google Sheets add-on with a GAS backend, Svelte sidebar, wizard flows, dataset browsing, enrichment UI, and settings pages. Sequence Diagram(s)sequenceDiagram
participant Sidebar as Google Sheets sidebar
participant EnrichStore as enrichStore
participant Backend as POST /sheets/enrich
participant Agent as EnrichAgent
participant OpenRouter as OpenRouter
Sidebar->>EnrichStore: loadSelection()
EnrichStore->>Backend: enrichRows request
loop per row
Backend->>Agent: buildEnrichAgent(sourceData, targetColumns)
Agent->>OpenRouter: search_web / fetch_page
OpenRouter-->>Agent: content
Agent-->>Backend: JSON text
end
Backend-->>EnrichStore: results + stats
EnrichStore->>Sidebar: updateSheetCells(updates, rangeStr)
🚥 Pre-merge checks | ✅ 4✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Actionable comments posted: 10
Note
Due to the large number of review comments, Critical, Major severity comments were prioritized as inline comments.
🟡 Minor comments (11)
backend/src/mastra/agents/enrich-agent.ts-94-98 (1)
94-98: 🎯 Functional Correctness | 🟡 Minor | ⚡ Quick win
!== 0filter drops legitimate numeric values of0.The filter is intended to skip the prompt's "unknown" sentinels (
""/0), but it cannot distinguish an unknown0from a correct value of0for anumbertarget column. Any entity whose true value is0will never be written back. Since the sentinel and a valid value are indistinguishable here, consider only filteringnull/undefined/""and letting0through, or using a distinct sentinel in the prompt.🐛 Proposed change
- if (col in parsed && parsed[col] !== null && parsed[col] !== "" && parsed[col] !== 0) { + if (col in parsed && parsed[col] !== null && parsed[col] !== "") { result[col] = parsed[col]; }🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@backend/src/mastra/agents/enrich-agent.ts` around lines 94 - 98, The enrichment merge logic in enrich-agent should not drop valid numeric zeros: the loop over targetColumns currently filters out parsed values equal to 0, which prevents legitimate number fields from being written back. Update the value check in the result assignment path to only exclude null, undefined, and empty-string sentinels, and keep 0 values, using the relevant logic in the parsed/result merge inside the enrichment flow.backend/src/mastra/agents/enrich-agent.ts-62-62 (1)
62-62: 🩺 Stability & Availability | 🟡 Minor | ⚡ Quick winNon-null assertion on
modelConfigrisks a runtime crash.
authContext.modelConfig!.investigateSubagentwill throwCannot read properties of undefinedifmodelConfigis absent for a given auth context. Prefer an explicit guard that fails with a clear error before constructing the agent.🛡️ Proposed change
- const modelSlug = authContext.modelConfig!.investigateSubagent; + const modelConfig = authContext.modelConfig; + if (!modelConfig) { + throw new Error("modelConfig is required to build the enrich agent"); + } + const modelSlug = modelConfig.investigateSubagent;🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@backend/src/mastra/agents/enrich-agent.ts` at line 62, The `authContext.modelConfig!` access in `enrich-agent.ts` can crash at runtime when `modelConfig` is missing. Update the `modelSlug` lookup in the `enrich-agent` construction flow to use an explicit guard or validation before reading `investigateSubagent`, and throw a clear error if `authContext.modelConfig` is absent so the agent is never built with undefined config.frontend/app/dashboard/settings/api-keys/page.tsx-231-238 (1)
231-238: 🎯 Functional Correctness | 🟡 Minor | ⚡ Quick winConfirm before revoking a key.
This icon-only action immediately revokes a credential and has no undo path. Add a confirmation step before calling
handleRevoke(k.id).🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@frontend/app/dashboard/settings/api-keys/page.tsx` around lines 231 - 238, The icon-only revoke action in the key row currently calls handleRevoke(k.id) immediately, which skips any user confirmation. Update the button handler in the API keys page so it prompts the user to confirm before invoking handleRevoke, keeping the existing Trash2 button and revokingId disabled state intact. Make the confirmation check happen right where the button onClick is defined so the revoke only proceeds after explicit approval.bigset-addon/sidebar/src/pages/Settings.svelte-106-106 (1)
106-106: 🎯 Functional Correctness | 🟡 Minor | ⚡ Quick winAvoid hardcoded localhost dashboard URL in user-facing settings.
This link will be wrong outside local dev and can send users to a dead endpoint.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@bigset-addon/sidebar/src/pages/Settings.svelte` at line 106, The API keys link in Settings.svelte is hardcoded to a localhost dashboard URL, which will break outside local development. Update the anchor in the settings UI to use a configurable or environment-based dashboard base URL instead of the fixed localhost address, keeping the link text and placement in the Settings page unchanged.bigset-addon/README.md-15-57 (1)
15-57: 📐 Maintainability & Code Quality | 🟡 Minor | ⚡ Quick winAdd language identifiers to fenced code blocks.
Markdown lint will keep flagging these code fences (
MD040), so CI/doc quality stays noisy until each block is annotated (e.g. ```bash).🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@bigset-addon/README.md` around lines 15 - 57, Add language identifiers to every fenced code block in the README setup instructions so markdown lint stops reporting MD040. Update the code fences around the clone/install, clasp login, clasp create, deploy, and clasp open snippets to use the appropriate shell language tag (for example, bash), keeping the existing content and formatting otherwise unchanged.Source: Linters/SAST tools
bigset-addon/src/utils.ts-5-12 (1)
5-12: 🎯 Functional Correctness | 🟡 MinorFlatten the returned header row.
getValues()returns a 2D array, so this currently yields[[...]]instead of a flat header list. UsegetValues()[0]if callers expect a one-dimensional array.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@bigset-addon/src/utils.ts` around lines 5 - 12, The getHeaderRow helper is returning a 2D array because sheet.getRange(...).getValues() produces nested rows, which breaks callers expecting a flat header list. Update getHeaderRow to return the first row from getValues() when lastColumn is nonzero, while preserving the empty-array case, so the function consistently yields a one-dimensional header array.bigset-addon/src/index.ts-127-128 (1)
127-128: 🎯 Functional Correctness | 🟡 Minor | ⚡ Quick winUse
columnLetter()for the reported end cell.
String.fromCharCode(64 + numCols)breaks at column 27 ([instead ofAA), so the returned range is wrong for wide datasets.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@bigset-addon/src/index.ts` around lines 127 - 128, The range end calculation in the index logic uses a single-character conversion that breaks beyond column Z. Update the end cell computation in the code that builds the reported range to use columnLetter() for numCols instead of String.fromCharCode(64 + numCols), so wide datasets return the correct end cell.bigset-addon/sidebar/vite.config.ts-16-20 (1)
16-20: 🩺 Stability & Availability | 🟡 MinorAdd
settings.htmlto the Rollup inputs
bigset-addon/sidebar/settings.htmlandbigset-addon/sidebar/src/settings.tsare present, butbigset-addon/sidebar/vite.config.tsonly buildssidebar.html. If the standalone settings page should ship, include it inrollupOptions.input.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@bigset-addon/sidebar/vite.config.ts` around lines 16 - 20, The Rollup input list in vite.config.ts only includes the main sidebar entry, so the standalone settings page is not being built. Update rollupOptions.input in the Vite config to also include the settings page entry, using the existing settings.html and the related settings.ts entry point so both pages are emitted.bigset-addon/sidebar/src/pages/StepDone.svelte-21-33 (1)
21-33: 🎯 Functional Correctness | 🟡 Minor | ⚡ Quick win
rowCountnot refreshed on remount → stale count displayed.The reload path sets rows but never updates the top-level
rowCount, yet the summary card renders{$wizard.rowCount}(lines 73, 80 region). If the user navigated away during populate and returns with$wizard.rows.length === 0, the card will show a stale count (e.g.0 rows ready) even thoughsetRowsloaded data. You update$wizard.dataset.rowCounthere, but the template reads$wizard.rowCount, not$wizard.dataset.rowCount.🐛 Proposed fix
import { wizard, setStep, setRows, + setRowCount, setError, resetWizard, } from "../lib/wizardStore.js";const { rows, dataset } = await api.listRows($wizard.dataset.id); setRows(rows.map((r) => r.data)); + setRowCount(dataset.rowCount ?? rows.length); // Refresh dataset info too $wizard.dataset.rowCount = dataset.rowCount ?? rows.length; $wizard.dataset.columns = dataset.columns;🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@bigset-addon/sidebar/src/pages/StepDone.svelte` around lines 21 - 33, The remount refresh path in StepDone.svelte updates $wizard.dataset.rowCount but leaves the top-level $wizard.rowCount unchanged, so the summary card can show stale data. In the onMount reload block that calls api.listRows and setRows, also refresh $wizard.rowCount to match the loaded dataset count, keeping it in sync with the value rendered by the summary card. Use the existing wizard state fields and the setRows/api.listRows flow to locate the fix.bigset-addon/sidebar/src/main.ts-4-6 (1)
4-6: 📐 Maintainability & Code Quality | 🟡 MinorUse a non-null mount target
bigset-addon/sidebar/src/main.ts:4-5
document.getElementById('app')can benull, and this strict Svelte/TypeScript setup expects a definite mount element. Use a non-null assertion or a guard before passing it tonew App(...).🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@bigset-addon/sidebar/src/main.ts` around lines 4 - 6, The App mount in main.ts is passing a possibly null value from document.getElementById('app') into new App(...), which violates the strict Svelte/TypeScript expectation for a definite target. Update the App initialization to ensure the mount element is non-null, either by asserting the element exists or by adding a guard before constructing App, so the target passed to the App constructor is always valid.bigset-addon/sidebar/src/app.css-82-82 (1)
82-82: 📐 Maintainability & Code Quality | 🟡 Minor | ⚡ Quick winFix stylelint keyword/font-family violations to keep the stylesheet lint-clean.
Line 82, Line 88, and Line 323 currently violate configured stylelint rules and may fail lint checks.
Proposed patch
- font-family: "Geist", system-ui, -apple-system, BlinkMacSystemFont, "Segoe UI", + font-family: Geist, system-ui, -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, sans-serif; @@ - text-rendering: optimizeLegibility; + text-rendering: optimizelegibility; @@ - background-color: currentColor; + background-color: currentcolor;Also applies to: 88-88, 323-323
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@bigset-addon/sidebar/src/app.css` at line 82, The stylesheet has stylelint violations around font-family usage at the affected declarations, so update the font-family values in sidebar/src/app.css to match the configured lint rules. Review the related font stacks near the identified entries, especially the main app stylesheet declarations, and normalize any disallowed keyword casing or font-family syntax so the file passes stylelint cleanly.Source: Linters/SAST tools
🧹 Nitpick comments (2)
frontend/convex/sheetsEnrichmentRuns.ts (1)
136-145: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low valuePrefer a static import of
requireIdentity.
./lib/authz.jsis already imported statically at Line 9 (loadOwnedDataset), so the inlineawait import(...)adds an unnecessary dynamic import in the query hot path. AddrequireIdentityto the existing top-level import instead.♻️ Proposed change
-import { loadOwnedDataset } from "./lib/authz.js"; +import { loadOwnedDataset, requireIdentity } from "./lib/authz.js";handler: async (ctx) => { - const { requireIdentity } = await import("./lib/authz.js"); const identity = await requireIdentity(ctx);🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@frontend/convex/sheetsEnrichmentRuns.ts` around lines 136 - 145, Use a static top-level import for requireIdentity instead of the inline await import in the sheetsEnrichmentRuns handler. The issue is in the handler that queries "sheetsEnrichmentRuns", where requireIdentity is loaded dynamically even though ./lib/authz.js is already imported elsewhere; move requireIdentity into the existing import from ./lib/authz.js and remove the dynamic import inside the query path.frontend/convex/datasetRows.ts (1)
487-510: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win
bulkUpdateCellsduplicatesupdateCellsmerge/history logic and bypassesassertRowInDataset.The per-row merge +
datasetHistoryrecording (Lines 495-510) is a copy ofupdateCells(Lines 403-421). Beyond DRY, the inline guard at Line 490 reimplementsassertRowInDatasetwithout itslogDenyaudit logging, so cross-dataset access attempts here go unlogged. Consider extracting a shared helper that both mutations call.♻️ Sketch
function mergeWithHistory( ctx: MutationCtx, rowId: Id<"datasetRows">, oldData: Record<string, unknown>, data: Record<string, unknown>, ): Promise<Record<string, unknown>> { /* merge + insert datasetHistory */ }🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@frontend/convex/datasetRows.ts` around lines 487 - 510, The bulkUpdateCells path is duplicating the row merge and datasetHistory write logic from updateCells, and its inline dataset check bypasses assertRowInDataset auditing. Extract the shared merge/history behavior into a helper used by both updateCells and bulkUpdateCells, and replace the manual ctx.db.get / datasetId check in bulkUpdateCells with assertRowInDataset so deny attempts continue to be logged consistently.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@backend/src/api-key.ts`:
- Around line 80-88: The fallback in requireApiKeyOrCli is too broad because it
bypasses API-key auth whenever PROD is not exactly "1", so align this guard with
the explicit local-mode check used by requireAuth instead of relying on PROD.
Update requireApiKeyOrCli to only assign LOCAL_USER_ID in the same intended
local-development condition, and keep all other environments flowing through
requireApiKey so deployed instances cannot accidentally default-open
authentication.
In `@backend/src/clerk-auth.ts`:
- Around line 98-99: The auth flow in clerk-auth.ts is letting API keys satisfy
routes that should remain Clerk-only, including the /api-keys CRUD paths. Split
the current requireAuth behavior into a Clerk-only handler and an
API-key-or-Clerk handler, then update the auth entry point so the key-management
routes use the Clerk-only path while other routes can still accept API keys. Use
the existing symbols tryApiKeyAuth and requireAuth to locate and separate the
logic cleanly.
In `@backend/src/index.ts`:
- Around line 1223-1226: The /populate handler in index.ts is logging the full
request body, which can expose sensitive user data. Remove the raw payload
logging from the datasetContextSchema safeParse path and keep only safe
structured debug logs, such as request metadata or validation status, using the
existing populate/request handling code as the reference point.
- Around line 1737-1740: The row item type used in this handler is missing
targetColumns, even though the code reads row.targetColumns later. Update the
rows array element type in the relevant handler in backend/src/index.ts to
include targetColumns alongside rowIndex and sourceData, so the TypeScript type
matches the actual properties being accessed.
In `@bigset-addon/sidebar/src/pages/Settings.svelte`:
- Around line 33-47: The save flow in Settings.svelte is swallowing failures in
save(), which lets testConnection() continue using stale backend or API key
values and can produce false success. Update save() to stop suppressing errors:
remove the catch-or rethrow after logging-so callers like testConnection() can
detect the failure, and make sure testConnection() in Settings.svelte handles
the rejected save path explicitly before attempting the connection test.
In `@bigset-addon/sidebar/src/pages/StepReview.svelte`:
- Around line 62-69: The setDataset payload in StepReview.svelte includes a
description field that is not part of DatasetSnapshot, causing the object
literal to fail type checking. Update the setDataset call to only pass
properties defined by DatasetSnapshot, or if the wizard state truly needs
description, add an optional description property to the DatasetSnapshot type
and ensure any related state handling matches.
In `@bigset-addon/src/index.ts`:
- Line 4: The DEFAULT_BACKEND_URL constant in the module entrypoint is pointing
to a personal ngrok tunnel, which should not be the shipped default. Replace
that fallback in index.ts with a stable deployed API endpoint or change the
startup flow so backend configuration must be provided explicitly on first run,
and update any initialization logic that reads DEFAULT_BACKEND_URL to use the
new source of truth.
- Around line 257-266: The write-back column mapping is being derived from the
current active selection instead of the original selection snapshot, which can
shift if the user changes cells during enrichment. Update updateSheetCells() to
accept the original header row/range metadata from getSelectedRange() and use
that snapshot to build headers and resolve columns, rather than calling
SpreadsheetApp.getActiveSpreadsheet()/getActiveSheet()/getActiveRange() for this
lookup.
- Around line 33-34: The add-on credentials are still being read from shared
script properties, so each user can see the same backend URL and API key. Update
the property access in the startup flow and save/load logic in the relevant
`index.ts` code paths to use `PropertiesService.getUserProperties()` instead of
`getScriptProperties()`, keeping the existing symbols like
`SCRIPT_PROPERTY_URL`, `SCRIPT_PROPERTY_KEY`, and the related settings methods
aligned with per-user storage.
- Around line 277-285: The overwrite guard in the cell update logic is only
checking the computed value, so formula cells that evaluate to blank can still
be replaced by static content. Update the write path in the range/cell handling
code to treat any cell with an existing formula as occupied by checking the
formula on the Cell before calling setValue, and only write when both the value
is empty and no formula is present.
---
Minor comments:
In `@backend/src/mastra/agents/enrich-agent.ts`:
- Around line 94-98: The enrichment merge logic in enrich-agent should not drop
valid numeric zeros: the loop over targetColumns currently filters out parsed
values equal to 0, which prevents legitimate number fields from being written
back. Update the value check in the result assignment path to only exclude null,
undefined, and empty-string sentinels, and keep 0 values, using the relevant
logic in the parsed/result merge inside the enrichment flow.
- Line 62: The `authContext.modelConfig!` access in `enrich-agent.ts` can crash
at runtime when `modelConfig` is missing. Update the `modelSlug` lookup in the
`enrich-agent` construction flow to use an explicit guard or validation before
reading `investigateSubagent`, and throw a clear error if
`authContext.modelConfig` is absent so the agent is never built with undefined
config.
In `@bigset-addon/README.md`:
- Around line 15-57: Add language identifiers to every fenced code block in the
README setup instructions so markdown lint stops reporting MD040. Update the
code fences around the clone/install, clasp login, clasp create, deploy, and
clasp open snippets to use the appropriate shell language tag (for example,
bash), keeping the existing content and formatting otherwise unchanged.
In `@bigset-addon/sidebar/src/app.css`:
- Line 82: The stylesheet has stylelint violations around font-family usage at
the affected declarations, so update the font-family values in
sidebar/src/app.css to match the configured lint rules. Review the related font
stacks near the identified entries, especially the main app stylesheet
declarations, and normalize any disallowed keyword casing or font-family syntax
so the file passes stylelint cleanly.
In `@bigset-addon/sidebar/src/main.ts`:
- Around line 4-6: The App mount in main.ts is passing a possibly null value
from document.getElementById('app') into new App(...), which violates the strict
Svelte/TypeScript expectation for a definite target. Update the App
initialization to ensure the mount element is non-null, either by asserting the
element exists or by adding a guard before constructing App, so the target
passed to the App constructor is always valid.
In `@bigset-addon/sidebar/src/pages/Settings.svelte`:
- Line 106: The API keys link in Settings.svelte is hardcoded to a localhost
dashboard URL, which will break outside local development. Update the anchor in
the settings UI to use a configurable or environment-based dashboard base URL
instead of the fixed localhost address, keeping the link text and placement in
the Settings page unchanged.
In `@bigset-addon/sidebar/src/pages/StepDone.svelte`:
- Around line 21-33: The remount refresh path in StepDone.svelte updates
$wizard.dataset.rowCount but leaves the top-level $wizard.rowCount unchanged, so
the summary card can show stale data. In the onMount reload block that calls
api.listRows and setRows, also refresh $wizard.rowCount to match the loaded
dataset count, keeping it in sync with the value rendered by the summary card.
Use the existing wizard state fields and the setRows/api.listRows flow to locate
the fix.
In `@bigset-addon/sidebar/vite.config.ts`:
- Around line 16-20: The Rollup input list in vite.config.ts only includes the
main sidebar entry, so the standalone settings page is not being built. Update
rollupOptions.input in the Vite config to also include the settings page entry,
using the existing settings.html and the related settings.ts entry point so both
pages are emitted.
In `@bigset-addon/src/index.ts`:
- Around line 127-128: The range end calculation in the index logic uses a
single-character conversion that breaks beyond column Z. Update the end cell
computation in the code that builds the reported range to use columnLetter() for
numCols instead of String.fromCharCode(64 + numCols), so wide datasets return
the correct end cell.
In `@bigset-addon/src/utils.ts`:
- Around line 5-12: The getHeaderRow helper is returning a 2D array because
sheet.getRange(...).getValues() produces nested rows, which breaks callers
expecting a flat header list. Update getHeaderRow to return the first row from
getValues() when lastColumn is nonzero, while preserving the empty-array case,
so the function consistently yields a one-dimensional header array.
In `@frontend/app/dashboard/settings/api-keys/page.tsx`:
- Around line 231-238: The icon-only revoke action in the key row currently
calls handleRevoke(k.id) immediately, which skips any user confirmation. Update
the button handler in the API keys page so it prompts the user to confirm before
invoking handleRevoke, keeping the existing Trash2 button and revokingId
disabled state intact. Make the confirmation check happen right where the button
onClick is defined so the revoke only proceeds after explicit approval.
---
Nitpick comments:
In `@frontend/convex/datasetRows.ts`:
- Around line 487-510: The bulkUpdateCells path is duplicating the row merge and
datasetHistory write logic from updateCells, and its inline dataset check
bypasses assertRowInDataset auditing. Extract the shared merge/history behavior
into a helper used by both updateCells and bulkUpdateCells, and replace the
manual ctx.db.get / datasetId check in bulkUpdateCells with assertRowInDataset
so deny attempts continue to be logged consistently.
In `@frontend/convex/sheetsEnrichmentRuns.ts`:
- Around line 136-145: Use a static top-level import for requireIdentity instead
of the inline await import in the sheetsEnrichmentRuns handler. The issue is in
the handler that queries "sheetsEnrichmentRuns", where requireIdentity is loaded
dynamically even though ./lib/authz.js is already imported elsewhere; move
requireIdentity into the existing import from ./lib/authz.js and remove the
dynamic import inside the query path.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: bb61d2e5-f842-45ac-a39f-76f1fb989787
⛔ Files ignored due to path filters (5)
backend/package-lock.jsonis excluded by!**/package-lock.jsonbigset-addon/sidebar/public/vite.svgis excluded by!**/*.svgbigset-addon/sidebar/src/assets/svelte.svgis excluded by!**/*.svgbigset-addon/src/vite.svgis excluded by!**/*.svgfrontend/convex/_generated/api.d.tsis excluded by!**/_generated/**
📒 Files selected for processing (58)
backend/src/api-key.tsbackend/src/clerk-auth.tsbackend/src/index.tsbackend/src/mastra/agents/enrich-agent.tsbigset-addon/.claspignorebigset-addon/.gitignorebigset-addon/README.mdbigset-addon/package.jsonbigset-addon/sidebar/README.mdbigset-addon/sidebar/package.jsonbigset-addon/sidebar/settings.htmlbigset-addon/sidebar/sidebar.htmlbigset-addon/sidebar/src/App.sveltebigset-addon/sidebar/src/app.cssbigset-addon/sidebar/src/lib/ColumnIcon.sveltebigset-addon/sidebar/src/lib/Header.sveltebigset-addon/sidebar/src/lib/Icon.sveltebigset-addon/sidebar/src/lib/Spinner.sveltebigset-addon/sidebar/src/lib/StatusBadge.sveltebigset-addon/sidebar/src/lib/Stepper.sveltebigset-addon/sidebar/src/lib/ThemeToggle.sveltebigset-addon/sidebar/src/lib/api.tsbigset-addon/sidebar/src/lib/enrichStore.tsbigset-addon/sidebar/src/lib/theme.tsbigset-addon/sidebar/src/lib/wizardStore.tsbigset-addon/sidebar/src/main.tsbigset-addon/sidebar/src/pages/DatasetDetail.sveltebigset-addon/sidebar/src/pages/Datasets.sveltebigset-addon/sidebar/src/pages/Home.sveltebigset-addon/sidebar/src/pages/Public.sveltebigset-addon/sidebar/src/pages/Settings.sveltebigset-addon/sidebar/src/pages/StepDescribe.sveltebigset-addon/sidebar/src/pages/StepDone.sveltebigset-addon/sidebar/src/pages/StepGenerating.sveltebigset-addon/sidebar/src/pages/StepPopulating.sveltebigset-addon/sidebar/src/pages/StepReview.sveltebigset-addon/sidebar/src/pages/enrich/EnrichConfirm.sveltebigset-addon/sidebar/src/pages/enrich/EnrichDone.sveltebigset-addon/sidebar/src/pages/enrich/EnrichTab.sveltebigset-addon/sidebar/src/settings.tsbigset-addon/sidebar/src/vite-env.d.tsbigset-addon/sidebar/svelte.config.jsbigset-addon/sidebar/tsconfig.jsonbigset-addon/sidebar/tsconfig.node.jsonbigset-addon/sidebar/vite.config.tsbigset-addon/src/api.tsbigset-addon/src/index.tsbigset-addon/src/settings.htmlbigset-addon/src/sidebar.htmlbigset-addon/src/utils.tsfrontend/app/dashboard/settings/api-keys/page.tsxfrontend/app/dashboard/settings/models/page.tsxfrontend/convex/apiKeys.tsfrontend/convex/datasetRows.tsfrontend/convex/datasets.tsfrontend/convex/schema.tsfrontend/convex/sheetsEnrichmentRuns.tsfrontend/lib/backend.ts
Contributor
There was a problem hiding this comment.
Actionable comments posted: 4
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@bigset-addon/README.md`:
- Line 11: Add missing language identifiers to the fenced code blocks in
README.md to satisfy MD040; update the repository tree block and the Google Apps
Script URL block to use appropriate tags, and verify the Markdown fences in the
README render with explicit language labels using the affected fenced block
snippets.
In `@bigset-addon/sidebar/src/vite-env.d.ts`:
- Around line 8-10: The google.script.run typing in the
withSuccessHandler/withFailureHandler chain is broken because withFailureHandler
currently returns unknown instead of the runner object. Update the declaration
so withFailureHandler returns the same runner type used by withSuccessHandler,
preserving fluent chaining and indexed method access on google.script.run. Keep
the fix localized to the runner interface in vite-env.d.ts and ensure the
returned type still includes the existing dynamic method signature.
In `@bigset-addon/src/index.js`:
- Around line 193-205: Reject blank or duplicate header names before building
row objects in getSelectedRange(), since rowData is keyed by header text and
duplicate/empty keys will collapse columns and misalign later writes in
updateSheetCells(). Add validation after collecting headers from the first row
of values to ensure every header is non-empty and unique, and stop processing or
surface an error if the selected range contains invalid headers so
headers.indexOf(update.columnName) cannot target the wrong column.
In `@bigset-addon/src/index.ts`:
- Around line 62-67: The backend URL validation in the startup flow currently
allows both http and https, but this path sends the user’s API key on every
request. Update the check in the baseUrl validation block so only HTTPS
endpoints are accepted, and adjust the thrown error message to tell the user to
configure an https:// backend URL in Settings.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: 2bc5be9c-491b-4905-86ec-b1ab388b2cf2
📒 Files selected for processing (43)
backend/src/api-key.tsbackend/src/clerk-auth.tsbackend/src/index.tsbackend/src/mastra/agents/enrich-agent.tsbigset-addon/.claspignorebigset-addon/README.mdbigset-addon/package.jsonbigset-addon/sidebar/package.jsonbigset-addon/sidebar/src/api/client.tsbigset-addon/sidebar/src/components/ColumnIcon.sveltebigset-addon/sidebar/src/components/Header.sveltebigset-addon/sidebar/src/components/Icon.sveltebigset-addon/sidebar/src/components/Spinner.sveltebigset-addon/sidebar/src/components/StatusBadge.sveltebigset-addon/sidebar/src/components/Stepper.sveltebigset-addon/sidebar/src/components/ThemeToggle.sveltebigset-addon/sidebar/src/main.tsbigset-addon/sidebar/src/pages/DatasetDetail.sveltebigset-addon/sidebar/src/pages/Datasets.sveltebigset-addon/sidebar/src/pages/Home.sveltebigset-addon/sidebar/src/pages/Public.sveltebigset-addon/sidebar/src/pages/Settings.sveltebigset-addon/sidebar/src/pages/StepDescribe.sveltebigset-addon/sidebar/src/pages/StepDone.sveltebigset-addon/sidebar/src/pages/StepGenerating.sveltebigset-addon/sidebar/src/pages/StepPopulating.sveltebigset-addon/sidebar/src/pages/StepReview.sveltebigset-addon/sidebar/src/pages/enrich/EnrichConfirm.sveltebigset-addon/sidebar/src/pages/enrich/EnrichDone.sveltebigset-addon/sidebar/src/pages/enrich/EnrichTab.sveltebigset-addon/sidebar/src/stores/enrichStore.tsbigset-addon/sidebar/src/stores/theme.tsbigset-addon/sidebar/src/stores/wizardStore.tsbigset-addon/sidebar/src/vite-env.d.tsbigset-addon/sidebar/tsconfig.jsonbigset-addon/sidebar/vite.config.tsbigset-addon/src/index.jsbigset-addon/src/index.tsbigset-addon/src/sidebar.htmlbigset-addon/tsconfig.jsonfrontend/app/dashboard/settings/api-keys/page.tsxfrontend/convex/datasetRows.tsfrontend/convex/sheetsEnrichmentRuns.ts
💤 Files with no reviewable changes (7)
- bigset-addon/sidebar/src/components/Spinner.svelte
- bigset-addon/sidebar/src/components/StatusBadge.svelte
- bigset-addon/sidebar/src/components/ColumnIcon.svelte
- bigset-addon/sidebar/vite.config.ts
- bigset-addon/sidebar/src/components/Stepper.svelte
- bigset-addon/sidebar/src/components/Header.svelte
- bigset-addon/sidebar/src/components/Icon.svelte
✅ Files skipped from review due to trivial changes (3)
- bigset-addon/tsconfig.json
- bigset-addon/sidebar/src/components/ThemeToggle.svelte
- bigset-addon/.claspignore
🚧 Files skipped from review as they are similar to previous changes (22)
- bigset-addon/sidebar/src/main.ts
- bigset-addon/sidebar/src/pages/enrich/EnrichTab.svelte
- bigset-addon/sidebar/src/pages/Home.svelte
- bigset-addon/sidebar/src/pages/enrich/EnrichConfirm.svelte
- bigset-addon/package.json
- bigset-addon/sidebar/tsconfig.json
- bigset-addon/sidebar/src/pages/StepGenerating.svelte
- bigset-addon/sidebar/package.json
- bigset-addon/sidebar/src/pages/StepPopulating.svelte
- bigset-addon/sidebar/src/pages/DatasetDetail.svelte
- frontend/app/dashboard/settings/api-keys/page.tsx
- bigset-addon/sidebar/src/pages/enrich/EnrichDone.svelte
- backend/src/mastra/agents/enrich-agent.ts
- bigset-addon/sidebar/src/pages/StepReview.svelte
- bigset-addon/sidebar/src/pages/StepDescribe.svelte
- bigset-addon/sidebar/src/pages/Public.svelte
- bigset-addon/sidebar/src/pages/Datasets.svelte
- backend/src/api-key.ts
- bigset-addon/sidebar/src/pages/Settings.svelte
- frontend/convex/sheetsEnrichmentRuns.ts
- bigset-addon/sidebar/src/pages/StepDone.svelte
- frontend/convex/datasetRows.ts
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
sheet.addon.mp4
Complete demo : https://drive.google.com/file/d/1kodY8HJgYwLCkx1qjwCnDtgozdyH-jQR/view
This PR adds BigSet Addon to Google Sheets