chore(release): v0.3.0 (#131)

* ci: replace --no-frozen-lockfile with --frozen-lockfile

* perf: parallelize cloudinary upload and summary generation

* ci: upgrade pnpm from v8 to v10.12.2

* feat: update privacy policy to include Google user data handling and protection measures

* refactor: simplify onboarding process by removing country-related fields and validations

* ci(auto-fix): Apply ESLint formatting

* feat: enhance subscription management and webhook processing

- Update subscription status checks to ensure only active subscriptions are considered.
- Add cleanup tasks for abandoned subscriptions and reconciliation of payment statuses.
- Implement webhook event tracking for idempotency and error handling.
- Introduce new models for webhook events and enhance Razorpay client integration.
- Improve user interface components to reflect accurate subscription states.

* refactor: update datetime handling and remove unused apiService

* Refactor payment handling and UI components

- Replaced native button with custom Button component in BlogList and PricingPage for consistency.
- Introduced PaymentSuccessPage to handle payment verification and success feedback.
- Updated pricing API to streamline subscription creation and payment verification.
- Removed Razorpay integration and replaced it with Dodo Payments for subscription handling.
- Simplified error handling and state management in payment flow.
- Enhanced SubscriptionSettings to disable cancellation option and guide users to contact support.
- Cleaned up unused hooks and components related to Razorpay.

* feat: add dodo_product_id to Plan model and update related components

* feat: implement JWT authentication for Pub/Sub webhook requests

* fix: filtered empty user messages in system generated chat when response is empty

* feat: enhance logout functionality to redirect to logout URL from backend

* feat: implement Dodo Payments webhook handling and processing logic

* feat: enhance error handling for integration toasts to prevent duplicates

* feat: update Navbar to display chat icon and link based on user authentication

* Refactor Dodo Payments integration:
- Simplified webhook handling in payments.py, removing signature verification and improving error handling.
- Reorganized MongoDB collections in collections.py for clarity.
- Updated indexes in indexes.py to optimize payment and subscription queries.
- Enhanced webhook models in webhook_models.py for better structure and naming consistency.
- Streamlined payment_service.py to focus on payment link generation without immediate database storage.
- Consolidated payment webhook logic into payment_webhook_service.py, removing redundant code and improving event handling.
- Deleted outdated webhook_service.py to eliminate duplication and maintain a single source of truth for webhook processing.

* feat: enhance tool execution request message to include fallback for unavailable tools

* feat: enhance Dodo Payments webhook handling with signature verification

* feat: add auto redirect countdown to SubscriptionSuccessModal

* ci(auto-fix): Apply ESLint formatting

* feat: integrate Standard Webhooks library for Dodo Payments signature verification

* feat: update Dodo Payments setup script and modify subscription plans descriptions

* ci(auto-fix): Apply ESLint formatting

* feat: refactor navigation components and enhance app configuration with new links and descriptions

* feat: add ScrollToBottomButton component for improved chat navigation

* feat: implement abort controller management for chat stream handling

* feat: implement save functionality for incomplete conversations in chat stream

* feat: refactor modal handling in ChatOptionsDropdown for improved state management

* fix: shift + enter appends to end of composer

* chore:lint

* feat: enhance memory management with async client and export options in MemoryGraph

* Apply suggestion from @Copilot

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update backend/app/models/payment_models.py

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update backend/scripts/dodo_setup.py

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update backend/scripts/dodo_setup.py

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* ci(auto-fix): Apply pre-commit hooks formatting

* ci(auto-fix): Apply ESLint formatting

* refactor: improve validation and sanitization in onboarding preferences

* refactor: update OAuth integration comments and adjust dropdown positioning in chat components

* refactor: streamline input clearing logic in Composer and useChatStream

* ci(auto-fix): Apply pre-commit hooks formatting

* feat: enhance OAuth integration handling with unified integrations support

* feat: implement caching for integrations configuration to enhance performance

* ci(auto-fix): Apply ESLint formatting

* feat: refactor Google OAuth integration handling and improve scope management

* feat: update integration icon handling to support multiple icons

* chore: fix linting & type issues

* ci(auto-fix): Apply ESLint formatting

* chore: configure PostHog analytics

* feat: add Sentry integration for error tracking and performance monitoring on backend

* feat: integrate Sentry for error tracking and performance monitoring

- Added Sentry configuration for edge features in `sentry.edge.config.ts`
- Added Sentry configuration for server-side in `sentry.server.config.ts`
- Implemented global error boundary in `global-error.tsx` to capture exceptions
- Configured Sentry for client-side instrumentation in `instrumentation-client.ts`
- Created `instrumentation.ts` to register Sentry based on runtime environment

* ci(auto-fix): Apply pre-commit hooks formatting

* Create CODE_OF_CONDUCT.md

* feat: enhance calendar event handling with timezone support and updated models

- Updated calendar event models to include timezone offset and processing logic.
- Refactored calendar service to utilize processed times directly.
- Improved chat API to handle conversation ID extraction from URL.
- Enhanced CalendarEventSection to include calendar ID in event options.
- Adjusted hooks to manage conversation ID more flexibly.

* feat: update WorkOS client to AsyncWorkOSClient and enhance calendar event handling for batch processing

* refactor: remove unused router import from useChatStream hook

* Remove outdated documentation and OAuth integration icons from the project

* Update frontend/src/features/chat/components/composer/ComposerRight.tsx

* fix: "error in chat stream" error infinite

* feat: implement support ticket system with creation and management tools

* docs: update usage rules in support ticket tool documentation for clarity

* feat: add Cerebras AI configuration and integrate ChatCerebras model in client

* ci(auto-fix): Apply ESLint formatting

* feat: removed unused nltk and replaced embeddings model with better embedding

* fix: remove unnecessary max-height from description scroll shadow

* ci(auto-fix): Apply pre-commit hooks formatting

* chore(ci): add manual trigger for Release Please workflow

* fix: update release token in workflow and import useRouter in useChatStream hook

* ci(auto-fix): Apply ESLint formatting

* chore(lint): Remove unused imports in PricingPage component

* docs: Added Code of Conduct 

docs: Added Code of Conduct and appropriately replaced main with master in docs

---------

Co-authored-by: Aryan <aryan.k.randeriya@gmail.com>

---------

Co-authored-by: sankalpaacharya <sankalpaacharya01@gmail.com>
Co-authored-by: Dhruv Maradiya <dhruvmaradiya0@gmail.com>
Co-authored-by: GitHub Actions <actions@github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Jigar Bhoye <84662430+jigarbhoye04@users.noreply.github.com>

Author: 6 people

.github/workflows/main.yml

@@ -20,7 +20,7 @@ jobs:
 
       - uses: pnpm/action-setup@v2
         with:
-          version: 8
+          version: 10.12.2
 
       - name: Use Node.js
         uses: actions/setup-node@v3
@@ -31,8 +31,7 @@ jobs:
 
       - name: Install dependencies
         run: |
-          pnpm install --no-frozen-lockfile
-          pnpm install
+          pnpm install --frozen-lockfile
 
       - name: Run ESLint with autofix
         run: pnpm lint:fix

CODE_OF_CONDUCT.md

@@ -0,0 +1,58 @@
+# Contributor Covenant Code of Conduct
+
+## Our Commitment
+
+We are committed to making participation in our community a welcoming, respectful, and productive experience for everyone.
+
+## Standards
+
+Positive examples of behavior include:
+
+- Showing respect and kindness to others  
+- Being open to different perspectives and experiences  
+- Offering and accepting constructive feedback  
+- Taking responsibility for mistakes and working to correct them  
+
+Unacceptable behavior includes:
+
+- Harassment or discrimination of any kind  
+- Offensive, derogatory, or inappropriate comments  
+- Personal attacks or trolling  
+- Sharing private information without consent  
+- Any unprofessional or disruptive conduct  
+
+## Responsibilities
+
+Community leaders will:
+
+- Enforce this Code of Conduct consistently and fairly  
+- Take appropriate action for violations, which may include warnings, temporary bans, or permanent bans  
+- Provide clear reasons for moderation decisions when possible  
+
+## Scope
+
+This Code of Conduct applies across all community spaces and when an individual is representing the community in public settings.
+
+## Enforcement
+
+If you experience or witness unacceptable behavior, please report it to the community leaders at **your-email@example.com**. Reports will be handled respectfully, promptly, and with confidentiality.
+
+## Enforcement Guidelines
+
+Community leaders will use the following guidelines when determining consequences for violations:
+
+1. **Warning**  
+   - *Behavior*: Minor or first-time violation.  
+   - *Action*: Private warning with explanation. A public apology may be requested.  
+
+2. **Temporary Ban**  
+   - *Behavior*: More serious or repeated violations.  
+   - *Action*: Temporary restriction from community participation.  
+
+3. **Permanent Ban**  
+   - *Behavior*: Severe or ongoing violations.  
+   - *Action*: Permanent removal from the community.  
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant, version 2.0](https://www.contributor-covenant.org/version/2/0/code_of_conduct.html), with modifications for clarity and brevity.

backend/.env.example

@@ -1,3 +1,14 @@
+# ============================================================================================
+# IMPORTANT: DO NOT DELETE THIS FILE
+# --------------------------------------------------------------------------------------------
+# This `.env.example` file is required for the repository. It serves as a reference template
+# showing the environment variables needed to run the project. Actual values must be provided
+# via Infisical or your own `.env` file, but this file should remain in version control.
+#
+# For setup instructions and details on configuring environment variables, see:
+# https://docs.heygaia.io/configuration/environment-variables
+# ============================================================================================
+
 # Environment Configuration
 ENV=development                      # Environment type: development, staging, production
 DISABLE_PROFILING=true               # Disable performance profiling in non-production environments

backend/Dockerfile

@@ -49,10 +49,8 @@
     uv pip install --system --no-cache-dir -r heavy-deps.txt && \
     rm -rf /root/.cache/pip
 
-  # Setup Playwright and NLTK
-  RUN python -m playwright install --with-deps chromium
-  RUN python -m nltk.downloader punkt stopwords punkt_tab && \
-    rm -rf /root/.cache/nltk
+  # Setup Playwright
+  RUN python -m playwright install chromium
 
   # ---- Default Dependencies Stage: Install default application dependencies ----
   FROM heavy-dependencies AS default-dependencies
@@ -82,8 +80,7 @@
 
   # Setup non-root user and permissions
   RUN adduser --disabled-password --gecos '' appuser \
-    && mkdir -p /home/appuser/.cache/huggingface /home/appuser/nltk_data  \
-    && cp -R /root/nltk_data/* /home/appuser/nltk_data/ \
+    && mkdir -p /home/appuser/.cache \
     && chown -R appuser:appuser /home/appuser \
     && cp -R /root/.cache/ms-playwright /home/appuser/.cache/ \
     && chown -R appuser:appuser /home/appuser/.cache/ms-playwright \

backend/app/api/v1/dependencies/google_scope_dependencies.py

@@ -5,11 +5,12 @@
 before allowing access to protected endpoints that require specific integrations.
 """
 
-from typing import Dict, List, Literal, Union
+from typing import List, Literal, Union
 
 import httpx
 from app.api.v1.dependencies.oauth_dependencies import get_current_user
 from app.config.loggers import auth_logger as logger
+from app.config.oauth_config import get_integration_scopes, get_short_name_mapping
 from app.config.token_repository import token_repository
 from fastapi import Depends, HTTPException, status
 
@@ -40,10 +41,13 @@ async def wrapper(user: dict = Depends(get_current_user)):
             )
 
         try:
-            token = await token_repository.get_token(
-                user_id, "google", renew_if_expired=True
-            )
-            authorized_scopes = str(token.get("scope", "")).split()
+            try:
+                token = await token_repository.get_token(
+                    user_id, "google", renew_if_expired=True
+                )
+                authorized_scopes = str(token.get("scope", "")).split()
+            except HTTPException:
+                authorized_scopes = []
 
             # Handle both single scope and list of scopes
             required_scopes = [scope] if isinstance(scope, str) else scope
@@ -76,18 +80,6 @@ async def wrapper(user: dict = Depends(get_current_user)):
     return wrapper
 
 
-# Mapping of integration names to their required OAuth scope URLs
-GOOGLE_SCOPE_URLS: Dict[str, Union[str, List[str]]] = {
-    "gmail": "https://www.googleapis.com/auth/gmail.modify",
-    "calendar": [
-        "https://www.googleapis.com/auth/calendar.events",
-        "https://www.googleapis.com/auth/calendar.readonly",
-    ],
-    "drive": "https://www.googleapis.com/auth/drive.file",
-    "docs": "https://www.googleapis.com/auth/documents",
-}
-
-
 def require_google_integration(
     integration: Literal["gmail", "calendar", "drive", "docs"],
 ):
@@ -101,24 +93,32 @@ def require_google_integration(
         def get_events(user = Depends(require_google_integration("calendar"))):
             # user has Calendar scope with both read and write permissions
 
-        # For Calendar readonly endpoints
-        @app.get("/calendar/events/readonly")
-        def get_events_readonly(user = Depends(require_google_integration("calendar_readonly"))):
-            # user has Calendar readonly scope
+        # For Gmail endpoints
+        @app.get("/gmail/messages")
+        def get_messages(user = Depends(require_google_integration("gmail"))):
+            # user has Gmail scope with required permissions
 
     Args:
-        integration: The Google integration name
+        integration: The Google integration short name
 
     Returns:
         The corresponding scope dependency function
 
     Raises:
         ValueError: If unknown integration name is provided
     """
-    if integration not in GOOGLE_SCOPE_URLS:
+    # Get the short name mapping from oauth_config (single source of truth)
+    short_name_mapping = get_short_name_mapping()
+
+    if integration not in short_name_mapping:
         raise ValueError(
-            f"Unknown integration: {integration}. Available: {list(GOOGLE_SCOPE_URLS.keys())}"
+            f"Unknown integration: {integration}. Available: {list(short_name_mapping.keys())}"
         )
 
-    scope_urls = GOOGLE_SCOPE_URLS[integration]
+    integration_id = short_name_mapping[integration]
+    scope_urls = get_integration_scopes(integration_id)
+
+    if not scope_urls:
+        raise ValueError(f"No scopes found for integration: {integration_id}")
+
     return require_google_scope(scope_urls)

backend/app/api/v1/router/chat.py

@@ -1,4 +1,4 @@
-from datetime import datetime
+from datetime import datetime, timezone
 
 from fastapi import APIRouter, BackgroundTasks, Depends
 from fastapi.responses import StreamingResponse
@@ -7,13 +7,23 @@
     get_current_user,
     get_user_timezone,
 )
-from app.decorators import tiered_rate_limit
-from app.models.message_models import MessageRequestWithHistory
-from app.services.chat_service import chat_stream
+from app.decorators import profile_time, tiered_rate_limit
+from app.models.message_models import (
+    MessageRequestWithHistory,
+    SaveIncompleteConversationRequest,
+    MessageDict,
+)
+from app.models.chat_models import MessageModel, UpdateMessagesRequest
+from app.services.chat_service import (
+    chat_stream,
+)
+from app.services.conversation_service import update_messages
+from app.utils.chat_utils import create_conversation
 
 router = APIRouter()
 
 
+@profile_time()
 @router.post("/chat-stream")
 @tiered_rate_limit("chat_messages")
 async def chat_stream_endpoint(
@@ -38,3 +48,61 @@ async def chat_stream_endpoint(
             "Access-Control-Allow-Origin": "*",
         },
     )
+
+
+@router.post("/save-incomplete-conversation")
+@tiered_rate_limit("chat_messages")
+async def save_incomplete_conversation(
+    body: SaveIncompleteConversationRequest,
+    background_tasks: BackgroundTasks,
+    user: dict = Depends(get_current_user),
+) -> dict:
+    """
+    Save incomplete conversation when stream is cancelled.
+    """
+    conversation_id = body.conversation_id
+
+    # Only create new conversation if conversation_id is None
+    if conversation_id is None:
+        last_message: MessageDict = {"role": "user", "content": body.message}
+        selectedTool = body.selectedTool
+        conversation = await create_conversation(
+            last_message, user=user, selectedTool=selectedTool
+        )
+        conversation_id = conversation.get("conversation_id", "")
+
+    # Save the incomplete conversation immediately (not as background task)
+    # Since user expects to see it right away when they navigate/refresh
+
+    # Create user message
+    user_message = MessageModel(
+        type="user",
+        response=body.message,
+        date=datetime.now(timezone.utc).isoformat(),
+        fileIds=body.fileIds,
+        fileData=body.fileData,
+        selectedTool=body.selectedTool,
+        toolCategory=body.toolCategory,
+    )
+
+    # Create bot message with incomplete response
+    bot_message = MessageModel(
+        type="bot",
+        response=body.incomplete_response,
+        date=datetime.now(timezone.utc).isoformat(),
+        fileIds=body.fileIds,
+    )
+
+    # Save immediately instead of background task
+    await update_messages(
+        UpdateMessagesRequest(
+            conversation_id=conversation_id,
+            messages=[user_message, bot_message],
+        ),
+        user=user,
+    )
+
+    return {
+        "success": True,
+        "conversation_id": conversation_id,
+    }

backend/app/api/v1/router/mail_webhook.py

@@ -1,13 +1,13 @@
 import json
 
-from fastapi import APIRouter, HTTPException, Request
-from fastapi.encoders import jsonable_encoder
-from fastapi.exceptions import RequestValidationError
-from pydantic import ValidationError
-
 from app.config.loggers import mail_webhook_logger as logger
 from app.models.mail_models import EmailWebhookRequest
 from app.services.mail_webhook_service import queue_email_processing
+from app.utils.pubsub_auth import get_verified_pubsub_request
+from fastapi import APIRouter, Depends, HTTPException, Request
+from fastapi.encoders import jsonable_encoder
+from fastapi.exceptions import RequestValidationError
+from pydantic import ValidationError
 
 router = APIRouter()
 
@@ -16,13 +16,21 @@
     "/mail-webhook/receive",
     summary="Process Email Webhook",
 )
-async def receive_email(request: Request):
+async def receive_email(
+    request: Request,
+    jwt_payload: dict = Depends(
+        get_verified_pubsub_request
+    ),  # Ensure the request is verified
+):
     """
     Process incoming email webhook notifications from Gmail.
     The webhook payload contains information about new emails.
 
     This endpoint receives the webhook, validates the payload,
     and queues a background task for processing.
+
+    The request is authenticated using JWT tokens to ensure it
+    comes from Google Cloud Pub/Sub and not unauthorized entities.
     """
     try:
         # Log raw request body
@@ -44,8 +52,6 @@ async def receive_email(request: Request):
                 detail="Email address and history ID must be provided.",
             )
 
-        logger.info(f"Parsed: email={email_address}, historyId={history_id}")
-
         # Use service to queue email processing
         return await queue_email_processing(email_address, history_id)