@eeacms/volto-eea-chatbot 1.0.12 → 1.0.13

package/CHANGELOG.md

@@ -4,6 +4,18 @@ All notable changes to this project will be documented in this file. Dates are d
 
 Generated by [`auto-changelog`](https://github.com/CookPete/auto-changelog).
 
+### [1.0.13](https://github.com/eea/volto-eea-chatbot/compare/1.0.12...1.0.13) - 4 March 2026
+
+#### :house: Internal changes
+
+- style: Automated code fix [eea-jenkins - [`8a8c3c4`](https://github.com/eea/volto-eea-chatbot/commit/8a8c3c4172a4f669661378cf1b5a3569d85609e6)]
+- chore: [JENKINSFILE] add package version in sonarqube [valentinab25 - [`535d986`](https://github.com/eea/volto-eea-chatbot/commit/535d986b7adc77743a668bc4ac63f835eef58df3)]
+
+#### :hammer_and_wrench: Others
+
+- update [Miu Razvan - [`04e6c3f`](https://github.com/eea/volto-eea-chatbot/commit/04e6c3f776bb9920b89a014cc97f8e5dbb284a48)]
+- update [Miu Razvan - [`f9e9beb`](https://github.com/eea/volto-eea-chatbot/commit/f9e9beb0676b215a50226a0db8c5be7c540f26ff)]
+- Forward client ip to onyx/llmgw requests, ref #298095 [Miu Razvan - [`e90a672`](https://github.com/eea/volto-eea-chatbot/commit/e90a672273f2220d2cced4ad53c4b3ed3f295691)]
 ### [1.0.12](https://github.com/eea/volto-eea-chatbot/compare/1.0.11...1.0.12) - 23 February 2026
 
 #### :house: Internal changes

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@eeacms/volto-eea-chatbot",
-  "version": "1.0.12",
+  "version": "1.0.13",
   "description": "@eeacms/volto-eea-chatbot: Volto add-on",
   "main": "src/index.js",
   "author": "European Environment Agency: IDM2 A-Team",

package/src/halloumi/filtering.js

@@ -13,7 +13,7 @@ const filterModel = {
   apiKey: LLMGW_API_KEY,
 };
 
-export async function callLLM(apiUrl, apiKey, requestBody) {
+export async function callLLM(apiUrl, apiKey, requestBody, { ip } = {}) {
   const headers = {
     'Content-Type': 'application/json',
     accept: 'application/json',
@@ -21,6 +21,9 @@ export async function callLLM(apiUrl, apiKey, requestBody) {
   if (apiKey) {
     headers['Authorization'] = `Bearer ${apiKey}`;
   }
+  if (ip) {
+    headers['X-Forwarded-For'] = ip;
+  }
 
   const response = await fetch(apiUrl, {
     method: 'POST',
@@ -92,24 +95,26 @@ export function parseExcludeIndices(content, maxIndex) {
   return excludeIndices;
 }
 
-async function callFilterModel(prompt) {
+async function callFilterModel(prompt, { ip } = {}) {
   const data = {
     messages: [{ role: 'user', content: prompt }],
     temperature: 0.0,
     model: filterModel.name,
   };
-  const jsonData = await callLLM(filterModel.apiUrl, filterModel.apiKey, data);
+  const jsonData = await callLLM(filterModel.apiUrl, filterModel.apiKey, data, {
+    ip,
+  });
   return jsonData.choices?.[0]?.message?.content || '';
 }
 
-export async function excludeClaimSentences(sentences) {
+export async function excludeClaimSentences(sentences, { ip } = {}) {
   if (sentences.length === 0) {
     return new Set();
   }
 
   try {
     const prompt = buildClaimFilterPrompt(sentences);
-    const content = await callFilterModel(prompt);
+    const content = await callFilterModel(prompt, { ip });
     const excludedIndices = parseExcludeIndices(content, sentences.length);
     log('Claim filter response', excludedIndices.size);
     return excludedIndices;
@@ -122,6 +127,7 @@ export async function excludeClaimSentences(sentences) {
 export async function excludeContextSentences(
   contextSentences,
   claimSentences,
+  { ip } = {},
 ) {
   if (contextSentences.length <= MIN_CONTEXT_SENTENCES_FOR_FILTERING) {
     return new Set();
@@ -129,7 +135,7 @@ export async function excludeContextSentences(
 
   try {
     const prompt = buildContextFilterPrompt(contextSentences, claimSentences);
-    const content = await callFilterModel(prompt);
+    const content = await callFilterModel(prompt, { ip });
     const excludedIndices = parseExcludeIndices(
       content,
       contextSentences.length,

package/src/halloumi/generative.js

@@ -52,7 +52,12 @@ function mergeChunkClaims(chunkResults) {
   return Array.from(claimMap.values());
 }
 
-export async function getVerifyClaimResponse(model, sources, answer) {
+export async function getVerifyClaimResponse(
+  model,
+  sources,
+  answer,
+  { ip } = {},
+) {
   const emptyResponse = {
     claims: [],
     segments: {},
@@ -67,7 +72,7 @@ export async function getVerifyClaimResponse(model, sources, answer) {
 
   // Filter claims and context in parallel
   const [excludeResponseIndices] = await Promise.all([
-    excludeClaimSentences(responseSentences),
+    excludeClaimSentences(responseSentences, { ip }),
   ]);
 
   const contextSentences = [];
@@ -109,7 +114,7 @@ export async function getVerifyClaimResponse(model, sources, answer) {
   const chunkResults = await Promise.all(
     prompts.map((chunkPrompt, i) => {
       log(`Chunk ${i + 1} request`);
-      return halloumiGenerativeAPI(model, chunkPrompt);
+      return halloumiGenerativeAPI(model, chunkPrompt, { ip });
     }),
   );
 
@@ -166,7 +171,7 @@ export async function getVerifyClaimResponse(model, sources, answer) {
  * - `DUMP_HALLOUMI_REQ_FILE_PATH`: If set, the LLM request (URL and parameters) is dumped to the specified file path.
  * - `DUMP_HALLOUMI_FILE_PATH`: If set, the LLM response is dumped to the specified file path.
  */
-async function getLLMResponse(model, prompt) {
+async function getLLMResponse(model, prompt, { ip } = {}) {
   let jsonData;
 
   if (process.env.MOCK_HALLOUMI_FILE_PATH) {
@@ -194,7 +199,7 @@ async function getLLMResponse(model, prompt) {
     log(`Dumped halloumi request: ${filePath}`);
   }
 
-  jsonData = await callLLM(model.apiUrl, model.apiKey, data);
+  jsonData = await callLLM(model.apiUrl, model.apiKey, data, { ip });
 
   if (process.env.DUMP_HALLOUMI_FILE_PATH) {
     const filePath = process.env.DUMP_HALLOUMI_FILE_PATH;
@@ -210,8 +215,8 @@ async function getLLMResponse(model, prompt) {
  * @param response A string containing all claims and their information.
  * @returns A list of claim objects.
  */
-export async function halloumiGenerativeAPI(model, prompt) {
-  const jsonData = await getLLMResponse(model, prompt);
+export async function halloumiGenerativeAPI(model, prompt, { ip } = {}) {
+  const jsonData = await getLLMResponse(model, prompt, { ip });
 
   // Todo: restore log
   // log('Generative response', jsonData);

package/src/halloumi/middleware.js

@@ -56,6 +56,7 @@ export default async function middleware(req, res, next) {
       // TODO: map with citation id
       sources,
       answer,
+      { ip: req.headers['x-forwarded-for'] || req.ip },
     );
     // log('Halloumi response', resp);
     res.send(resp);

package/src/middleware.js

@@ -151,6 +151,7 @@ async function send_onyx_request(
   res,
   { username, password, api_key, url, is_related_question },
 ) {
+  const forwardedFor = req.headers['x-forwarded-for'] || req.ip;
   let headers = {};
   if (!api_key) {
     await login(username, password);
@@ -166,11 +167,13 @@ async function send_onyx_request(
     headers = {
       Cookie: cached_auth_cookie,
       'Content-Type': 'application/json',
+      'X-Forwarded-For': forwardedFor,
     };
   } else {
     headers = {
       Authorization: 'Bearer ' + api_key,
       'Content-Type': 'application/json',
+      'X-Forwarded-For': forwardedFor,
     };
   }
 

package/src/middleware.test.js

@@ -59,6 +59,8 @@ describe('src/middleware', () => {
       url: '/_da/chat/send-message',
       method: 'POST',
       body: { message: 'hello' },
+      ip: '127.0.0.1',
+      headers: {},
     };
     res = {
       send: jest.fn(),