kyd-shared-badge 0.3.3 → 0.3.5

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "kyd-shared-badge",
-  "version": "0.3.3",
+  "version": "0.3.5",
   "private": false,
   "main": "./src/index.ts",
   "module": "./src/index.ts",

package/src/ambient-ai.d.ts

@@ -3,6 +3,7 @@ declare module 'ai' {
 }
 
 declare module '@ai-sdk/amazon-bedrock' {
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
   export function bedrock(modelId: string, opts?: any): any;
 }
 

package/src/chat/ChatWidget.tsx

@@ -47,11 +47,33 @@ export default function ChatWidget({ api = '/api/chat', title = 'KYD Bot', hintT
   const [headerTop, setHeaderTop] = useState(0);
   const [showHint, setShowHint] = useState(false);
   const { messages, input, setInput, sending, sendMessage, cancel } = useChatStreaming({ api, badgeId });
-  const listRef = useRef<HTMLDivElement>(null);
+  const containerRef = useRef<HTMLDivElement>(null);
+  const [autoScroll, setAutoScroll] = useState(true);
 
+  // Detect user scroll position to toggle auto-scroll
   useEffect(() => {
-    if (listRef.current) listRef.current.scrollTop = listRef.current.scrollHeight;
-  }, [messages, open]);
+    if (!open) return;
+    const root = containerRef.current;
+    if (!root) return;
+    const scrollEl = root.querySelector('.cs-message-list') as HTMLElement | null;
+    if (!scrollEl) return;
+    const onScroll = () => {
+      const nearBottom = scrollEl.scrollTop + scrollEl.clientHeight >= scrollEl.scrollHeight - 8;
+      setAutoScroll(nearBottom);
+    };
+    scrollEl.addEventListener('scroll', onScroll, { passive: true } as AddEventListenerOptions);
+    return () => scrollEl.removeEventListener('scroll', onScroll);
+  }, [open]);
+
+  // Keep scrolled to bottom only when autoScroll is enabled
+  useEffect(() => {
+    if (!open) return;
+    if (!autoScroll) return;
+    const root = containerRef.current;
+    if (!root) return;
+    const scrollEl = root.querySelector('.cs-message-list') as HTMLElement | null;
+    if (scrollEl) scrollEl.scrollTop = scrollEl.scrollHeight;
+  }, [messages, open, autoScroll]);
 
   // Optional hint (only shows if user hasn't dismissed before and when collapsed)
   useEffect(() => {
@@ -208,6 +230,7 @@ export default function ChatWidget({ api = '/api/chat', title = 'KYD Bot', hintT
           aria-label={'Chat sidebar'}
           style={{ position: 'fixed', top: headerTop, right: 0, bottom: 0, width, maxWidth: '92vw' }}
           className={'shadow-xl border flex flex-col overflow-hidden'}
+          ref={containerRef}
         >
           {/* Left-edge resizer */}
           <div
@@ -222,7 +245,7 @@ export default function ChatWidget({ api = '/api/chat', title = 'KYD Bot', hintT
               <div className={'flex-1'} style={{ minHeight: 0 }}>
                 <MainContainer style={{ height: '100%', position: 'relative', background: 'var(--content-card-background)', border: 'none'}}>
                   <ChatContainer style={{ height: '100%' }}>
-                    <MessageList typingIndicator={undefined} autoScrollToBottom>
+                    <MessageList typingIndicator={undefined} autoScrollToBottom={autoScroll}>
                     {messages.length === 0 && (
                       <Message model={{ message: 'Start a conversation. I can answer questions about this developer’s report.', sender: 'KYD', direction: 'incoming', position: 'single' }} />
                     )}
@@ -272,7 +295,7 @@ export default function ChatWidget({ api = '/api/chat', title = 'KYD Bot', hintT
                 </ChatContainer>
               </MainContainer>
               </div>
-              <form onSubmit={(e) => { e.preventDefault(); if (!sending && input.trim()) sendMessage(); }}>
+              <form onSubmit={(e) => { e.preventDefault(); if (!sending && input.trim()) { setAutoScroll(true); sendMessage(); } }}>
                 <div className={'flex items-end gap-2 p-2 border-t'} style={{ borderColor: 'var(--icon-button-secondary)', background: 'var(--content-card-background)' }}>
                   <input
                     aria-label={'Type your message'}

package/src/chat/ChatWindowStreaming.tsx

@@ -1,6 +1,6 @@
 'use client';
 
-import { useEffect, useRef } from 'react';
+import { useEffect, useRef, useState } from 'react';
 import './chat-overrides.css';
 import { FiSend } from 'react-icons/fi';
 import { useChatStreaming } from './useChatStreaming';
@@ -8,14 +8,24 @@ import { useChatStreaming } from './useChatStreaming';
 export default function ChatWindowStreaming({ api = '/api/chat', badgeId }: { api?: string, badgeId: string }) {
   const { messages, input, setInput, sending, sendMessage } = useChatStreaming({ api, badgeId });
   const listRef = useRef<HTMLDivElement>(null);
+  const autoScrollRef = useRef<boolean>(true);
+
+  const handleScroll = () => {
+    const el = listRef.current;
+    if (!el) return;
+    const nearBottom = el.scrollTop + el.clientHeight >= el.scrollHeight - 8;
+    autoScrollRef.current = nearBottom;
+  };
 
   useEffect(() => {
-    if (listRef.current) listRef.current.scrollTop = listRef.current.scrollHeight;
+    if (listRef.current && autoScrollRef.current) {
+      listRef.current.scrollTop = listRef.current.scrollHeight;
+    }
   }, [messages]);
 
   return (
     <div className="flex flex-col border rounded-lg overflow-hidden" style={{ background: 'var(--content-card-background)', borderColor: 'var(--icon-button-secondary)'}}>
-      <div ref={listRef} className="p-4 space-y-3 h-72 overflow-auto">
+      <div ref={listRef} className="p-4 space-y-3 h-72 overflow-auto" onScroll={handleScroll}>
         {messages.map(m => (
           <div key={m.id} className={m.role === 'user' ? 'text-right' : 'text-left'}>
             <div
@@ -35,13 +45,13 @@ export default function ChatWindowStreaming({ api = '/api/chat', badgeId }: { ap
         <input
           value={input}
           onChange={e=>setInput(e.target.value)}
-          onKeyDown={e=>{ if (e.key==='Enter') sendMessage(); }}
+          onKeyDown={e=>{ if (e.key==='Enter') { autoScrollRef.current = true; sendMessage(); } }}
           className="flex-1 px-3 py-2 rounded border kyd-chat-input"
           style={{ background: 'var(--input-background)', color: 'var(--text-main)', borderColor: 'var(--icon-button-secondary)' }}
           placeholder="Ask KYD…"
         />
         <button
-          onClick={()=>sendMessage()}
+          onClick={()=>{ autoScrollRef.current = true; sendMessage(); }}
           disabled={sending}
           className="px-3 py-2 rounded disabled:opacity-60 kyd-chat-button"
           style={{ background: 'var(--gradient-start)', color: '#fff' }}

package/src/components/ReportHeader.tsx

@@ -58,8 +58,8 @@ const ReportHeader = ({ badgeId, developerName, updatedAt, score = 0, badgeImage
       <div className="flex flex-col md:flex-row items-center md:items-stretch gap-6">
         {/* Left Half: Badge Image with robust centered overlay */}
         <div className="w-full md:w-1/3 flex items-center justify-center self-stretch">
-          <div className="relative w-full max-w-xs select-none" style={{ maxWidth: 260 }}>
-            <Image src={finalBadgeImageUrl} alt="KYD Badge" width={260} height={260} unoptimized className='w-full h-auto pointer-events-none p-6'/>
+          <div className="relative w-full max-w-xs select-none">
+            <Image src={finalBadgeImageUrl} alt="KYD Badge" width={400} height={400} unoptimized className='w-full h-auto pointer-events-none p-10'/>
             {/* Centered overlay slightly lower on Y axis, responsive and readable */}
             <div className="pointer-events-none absolute left-1/2 top-[66%] -translate-x-1/2 -translate-y-1/2">
               <div className="font-extrabold text-black text-3xl " >

package/src/lib/chat-store.ts

@@ -28,8 +28,11 @@ export type MessageItem = {
   role: Role;
   content: string;
   createdAt: string;
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
   redactions?: any;
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
   toolCalls?: any;
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
   evidenceJson?: any;
 };
 
@@ -59,6 +62,7 @@ export async function createSession(params: { userId: string; companyId?: string
   return sessionId;
 }
 
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
 export async function putMessage(params: { sessionId: string; role: Role; content: string; evidenceJson?: any }): Promise<void> {
   const now = new Date().toISOString();
   const item: MessageItem = {

package/src/lib/context.ts

@@ -4,7 +4,7 @@
 import { DynamoDBClient } from '@aws-sdk/client-dynamodb';
 import { DynamoDBDocumentClient, GetCommand } from '@aws-sdk/lib-dynamodb';
 import { S3Client, GetObjectCommand } from '@aws-sdk/client-s3';
-import { mkdir, writeFile } from 'fs/promises';
+// import { mkdir, writeFile } from 'fs/promises';
 import { GraphInsightsPayload } from '../types';
 
 const region = process.env.AWS_REGION!;
@@ -18,7 +18,7 @@ export async function aggregateUserData(userId: string, enterpriseMode?: boolean
   // Minimal: load user record. Optionally, in enterprise mode, you could also fetch link overlay.
   const userResp = await doc.send(new GetCommand({ TableName: usersTableName, Key: { userId } }));
   const user = userResp.Item || {};
-  const merged = { ...user } as Record<string, any>;
+  const merged = { ...user }
   if (enterpriseMode && companyId) {
     // Optionally merge enterprise overlay later; keeping simple for MVP.
     merged.companyId = companyId;
@@ -50,10 +50,11 @@ export async function aggregateUserData(userId: string, enterpriseMode?: boolean
   return merged;
 }
 
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
 export function cleanDeveloperProfile(data: any): any {
   if (Array.isArray(data)) return data.map(cleanDeveloperProfile);
   if (data === null || typeof data !== 'object') return data;
-  const cleaned: any = {};
+  const cleaned = {};
   const keysToRemove = new Set([
     'accessToken','refreshToken','access_token','refresh_token','id_token',
     'stripeCustomerId','password','secret',
@@ -78,11 +79,13 @@ export function cleanDeveloperProfile(data: any): any {
       delete v['additional_watchlists'];
       delete v['risk_profile_domains'];
     }
+    // @ts-expect-error -  ignoring
     cleaned[key] = v;
   }
   return cleaned;
 }
 
+// // eslint-disable-next-line @typescript-eslint/no-explicit-any
 export function buildAllContextPrompt(cleanedData: any, reportGraphData: GraphInsightsPayload | undefined, options?: { concise?: boolean, debugName?: string }): string {
   const instructions = [
     'You are KYD, a trust and risk analyst.',
@@ -116,29 +119,30 @@ export function buildAllContextPrompt(cleanedData: any, reportGraphData: GraphIn
   return out;
 }
 
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
 async function getJsonFromS3(bucket: string, key: string): Promise<any> {
   const res = await s3.send(new GetObjectCommand({ Bucket: bucket, Key: key }));
-  const text = await (res as any).Body?.transformToString('utf-8');
+  const text = await res.Body?.transformToString('utf-8');
   return JSON.parse(text || '{}');
 }
 
 
-async function maybeWriteDebugContext(cleanedData: any, promptText: string, nameHint?: string): Promise<void> {
-  try {
-    const dir = './debug';
-    await mkdir(dir, { recursive: true });
-    const sanitize = (s: string) => s.replace(/[^a-zA-Z0-9_\-.]/g, '_').slice(0, 64) || 'context';
-    const base = sanitize(nameHint || 'context');
-    const ts = new Date().toISOString().replace(/[:.]/g, '-');
-    const jsonPath = `${dir}/kyd-${base}-${ts}.json`;
-    const txtPath = `${dir}/kyd-${base}-${ts}.txt`;
-    const jsonPretty = JSON.stringify(cleanedData, null, 2);
-    await writeFile(jsonPath, jsonPretty, 'utf8');
-    await writeFile(txtPath, promptText, 'utf8');
-  } catch (e) {
-    console.error('Context debug write failed', e);
-  }
-}
+// async function maybeWriteDebugContext(cleanedData: any, promptText: string, nameHint?: string): Promise<void> {
+//   try {
+//     const dir = './debug';
+//     await mkdir(dir, { recursive: true });
+//     const sanitize = (s: string) => s.replace(/[^a-zA-Z0-9_\-.]/g, '_').slice(0, 64) || 'context';
+//     const base = sanitize(nameHint || 'context');
+//     const ts = new Date().toISOString().replace(/[:.]/g, '-');
+//     const jsonPath = `${dir}/kyd-${base}-${ts}.json`;
+//     const txtPath = `${dir}/kyd-${base}-${ts}.txt`;
+//     const jsonPretty = JSON.stringify(cleanedData, null, 2);
+//     await writeFile(jsonPath, jsonPretty, 'utf8');
+//     await writeFile(txtPath, promptText, 'utf8');
+//   } catch (e) {
+//     console.error('Context debug write failed', e);
+//   }
+// }
 
 
 export async function getReportGraphData(badgeId: string): Promise<GraphInsightsPayload | undefined> {

package/src/lib/rate-limit.ts

@@ -9,9 +9,9 @@ const doc = DynamoDBDocumentClient.from(ddb);
 
 export async function checkAndConsumeToken(userId: string, capacityPerMinute: number = 10): Promise<boolean> {
   const now = Date.now();
-  const key = { userId } as any;
+  const key = { userId };
   const resp = await doc.send(new GetCommand({ TableName: tableName, Key: key }));
-  const item = (resp.Item as any) || { userId, tokens: capacityPerMinute, refillAt: now };
+  const item = resp.Item || { userId, tokens: capacityPerMinute, refillAt: now };
   let tokens: number = typeof item.tokens === 'number' ? item.tokens : capacityPerMinute;
   let refillAt: number = typeof item.refillAt === 'number' ? item.refillAt : now;
   if (now >= refillAt + 60_000) {

package/src/lib/routes.ts

@@ -43,31 +43,30 @@ export async function chatStreamRoute(req: NextRequest, userId: string, companyI
       messages: [...history, { role: 'user' as const, content }],
       maxTokens: 1024,
       temperature: 0.2,
-      onFinish: async ({ text }: { text: string }) => {
-        // Attempt to capture evidence block if present (UI also parses, but cache server-side)
-        const evidence = tryParseEvidenceServer(text);
-        await putMessage({ sessionId, role: 'assistant', content: text, evidenceJson: evidence || undefined });
-      },
+      // onFinish: async ({ text }: { text: string }) => {
+      //   // Attempt to capture evidence block if present (UI also parses, but cache server-side)
+      //   const evidence = tryParseEvidenceServer(text);
+      //   await putMessage({ sessionId, role: 'assistant', content: text, evidenceJson: evidence || undefined });
+      // },
     });
 
     return result.toTextStreamResponse();
-  } catch (e: any) {
-    if (e instanceof Response) return e;
+  } catch (e) {
     console.error('chat error', e);
     return new Response('An error occurred. Please try again.', { status: 500 });
   }
 }
 
-function tryParseEvidenceServer(text: string): any | null {
-  try {
-    const start = text.indexOf('```json');
-    const end = text.indexOf('```', start + 7);
-    const raw = start >= 0 && end > start ? text.slice(start + 7, end).trim() : text.trim();
-    const obj = JSON.parse(raw);
-    if (obj && obj.type === 'evidence' && Array.isArray(obj.claims)) return obj;
-  } catch {}
-  return null;
-}
+// function tryParseEvidenceServer(text: string): any | null {
+//   try {
+//     const start = text.indexOf('```json');
+//     const end = text.indexOf('```', start + 7);
+//     const raw = start >= 0 && end > start ? text.slice(start + 7, end).trim() : text.trim();
+//     const obj = JSON.parse(raw);
+//     if (obj && obj.type === 'evidence' && Array.isArray(obj.claims)) return obj;
+//   } catch {}
+//   return null;
+// }
 
 export async function createSessionRoute(req: NextRequest, userId: string, companyId?: string) {
   try {
@@ -81,7 +80,7 @@ export async function createSessionRoute(req: NextRequest, userId: string, compa
       promptVersion: body?.promptVersion,
     });
     return Response.json({ sessionId });
-  } catch (e: any) {
+  } catch (e) {
     console.error(e);
     if (e instanceof Response) return e;
     return Response.json({ error: 'Failed to create session' }, { status: 500 });

package/src/lib/auth-verify.ts

@@ -1,48 +0,0 @@
-import { NextRequest } from 'next/server';
-import { getServerSession } from 'next-auth';
-import { authOptions } from '@/lib/auth';
-import { jwtVerify, createRemoteJWKSet } from 'jose';
-
-export type VerifiedUser = {
-  userId: string;
-  companyId?: string | null;
-  idToken: string;
-};
-
-// Verifies Cognito ID Token from the server session or Authorization header.
-// Returns userId (sub) and optional companyId claim if present.
-export async function verifyCognito(req: NextRequest): Promise<VerifiedUser> {
-  // Try to get id_token from NextAuth session first
-  const session = await getServerSession(authOptions as any);
-  let idToken: string | undefined;
-  if (session && (session as any).id_token) {
-    idToken = (session as any).id_token as string;
-  }
-  if (!idToken) {
-    const authz = req.headers.get('authorization') || req.headers.get('Authorization');
-    if (authz && authz.toLowerCase().startsWith('bearer ')) {
-      idToken = authz.slice(7).trim();
-    }
-  }
-
-  if (!idToken) {
-    throw new Response(JSON.stringify({ error: 'Not authenticated' }), { status: 401 }) as unknown as Error;
-  }
-
-  const region = process.env.AWS_REGION!;
-  const userPoolId = process.env.COGNITO_USER_POOL_ID!;
-  const issuer = `https://cognito-idp.${region}.amazonaws.com/${userPoolId}`;
-  const jwks = createRemoteJWKSet(new URL(`${issuer}/.well-known/jwks.json`));
-
-  try {
-    const { payload } = await jwtVerify(idToken, jwks, { issuer });
-    const sub = String(payload.sub || '');
-    if (!sub) throw new Error('Invalid token');
-    const companyId = (payload as any)['custom:companyId'] || (payload as any).companyId || null;
-    return { userId: sub, companyId, idToken };
-  } catch (e) {
-    throw new Response(JSON.stringify({ error: 'Invalid token' }), { status: 401 }) as unknown as Error;
-  }
-}
-
-