Query Optimizations

.github/workflows/backend.yml

@@ -30,7 +30,7 @@ jobs:
       contents: read
     steps:
       - name: Checkout Code Repository
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v5
 
       - name: Set up Python
         uses: actions/setup-python@v6
@@ -56,7 +56,7 @@ jobs:
 
     steps:
       - name: Checkout Code Repository
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v5
 
       - name: Store Codecov Env Flags
         run: |

.github/workflows/bump-version.yml

@@ -18,7 +18,7 @@ jobs:
 
     steps:
       # 📥 check out your code
-      - uses: actions/checkout@v5.0.0
+      - uses: actions/checkout@v5
         with:
           fetch-depth: 0
 

.github/workflows/docker-build-cuda.yml

@@ -17,7 +17,6 @@ on:
 
 env:
   REGISTRY: ghcr.io
-  IMAGE_PREFIX: ${{ github.repository_owner }}/opencontractserver
 
 jobs:
   build-cuda-images:
@@ -34,7 +33,12 @@ jobs:
             platforms: linux/amd64
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v5
+
+      - name: Convert repository owner to lowercase
+        id: repo
+        run: |
+          echo "owner=$(echo ${{ github.repository_owner }} | tr '[:upper:]' '[:lower:]')" >> $GITHUB_OUTPUT
 
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v3
@@ -65,8 +69,8 @@ jobs:
           file: ${{ matrix.dockerfile }}
           push: true
           tags: |
-            ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}_${{ matrix.image }}:${{ steps.tag.outputs.tag }}
-            ${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}_${{ matrix.image }}:cuda-latest
+            ${{ env.REGISTRY }}/${{ steps.repo.outputs.owner }}/opencontractserver_${{ matrix.image }}:${{ steps.tag.outputs.tag }}
+            ${{ env.REGISTRY }}/${{ steps.repo.outputs.owner }}/opencontractserver_${{ matrix.image }}:cuda-latest
           labels: |
             org.opencontainers.image.source=${{ github.repository }}
             org.opencontainers.image.revision=${{ github.sha }}

.github/workflows/docker-build-release.yml

@@ -32,7 +32,7 @@ jobs:
             dockerfile: ./compose/production/traefik/Dockerfile
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v5
 
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3

.github/workflows/frontend.yml

@@ -21,10 +21,10 @@ jobs:
       contents: read
     steps:
       - name: Checkout
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v5
 
       - name: Setup Node.js
-        uses: actions/setup-node@v5
+        uses: actions/setup-node@v4
         with:
           cache: "yarn"
           cache-dependency-path: frontend/yarn.lock
@@ -46,10 +46,10 @@ jobs:
       contents: read
     steps:
       - name: Checkout
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v5
 
       - name: Setup Node.js
-        uses: actions/setup-node@v5
+        uses: actions/setup-node@v4
         with:
           cache: "yarn"
           cache-dependency-path: frontend/yarn.lock
@@ -79,9 +79,9 @@ jobs:
       contents: read
     steps:
       - name: Checkout
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v5
       - name: Setup Node.js
-        uses: actions/setup-node@v5
+        uses: actions/setup-node@v4
         with:
           cache: "yarn"
           cache-dependency-path: frontend/yarn.lock
@@ -100,6 +100,6 @@ jobs:
       contents: read
     steps:
       - name: Checkout
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v5
       - name: Build Docker Image
         run: docker build -t opencontracts-frontend .

.github/workflows/production-stack.yml

@@ -37,7 +37,7 @@ jobs:
 
     steps:
       - name: Checkout Code Repository
-        uses: actions/checkout@v5.0.0
+        uses: actions/checkout@v4.2.2
 
       - name: Create Required Environment Files
         run: |

README.md

@@ -1,17 +1,33 @@
 ![OpenContracts](docs/assets/images/logos/OS_Legal_Logo.png)
 
-# Open Contracts ([Demo](https://contracts.opensource.legal))
+# Open Contracts ([Demo](https://opencontracts.opensource.legal))
+## Frontend environment conventions
+
+Development (Vite): place a file at `/.envs/.local/.frontend` using `VITE_*` keys, for example:
+
+```
+VITE_APPLICATION_DOMAIN=dev-your.auth0.com
+VITE_APPLICATION_CLIENT_ID=your-client-id
+VITE_AUDIENCE=https://yourdomain.com/contracts
+VITE_API_ROOT_URL=http://localhost:8000
+VITE_USE_AUTH0=true
+VITE_USE_ANALYZERS=true
+VITE_ALLOW_IMPORTS=true
+```
+
+Production (Kubernetes/Docker): set `OPEN_CONTRACTS_*` variables which are converted at runtime into the `REACT_APP_*` payload consumed by the app. See `k8s/production/02-configmaps.yaml` for examples and `k8s/production/README.md` for details.
+
 ## The Free and Open Source Document Analytics Platform [![](https://img.shields.io/static/v1?label=Sponsor&message=%E2%9D%A4&logo=GitHub&color=%23fe8e86)](https://github.com/sponsors/JSv4)
 
 ---
 | |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
 | --- |--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| Backend CI/CD | [![codecov](https://codecov.io/gh/Open-Source-Legal/OpenContracts/branch/main/graph/badge.svg?token=RdVsiuaTVz)](https://codecov.io/gh/JSv4/OpenContracts)                                                                                                                                                                                                                                                                                                                  |
+| Backend CI/CD | [![codecov](https://codecov.io/gh/JSv4/OpenContracts/branch/main/graph/badge.svg?token=RdVsiuaTVz)](https://codecov.io/gh/JSv4/OpenContracts)                                                                                                                                                                                                                                                                                                                  |
 | Meta | [![code style - black](https://img.shields.io/badge/code%20style-black-000000.svg)](https://github.com/psf/black) [![types - Mypy](https://img.shields.io/badge/types-Mypy-blue.svg)](https://github.com/python/mypy) [![imports - isort](https://img.shields.io/badge/imports-isort-ef8336.svg)](https://github.com/pycqa/isort) [![License - GPL-3](https://img.shields.io/badge/license-GPLv3-blue)](https://spdx.org/licenses/) |
 
 ## TLDR: What Does it Do?
 
-OpenContracts is **FREE and OPEN SOURCE** software designed to put knowledge owners and subject matter experts in charge of their knowledge. Store it in an accessible and exportable format, and make it work with emerging agentic workflows and techniques.
+**Knowledge is power. Software is a tool.** OpenContracts is **FREE and OPEN SOURCE** software designed to put knowledge owners and subject matter experts in charge of their knowledge. Store it in an accessible and exportable format, and make it work with emerging agentic workflows and techniques.
 
 OpenContracts is a **GPL-3.0** enterprise document analytics tool. It supports multiple formats - including PDF and txt-based formats (with more on the way). It also supports multiple document ingestion pipelines with a [pluggable architecture](docs/pipelines/pipeline_overview.md) designed to make supporting new formats and ingestion engines easy - see our [Docling Integration](docs/pipelines/docling_parser.md) for an example. Writing your own custom document analytics tools where the results get displayed beautifully over the original document [is easy](docs/walkthrough/advanced/register-doc-analyzer.md). We also support mass document [data extraction](docs/extract_and_retrieval/data_extraction.md) with our custom [LLM framework](docs/architecture/llms/README.md) built on PydanticAI.
 

config/graphql/base.py

@@ -11,7 +11,6 @@
 from graphql_relay import from_global_id, to_global_id
 
 from config.graphql.ratelimits import RateLimits, graphql_ratelimit
-from opencontractserver.shared.resolvers import resolve_single_oc_model_from_id
 from opencontractserver.types.enums import PermissionTypes
 from opencontractserver.utils.permissioning import (
     set_permissions_for_obj_to_user,
@@ -51,10 +50,9 @@ def get_node_from_global_id(cls, info, global_id, only_type=None):
 
         # Here's where we replace the base Graphene Relay get_node code with a custom
         # resolver that is permission-aware... it was kind of a pain in the @ss to figure this out...
-        return resolve_single_oc_model_from_id(
-            model_type=graphene_type._meta.model,
-            user=info.context.user,
-            graphql_id=global_id,
+        _, pk = from_global_id(global_id)
+        return graphene_type._meta.model.objects.visible_to_user(info.context.user).get(
+            id=pk
         )