iBoss/bolt-diy
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
56f5d6f68cbf8efe52453d4777006c2ade5b9f7d
bolt-diy/.env.example
Stijnus 9ab4880d99 feat: comprehensive GitHub workflow improvements with security & quality enhancements (#1940) 
* feat: add comprehensive workflow testing framework

- Add test-workflows.yaml for safe workflow validation
- Add interactive testing script (test-workflows.sh)
- Add comprehensive testing documentation (WORKFLOW_TESTING.md)
- Add preview deployment smoke tests
- Add Playwright configuration for preview testing
- Add configuration files for quality checks

* fix: standardize pnpm version to 9.14.4 across all configs

- Update package.json packageManager to match workflow configurations
- Resolves version conflict detected by workflow testing
- Ensures consistent pnpm version across development and CI/CD

* fix: resolve TypeScript issues in test files

- Add ts-ignore comments for Playwright imports (dev dependency)
- Add proper type annotations to avoid implicit any errors
- These files are only used in testing environments where Playwright is installed

* feat: add CODEOWNERS file for automated review assignments

- Automatically request reviews from repository maintainers
- Define ownership for security-sensitive and core architecture files
- Enhance code review process with automated assignees

* fix: update CODEOWNERS for upstream repository maintainers

- Replace personal ownership with stackblitz-labs/bolt-maintainers team
- Ensure appropriate review assignments for upstream collaboration
- Maintain security review requirements for sensitive files

* fix: resolve workflow failures in upstream CI

- Exclude preview tests from main test suite (require Playwright)
- Add test configuration to vite.config.ts to prevent import errors
- Make quality workflow tools more resilient with better error handling
- Replace Cloudflare deployment with mock for upstream repo compatibility
- Replace Playwright smoke tests with basic HTTP checks
- Ensure all workflows can run without additional dependencies

These changes maintain workflow functionality while being compatible
with the upstream repository's existing setup and dependencies.

* fix: make workflows production-ready and non-blocking

Critical fixes to prevent workflows from blocking future PRs:

- Preview deployment: Gracefully handle missing Cloudflare secrets
- Quality analysis: Make dependency checks resilient with fallbacks
- PR size check: Add continue-on-error and larger size categories
- Quality gates: Distinguish required vs optional workflows
- All workflows: Ensure they pass when dependencies/secrets missing

These changes ensure workflows enhance the development process
without becoming blockers for legitimate PRs.

* fix: ensure all workflows are robust and never block PRs

Final robustness improvements:

- Preview deployment: Add continue-on-error for GitHub API calls
- Preview deployment: Add summary step to ensure workflow always passes
- Cleanup workflows: Handle missing permissions gracefully
- PR Size Check: Replace external action with robust git-based implementation
- All GitHub API calls: Add continue-on-error to prevent permission failures

These changes guarantee that workflows provide value without blocking
legitimate PRs, even when secrets/permissions are missing.

* fix: ensure Docker image names are lowercase for ghcr.io compatibility

- Add step to convert github.repository to lowercase using tr command
- Update all image references to use lowercase repository name
- Resolves "repository name must be lowercase" error in Docker registry

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

* feat: Add comprehensive bug reporting system

- Add BugReportTab component with full form validation
- Implement real-time environment detection (browser, OS, screen resolution)
- Add API route for bug report submission to GitHub
- Include form validation with character limits and required fields
- Add preview functionality before submission
- Support environment info inclusion in reports
- Clean up and remove screenshot functionality for simplicity
- Fix validation logic to properly clear errors when fixed

---------

Co-authored-by: Claude <noreply@anthropic.com>
2025-08-31 02:14:43 +02:00

132 lines
4.9 KiB
Plaintext
Raw Blame History

# Rename this file to .env once you have filled in the below environment variables!
# Get your GROQ API Key here -
# https://console.groq.com/keys
# You only need this environment variable set if you want to use Groq models
GROQ_API_KEY=
# Get your HuggingFace API Key here -
# https://huggingface.co/settings/tokens
# You only need this environment variable set if you want to use HuggingFace models
HuggingFace_API_KEY=
# Get your Open AI API Key by following these instructions -
# https://help.openai.com/en/articles/4936850-where-do-i-find-my-openai-api-key
# You only need this environment variable set if you want to use GPT models
OPENAI_API_KEY=
# Get your Anthropic API Key in your account settings -
# https://console.anthropic.com/settings/keys
# You only need this environment variable set if you want to use Claude models
ANTHROPIC_API_KEY=
# Get your OpenRouter API Key in your account settings -
# https://openrouter.ai/settings/keys
# You only need this environment variable set if you want to use OpenRouter models
OPEN_ROUTER_API_KEY=
# Get your Google Generative AI API Key by following these instructions -
# https://console.cloud.google.com/apis/credentials
# You only need this environment variable set if you want to use Google Generative AI models
GOOGLE_GENERATIVE_AI_API_KEY=
# You only need this environment variable set if you want to use oLLAMA models
# DONT USE http://localhost:11434 due to IPV6 issues
# USE EXAMPLE http://127.0.0.1:11434
OLLAMA_API_BASE_URL=
# You only need this environment variable set if you want to use OpenAI Like models
OPENAI_LIKE_API_BASE_URL=
# You only need this environment variable set if you want to use Together AI models
TOGETHER_API_BASE_URL=
# You only need this environment variable set if you want to use DeepSeek models through their API
DEEPSEEK_API_KEY=
# Get your OpenAI Like API Key
OPENAI_LIKE_API_KEY=
# Get your Together API Key
TOGETHER_API_KEY=
# You only need this environment variable set if you want to use Hyperbolic models
#Get your Hyperbolics API Key at https://app.hyperbolic.xyz/settings
#baseURL="https://api.hyperbolic.xyz/v1/chat/completions"
HYPERBOLIC_API_KEY=
HYPERBOLIC_API_BASE_URL=
# Get your Mistral API Key by following these instructions -
# https://console.mistral.ai/api-keys/
# You only need this environment variable set if you want to use Mistral models
MISTRAL_API_KEY=
# Get the Cohere Api key by following these instructions -
# https://dashboard.cohere.com/api-keys
# You only need this environment variable set if you want to use Cohere models
COHERE_API_KEY=
# Get LMStudio Base URL from LM Studio Developer Console
# Make sure to enable CORS
# DONT USE http://localhost:1234 due to IPV6 issues
# Example: http://127.0.0.1:1234
LMSTUDIO_API_BASE_URL=
# Get your xAI API key
# https://x.ai/api
# You only need this environment variable set if you want to use xAI models
XAI_API_KEY=
# Get your Perplexity API Key here -
# https://www.perplexity.ai/settings/api
# You only need this environment variable set if you want to use Perplexity models
PERPLEXITY_API_KEY=
# Get your AWS configuration
# https://console.aws.amazon.com/iam/home
# The JSON should include the following keys:
# - region: The AWS region where Bedrock is available.
# - accessKeyId: Your AWS access key ID.
# - secretAccessKey: Your AWS secret access key.
# - sessionToken (optional): Temporary session token if using an IAM role or temporary credentials.
# Example JSON:
# {"region": "us-east-1", "accessKeyId": "yourAccessKeyId", "secretAccessKey": "yourSecretAccessKey", "sessionToken": "yourSessionToken"}
AWS_BEDROCK_CONFIG=
# Include this environment variable if you want more logging for debugging locally
VITE_LOG_LEVEL=debug
# Get your GitHub Personal Access Token here -
# https://github.com/settings/tokens
# This token is used for:
# 1. Importing/cloning GitHub repositories without rate limiting
# 2. Accessing private repositories
# 3. Automatic GitHub authentication (no need to manually connect in the UI)
#
# For classic tokens, ensure it has these scopes: repo, read:org, read:user
# For fine-grained tokens, ensure it has Repository and Organization access
VITE_GITHUB_ACCESS_TOKEN=
# Specify the type of GitHub token you're using
# Can be 'classic' or 'fine-grained'
# Classic tokens are recommended for broader access
VITE_GITHUB_TOKEN_TYPE=classic
# Bug Report Configuration (Server-side only)
# GitHub token for creating bug reports - requires 'public_repo' scope
# This token should be configured on the server/deployment environment
# GITHUB_BUG_REPORT_TOKEN=ghp_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
# Repository where bug reports will be created
# Format: "owner/repository"
# BUG_REPORT_REPO=stackblitz-labs/bolt.diy
# Example Context Values for qwen2.5-coder:32b
#
# DEFAULT_NUM_CTX=32768 # Consumes 36GB of VRAM
# DEFAULT_NUM_CTX=24576 # Consumes 32GB of VRAM
# DEFAULT_NUM_CTX=12288 # Consumes 26GB of VRAM
# DEFAULT_NUM_CTX=6144 # Consumes 24GB of VRAM
DEFAULT_NUM_CTX=
Reference in New Issue View Git Blame Copy Permalink