rack-ai 0.1.0 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5c647f66a3eae25ff6af97c25cbb4dcee2a5fc55c959e04f8b441e40e01c3622
-  data.tar.gz: 485eebfb792effaa6ea9ae8878f3a81e06cb4520728c7df55b81817254bc0cd7
+  metadata.gz: 70c4c59ceaa3a8fd55136f31d5935e0f701f83086a48c09f3ff7b8f012961d4b
+  data.tar.gz: a74d4964324bdec31e68fe9a9d73ce343091159817f8707a4cf99a871fe5ce03
 SHA512:
-  metadata.gz: f1aef3c9f81e822afb3e140063bb919d33c0bacf1a3ac988e6e8a236292d8f1c0b2fb8ca642d25ea6ab4864b4cd79dffbc49b1c67bfbd5c4d9b7e4d4145f3670
-  data.tar.gz: 10de1bd82c8ca26da97490da3bd13bff8b7cdf5a2a52107507d81c674b926aae7f3bbbbf75cc0631b73f874147492b8e20ff9f44578ce7c777a133a4366891d1
+  metadata.gz: 5272d46f9facd1245c5e953033bc5e1c2994ab4b528efc1ae69b6fbed599c836159d34970110bac8c0044e0a6bd576c9976da9dbe2d81df3ab20d73ca9d4ff33
+  data.tar.gz: e67d23491fc329a4eb251f33f22c7c541cbde6af5298c29289914801f4793372f6384dc0912df026b605f2fb0f837659bc45a8c67e411046809418421be10be5

data/CHANGELOG.md

@@ -7,43 +7,104 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
-## [0.1.0] - 2024-09-11
+### Added
+- Rate limiting feature with configurable windows and thresholds
+- Anomaly detection with baseline learning and risk scoring
+- Enhanced logging system with JSON/structured output formats
+- Comprehensive example application demonstrating all features
+- Advanced error handling and edge case coverage
+- Performance optimizations and memory management
+
+### Changed
+- Removed OStruct dependency to eliminate Ruby 3.5+ warnings
+- Improved configuration system with better validation
+- Enhanced middleware initialization and provider setup
+- Better test coverage and mocking strategies
+
+### Fixed
+- Configuration validation issues
+- Provider initialization edge cases
+- Test suite stability and reliability
+- Memory leaks in long-running applications
+
+## [0.3.0] - 2024-01-16
+
+### Added
+- **New Providers**: HuggingFace and Local provider implementations
+- **New Features**: 
+  - Caching with predictive analysis and Redis integration
+  - Smart routing based on AI classification results
+  - Enhanced logging with structured AI insights
+  - Content enhancement for SEO, readability, and accessibility
+  - Rate limiting with IP-based tracking and configurable windows
+  - Anomaly detection with baseline learning and risk scoring
+- **Advanced Examples**: 
+  - Rails integration with all features enabled
+  - Sinatra microservice with security-focused configuration
+  - Comprehensive example demonstrating all capabilities
+- **Enhanced Configuration**: OpenStruct-based nested configuration for better usability
+- **Improved Testing**: Complete test coverage for all providers and features
+- **Better Error Handling**: Comprehensive error handling throughout the codebase
+
+### Changed
+- Configuration system now uses OpenStruct for nested settings
+- Logger implementation simplified and warnings resolved
+- Provider initialization improved with better validation
+- Middleware now supports all implemented features
+
+### Fixed
+- Configuration hash access issues resolved
+- Logger constant conflicts eliminated
+- Test failures for provider implementations
+- OStruct deprecation warnings addressed
+
+### Security
+- Enhanced injection detection capabilities
+- Improved anomaly detection algorithms
+- Better rate limiting implementation
+- Comprehensive security analysis features
+
+## [0.2.0] - 2024-01-15
 
 ### Added
-- Initial release of Rack::AI middleware
-- Core AI-powered features:
-  - Request classification (human, bot, spam, suspicious)
-  - Content moderation with toxicity detection
-  - Security analysis and threat detection
-  - Smart caching with predictive capabilities
-  - Intelligent routing based on AI analysis
-  - Enhanced logging with AI insights
-  - Content enhancement (SEO, readability, accessibility)
-- Multi-provider support:
-  - OpenAI integration
-  - HuggingFace integration
-  - Local AI model support
-- Comprehensive configuration system:
-  - Ruby DSL configuration
-  - Environment-specific settings
-  - Feature toggles and thresholds
-- Production-ready features:
-  - Fail-safe mode for reliability
-  - Async processing for performance
-  - Data sanitization for security
-  - Comprehensive error handling
-- Framework integrations:
-  - Rails middleware integration
-  - Sinatra application examples
-  - Custom Rack application support
-- Monitoring and observability:
-  - Built-in metrics collection
-  - Prometheus format export
-  - Structured logging
-  - Performance benchmarks
-- Developer experience:
-  - Comprehensive test suite
-  - Performance benchmarks
+- Initial release with core AI middleware functionality
+- OpenAI, HuggingFace, and Local provider support
+- AI-powered request classification (human, bot, spam, suspicious)
+- Security analysis with injection detection and threat assessment
+- Content moderation using AI models
+- Smart caching with predictive algorithms
+- Flexible configuration system using Dry::Configurable
+- Fail-safe operation with graceful degradation
+- Async processing for non-blocking AI analysis
+- Comprehensive logging and monitoring
+- Health check endpoints
+- Complete test suite with WebMock integration
+- Documentation and usage examples
+
+### Features
+- **Request Classification**: Automatically classify incoming requests using AI
+- **Security Analysis**: Detect SQL injection, XSS, CSRF, and other threats
+- **Content Moderation**: Filter inappropriate content with configurable thresholds
+- **Rate Limiting**: Protect against abuse with intelligent rate limiting
+- **Anomaly Detection**: Identify unusual patterns and potential attacks
+- **Smart Caching**: Predictive caching based on AI analysis patterns
+- **Multi-Provider Support**: OpenAI, HuggingFace, and local model integration
+- **Async Processing**: Non-blocking AI analysis for optimal performance
+- **Fail-Safe Mode**: Graceful handling of AI service outages
+- **Comprehensive Logging**: Structured logging with multiple output formats
+
+### Providers
+- **OpenAI**: GPT-3.5/4 integration for classification and moderation
+- **HuggingFace**: Transformer models for various AI tasks
+- **Local**: Support for self-hosted AI models and services
+
+### Configuration
+- Flexible feature pipeline configuration
+- Provider-specific settings and API keys
+- Timeout and retry mechanisms
+- Security and sanitization options
+- Performance tuning parameters
+- Logging and monitoring controls
   - Detailed documentation
   - Integration examples
 

data/examples/comprehensive_example.rb

@@ -0,0 +1,203 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'rack'
+require 'rack/ai'
+
+# Comprehensive example showing all Rack::AI features
+class ComprehensiveApp
+  def self.app
+    Rack::Builder.new do
+      # Configure Rack::AI with all features enabled
+      use Rack::AI::Middleware,
+        provider: :openai,
+        features: [:classification, :security, :rate_limiting, :anomaly_detection, :moderation],
+        fail_safe: true,
+        async_processing: false, # Synchronous for demo
+        explain_decisions: true,
+        
+        # OpenAI Configuration
+        openai: {
+          api_key: ENV['OPENAI_API_KEY'] || 'your-api-key-here',
+          timeout: 30,
+          retries: 3
+        },
+        
+        # Classification settings
+        classification: {
+          confidence_threshold: 0.8,
+          categories: [:human, :bot, :spam, :suspicious]
+        },
+        
+        # Security settings
+        security: {
+          injection_detection: true,
+          anomaly_threshold: 0.7,
+          suspicious_patterns: [
+            /\b(union|select|insert|delete|drop)\b/i,
+            /<script\b[^<]*(?:(?!<\/script>)<[^<]*)*<\/script>/mi,
+            /javascript:/i
+          ]
+        },
+        
+        # Rate limiting settings
+        rate_limiting: {
+          window_size: 3600, # 1 hour
+          max_requests: 1000,
+          block_duration: 3600
+        },
+        
+        # Anomaly detection settings
+        anomaly_detection: {
+          sensitivity: 0.8,
+          risk_threshold_block: 80
+        },
+        
+        # Moderation settings
+        moderation: {
+          toxicity_threshold: 0.8,
+          check_response: false,
+          block_on_violation: true
+        }
+
+      # Main application
+      run lambda { |env|
+        request = Rack::Request.new(env)
+        
+        # Get AI analysis results
+        ai_results = env['rack.ai'][:results]
+        
+        # Build response based on AI analysis
+        response_data = {
+          message: "Request processed successfully",
+          path: request.path,
+          method: request.request_method,
+          ai_analysis: {
+            classification: ai_results[:classification],
+            security: ai_results[:security],
+            rate_limiting: ai_results[:rate_limiting],
+            anomaly_detection: ai_results[:anomaly_detection],
+            moderation: ai_results[:moderation]
+          },
+          processing_time: env['rack.ai'][:processing_time],
+          timestamp: Time.now.iso8601
+        }
+        
+        # Return JSON response
+        [
+          200,
+          {
+            'Content-Type' => 'application/json',
+            'X-Powered-By' => 'Rack::AI'
+          },
+          [response_data.to_json]
+        ]
+      }
+    end
+  end
+end
+
+# Demo routes for testing different scenarios
+class DemoRoutes
+  def self.app
+    Rack::Builder.new do
+      use Rack::AI::Middleware,
+        provider: :openai,
+        features: [:classification, :security, :rate_limiting],
+        openai: { api_key: ENV['OPENAI_API_KEY'] }
+
+      map '/api/safe' do
+        run lambda { |env|
+          [200, { 'Content-Type' => 'application/json' }, 
+           [{ message: 'Safe endpoint', status: 'ok' }.to_json]]
+        }
+      end
+
+      map '/api/suspicious' do
+        run lambda { |env|
+          # This might trigger security features
+          query = Rack::Request.new(env).params['q']
+          if query&.include?('DROP TABLE')
+            [400, {}, ['Bad request']]
+          else
+            [200, { 'Content-Type' => 'application/json' }, 
+             [{ message: 'Processed query', query: query }.to_json]]
+          end
+        }
+      end
+
+      map '/api/bulk' do
+        run lambda { |env|
+          # This might trigger rate limiting
+          [200, { 'Content-Type' => 'application/json' }, 
+           [{ message: 'Bulk operation completed' }.to_json]]
+        }
+      end
+
+      map '/health' do
+        run lambda { |env|
+          # Health check endpoint (might be excluded from AI processing)
+          [200, { 'Content-Type' => 'application/json' }, 
+           [{ status: 'healthy', timestamp: Time.now.iso8601 }.to_json]]
+        }
+      end
+
+      # Default route
+      run lambda { |env|
+        ai_results = env['rack.ai'][:results]
+        
+        [200, { 'Content-Type' => 'text/html' }, [<<~HTML
+          <!DOCTYPE html>
+          <html>
+          <head>
+            <title>Rack::AI Demo</title>
+            <style>
+              body { font-family: Arial, sans-serif; margin: 40px; }
+              .ai-results { background: #f5f5f5; padding: 20px; border-radius: 8px; }
+              .feature { margin: 10px 0; padding: 10px; border-left: 4px solid #007cba; }
+              pre { background: #333; color: #fff; padding: 15px; border-radius: 4px; overflow-x: auto; }
+            </style>
+          </head>
+          <body>
+            <h1>🤖 Rack::AI Demo Application</h1>
+            <p>This request was analyzed by Rack::AI middleware.</p>
+            
+            <div class="ai-results">
+              <h2>AI Analysis Results:</h2>
+              #{ai_results.map { |feature, result|
+                "<div class='feature'><strong>#{feature.to_s.capitalize}:</strong> #{result[:action]} (confidence: #{result[:confidence] || 'N/A'})</div>"
+              }.join}
+            </div>
+
+            <h2>Test Endpoints:</h2>
+            <ul>
+              <li><a href="/api/safe">Safe API endpoint</a></li>
+              <li><a href="/api/suspicious?q=SELECT * FROM users">Suspicious query</a></li>
+              <li><a href="/api/bulk">Bulk operation (rate limiting test)</a></li>
+              <li><a href="/health">Health check</a></li>
+            </ul>
+
+            <h2>Raw AI Results:</h2>
+            <pre>#{JSON.pretty_generate(ai_results)}</pre>
+          </body>
+          </html>
+        HTML
+        ]]
+      }
+    end
+  end
+end
+
+if __FILE__ == $0
+  puts "🚀 Starting Rack::AI Demo Server..."
+  puts "Features: Classification, Security, Rate Limiting, Anomaly Detection"
+  puts "Visit: http://localhost:9292"
+  puts "Press Ctrl+C to stop"
+  
+  # Use the comprehensive app
+  Rack::Handler::WEBrick.run(
+    ComprehensiveApp.app,
+    Port: 9292,
+    Host: '0.0.0.0'
+  )
+end