feat(platform): optimized file preview endpoint + rich artifact cards

[Abhi1992002]

Why / What / How

Why: The Files/Artifacts page (behind ARTIFACTS_PAGE) previewed every file by downloading the whole file through /api/workspace/files/{id}/download — a 10 MB image or 200 KB log was fully transferred just to paint a tiny card, and non-image types (PDF, Office, CSV, ICS/VCF) had no real preview at all. On a grid of N files that's N full downloads over the expensive backend→browser leg.

What: A dedicated, cheaper preview endpoint plus richer per-type client rendering, scoped to the popular/cheap-to-render types. Large files skip the request and show an illustration.

How: New GET /api/workspace/files/{id}/preview reads the file on the cheap storage→backend leg and returns something small on the expensive leg:

• images → Pillow-resized WebP (?w=)
• PDF → first page rasterised with pypdfium2 (Apache/BSD, not AGPL) → WebP
• PPTX/DOCX/XLSX → embedded docProps/thumbnail extracted via stdlib zipfile (no render; 415 when absent → client shows illustration)
• text/csv/json/svg + ics/vcf → first N bytes (?bytes=) via a new retrieve_partial() on the storage backends (true partial read locally; GCS Range request with full-read fallback)

Screen.Recording.2026-06-03.at.9.44.35.AM.mov

Thumbnails are cached in Redis keyed by file checksum; the endpoint sets Cache-Control: private, max-age=86400 and is added to the cache middleware allow-list so the browser caches too. CPU work (Pillow/pypdfium2/zip) runs in asyncio.to_thread. Per-kind size ceilings are enforced server-side (413) and mirrored on the frontend so oversized files never hit the endpoint.

Frontend routes each kind to a small component: shared <img> for image/pdf/office thumbnails, a CSV mini-table, JSON, an ICS event card (weekday → day → title → time), a VCF contact card (photo/initials, name, org, phone, email), and a typed illustration fallback (React-logo badge for .jsx/.tsx). The page heading and navbar entry are renamed Artifacts → Files (route/flag unchanged).

Changes 🏗️

Backend

• New backend/api/features/workspace/preview.py — MIME dispatch, image/PDF/Office rendering, text partial read, Redis cache.
• New GET /files/{id}/preview route (w, bytes params); reuses get_workspace + get_workspace_file for ownership.
• workspace_storage.py — retrieve_partial() on the ABC + Local + GCS; gcs_utils.py — download_range().
• security.py — allow caching for /api/workspace/files/*/preview.
• Deps: pillow (<12, moviepy constraint), pypdfium2.
• Tests: preview_test.py (9 cases incl. 413 too-large, 415 unsupported, cache hit).

Frontend

• helpers.ts — getFilePreviewUrl(), extended getPreviewKind() with size caps mirroring the backend.
• New parsers.ts (CSV/ICS/VCF) + preview sub-components (MediaPreview, TextPreviews, StructuredPreviews, PreviewParts); CardPreview is now a thin router.
• FileIllustration.tsx — React-app typeKey + filename-aware pickFileTypeKey.
• Rename Artifacts → Files (page.tsx, Navbar.tsx, empty state).
• Updated/added unit + integration tests.

Note: openapi.json + generated client still need a regenerate (pnpm generate:api after a backend restart) — left out of this commit to avoid local-env schema noise. Required for the "check API types" gate.

Checklist 📋

For code changes:

• I have clearly listed my changes in the PR description
• I have made a test plan
• I have tested my changes according to the test plan:
  • Backend: poetry run pytest backend/api/features/workspace/preview_test.py (9 passed) + poetry run lint clean
  • Frontend: pnpm test:unit for the artifacts suite
  • Regenerate openapi.json (pnpm generate:api) and confirm the API-types check passes
  • Manual: upload a large PNG / multi-page PDF / PPTX / big CSV / VCF and confirm cards hit /preview (small WebP / byte-capped) instead of /download; reload serves from cache; Download button still returns the full file

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

Walkthrough

Adds an end-to-end file preview feature: backend FastAPI preview endpoint that renders/caches WebP thumbnails and byte-limited text previews, storage helpers for partial-range retrieval, and frontend preview classification, parsers, and modular preview UI components; UI text rebrands “Artifacts” → “Files.”

Changes

File Preview System

Layer / File(s)	Summary
Backend partial file retrieval autogpt_platform/backend/backend/util/gcs_utils.py, autogpt_platform/backend/backend/util/workspace_storage.py, tests	Adds download_range(bucket, blob, max_bytes) using HTTP Range with a full-download fallback; storage backend adds retrieve_partial with GCS delegating to download_range and Local reading leading bytes; tests validate behavior.
Backend preview dispatcher and rendering autogpt_platform/backend/backend/api/features/workspace/preview.py	build_preview_response routes by MIME to WebP renderers (images via Pillow, PDFs via pypdfium2, Office via embedded thumbnail extraction) or partial text previews; enforces per-kind size ceilings and raises 413/415 as appropriate; implements Redis caching keyed by file id/kind/width/checksum.
Backend preview endpoint and cache configuration autogpt_platform/backend/backend/api/features/workspace/routes.py, autogpt_platform/backend/backend/api/middleware/security.py, autogpt_platform/frontend/src/app/api/openapi.json	GET /api/workspace/files/{file_id}/preview validates w and bytes query parameters, loads workspace/file, returns 404 when missing, delegates to build_preview_response; middleware allowlists preview path for private caching; OpenAPI updated to document endpoint and params.
Backend dependencies and test suite autogpt_platform/backend/pyproject.toml, autogpt_platform/backend/backend/api/features/workspace/preview_test.py, autogpt_platform/backend/backend/util/gcs_utils_test.py, autogpt_platform/backend/backend/util/workspace_storage_test.py	Adds pillow and pypdfium2 dependencies; comprehensive tests for preview endpoint (image/PDF/Office/text), cache-hit path, 404/415/413 error cases, download_range behavior and fallback, and retrieve_partial implementations.
Frontend preview classification and URL building autogpt_platform/frontend/src/app/(platform)/artifacts/components/ArtifactsList/helpers.ts, helpers.test.ts	Expands PreviewKind to include pdf, office, csv, json, ics, vcard; adds per-kind byte ceilings; getFilePreviewUrl constructs /preview URLs with optional w/bytes; getPreviewKind now considers MIME and filename.
Frontend structured data parsers autogpt_platform/frontend/src/app/(platform)/artifacts/components/ArtifactsList/parsers.ts, parsers.test.ts	Adds CSV (delimiter sniffing, row/col caps, trimming), ICS (unfolding, SUMMARY/DTSTART/DTEND/LOCATION extraction), and vCard (unfolding, FN/ORG/TITLE/TEL/EMAIL/PHOTO extraction with base64→data URL) parsers and unit tests.
Frontend preview UI component modules autogpt_platform/frontend/src/app/(platform)/artifacts/components/ArtifactsList/ArtifactCard/MediaPreview.tsx, PreviewParts.tsx, TextPreviews.tsx, StructuredPreviews.tsx, CardPreview.tsx	Introduces modular preview components: MediaPreview (Image/Video), PreviewParts (useFileText, Fallback, LoadingPlaceholder, ProgressBar), TextPreviews (TextSnippet/Json/Csv + CsvTable), StructuredPreviews (Ics/Vcard cards); CardPreview dispatches rendering by computed preview kind.
Frontend file type illustrations and detection autogpt_platform/frontend/src/app/(platform)/artifacts/components/ArtifactsList/FileIllustration.tsx, FileIllustration.test.tsx	Adds react file type and SVG illustration for .jsx/.tsx filenames; pickFileTypeKey accepts optional filename and returns react by extension before MIME fallback; tests expanded.
Frontend test coverage and UI rebranding autogpt_platform/frontend/src/app/(platform)/artifacts/__tests__/main.test.tsx, page.tsx, ArtifactsList.tsx, Navbar.tsx	Adds MSW-based preview response tests for UI rich previews (images, PDF, CSV, ICS/vCard), expands helpers tests, and renames visible artifacts-page labels from “Artifacts” to “Files” in the page, navbar, and empty-state text.

Sequence Diagram

sequenceDiagram
  participant Browser
  participant Frontend as UI
  participant PreviewAPI
  participant Storage as WorkspaceStorage
  participant Cache as Redis
  participant Renderer as WebPRenderer

  Browser->>UI: user opens artifacts page
  UI->>PreviewAPI: GET /api/workspace/files/{id}/preview?w&bytes
  PreviewAPI->>Cache: GET cache_key
  alt cache miss
    PreviewAPI->>Storage: retrieve or retrieve_partial(storage_path, max_bytes)
    Storage-->>PreviewAPI: file bytes
    PreviewAPI->>Renderer: render (Pillow / pypdfium2 / extract thumbnail)
    Renderer-->>Cache: SET cache_key(base64 webp)
    Renderer-->>PreviewAPI: webp bytes
  else cache hit
    Cache-->>PreviewAPI: base64 webp
  end
  PreviewAPI-->>UI: 200 image/webp
  UI-->>Browser: render preview image

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Suggested reviewers

• ntindle
• 0ubbe
• kcze
• majdyz

"I'm a rabbit in the code, nibbling bytes with cheer,
Thumbnails crisp and text snippets near,
CSVs lined up like carrots in a row,
Calendars and contacts ready for show,
Cached and trimmed — hop, preview's here!"

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 20.37% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and specifically describes the main change: adding an optimized file preview endpoint and richer preview cards for artifacts. It is concise, non-generic, and directly reflects the core functionality introduced in the PR.
Description check	✅ Passed	The description is highly detailed and directly related to the changeset. It explains the motivation (avoiding full downloads for grid previews), what was added (preview endpoint with per-type handling), implementation approach (storage-side partial reads, Redis caching, per-kind rendering), and lists all major changes across backend and frontend with specific filenames and behaviors.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch abhimanyuyadav/add-optimsation-in-artifacts-preview

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

🔍 PR Overlap Detection

This check compares your PR against all other open PRs targeting the same branch to detect potential merge conflicts early.

🔴 Merge Conflicts Detected

The following PRs have been tested and will have merge conflicts if merged after this PR. Consider coordinating with the authors.

• chore(backend/deps): bump the production-dependencies group across 1 directory with 37 updates #13233 (dependabot · updated 3h ago)

  • 📁 autogpt_platform/backend/
    • poetry.lock (1 conflict, ~5 lines)

• chore(backend/deps-dev): bump isort from 5.13.2 to 8.0.1 in /autogpt_platform/backend #13280 (dependabot · updated 3h ago)

  • 📁 autogpt_platform/backend/
    • poetry.lock (1 conflict, ~5 lines)

• chore(backend/deps-dev): bump faker from 38.3.0 to 40.21.0 in /autogpt_platform/backend #13279 (dependabot · updated 3h ago)

  • 📁 autogpt_platform/backend/
    • poetry.lock (1 conflict, ~5 lines)

• chore(backend/deps-dev): bump the development-dependencies group in /autogpt_platform/backend with 6 updates #13278 (dependabot · updated 3h ago)

  • 📁 autogpt_platform/backend/
    • poetry.lock (1 conflict, ~5 lines)

• feat(platform/blocks): Add Instagram automation blocks #11602 (akkupratap323 · updated 5d ago)

🟢 Low Risk — File Overlap Only

These PRs touch the same files but different sections (click to expand)

• feat(platform): add first-class org/workspace support — schema, auth, APIs, migration, frontend #12670 (ntindle · updated 5d ago)

  • Shared files: autogpt_platform/frontend/src/components/layout/Navbar/Navbar.tsx

• feat(backend/blocks): MCP message signing and tool integrity verification #12455 (dataCenter430 · updated 5d ago)

  • Shared files: autogpt_platform/backend/pyproject.toml

Summary: 5 conflict(s), 0 medium risk, 2 low risk (out of 7 PRs with file overlap)

---

Auto-generated on push. Ignores: openapi.json, lock files.

[Abhi1992002]

Fixed in 06dbda4: wrapped the _extract_zip_thumbnail call so corrupt/mislabeled Office files now map to 415 instead of a 500. Added test_office_preview_corrupt_zip_returns_415.

[codecov]

Codecov Report

❌ Patch coverage is 87.47994% with 78 lines in your changes missing coverage. Please review.
✅ Project coverage is 72.64%. Comparing base (8fab7fe) to head (c871be4).
⚠️ Report is 5 commits behind head on dev.

Additional details and impacted files

@@            Coverage Diff             @@
##              dev   #13281      +/-   ##
==========================================
+ Coverage   72.55%   72.64%   +0.09%     
==========================================
  Files        2349     2359      +10     
  Lines      174823   175583     +760     
  Branches    17726    17804      +78     
==========================================
+ Hits       126836   127553     +717     
- Misses      44220    44239      +19     
- Partials     3767     3791      +24     

Flag	Coverage Δ
platform-backend	80.54% <94.58%> (+0.07%)	⬆️
platform-frontend	40.25% <75.74%> (+0.24%)	⬆️
platform-frontend-e2e	31.03% <ø> (-0.05%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Components	Coverage Δ
Platform Backend	80.54% <94.58%> (+0.07%)	⬆️
Platform Frontend	44.77% <75.74%> (+0.19%)	⬆️
AutoGPT Libs	∅ <ø> (∅)
Classic AutoGPT	28.43% <ø> (ø)

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[coderabbitai]

Actionable comments posted: 7

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@autogpt_platform/backend/backend/api/features/workspace/preview.py`:
- Around line 135-140: The route's render() calls _extract_zip_thumbnail outside
the existing error-mapping, so zipfile.BadZipFile from corrupt/mislabeled
DOCX/PPTX/XLSX bubbles up as a 500; wrap the call to _extract_zip_thumbnail in a
try/except that catches zipfile.BadZipFile (and optionally zipfile.LargeZipFile)
and raises fastapi.HTTPException(status_code=415, detail="No embedded thumbnail"
or a similar 415 message) so Office zip errors are normalized to 415; keep other
exceptions unhandled so they continue to surface, and ensure zipfile is imported
if not already.

In `@autogpt_platform/backend/backend/api/middleware/security.py`:
- Around line 28-29: The SecurityHeadersMiddleware uses CACHEABLE_PATHS to allow
caching only for explicit paths, but the existing tests omit the workspace
preview path; update backend/api/middleware/security_test.py to add the
"/api/workspace/files/*/preview" entry to the cacheable-endpoint test cases so
the middleware-level regression is covered, ensuring the test hits
SecurityHeadersMiddleware (not just the router-mounted preview_test.py) and
verifies that requests matching that wildcard pattern receive the cacheable
headers rather than the default no-store behavior; refer to
SecurityHeadersMiddleware and CACHEABLE_PATHS in the test to mirror the
production matching rules.

In `@autogpt_platform/backend/backend/util/workspace_storage.py`:
- Around line 326-334: The retrieve_partial method currently does a
check-then-open using file_path.exists() which creates a TOCTOU race; instead
open the path returned by _parse_storage_path(storage_path) directly with
aiofiles.open and handle FileNotFoundError from the open/read to raise the same
FileNotFoundError with the storage_path context. Update retrieve_partial to
remove the exists() check, wrap the async with aiofiles.open(...) as f in a
try/except catching FileNotFoundError (and re-raising FileNotFoundError(f"File
not found: {storage_path}")) so concurrent deletions are handled correctly.

In `@autogpt_platform/backend/pyproject.toml`:
- Around line 105-106: Update the Pillow dependency to require a minimum version
that includes PIL.Image.Resampling so preview.py's use of
Image.Resampling.LANCZOS is safe; change the toml entry for the pillow package
to a range such as >=9.1.0,<12 (or a newer upper bound you prefer) so runtime
imports of Resampling succeed and avoid older Pillow releases that lack that
enum.

In
`@autogpt_platform/frontend/src/app/`(platform)/artifacts/components/ArtifactsList/ArtifactCard/MediaPreview.tsx:
- Around line 44-50: The video element in MediaPreview uses onLoadedData while
preload="metadata" guarantees loadedmetadata; update the <video> handler to use
onLoadedMetadata={() => setIsLoaded(true)} (replace the onLoadedData usage) so
setIsLoaded is triggered correctly and the preview won't remain hidden; locate
the Video/MediaPreview component and the setIsLoaded call to make this change.

In
`@autogpt_platform/frontend/src/app/`(platform)/artifacts/components/ArtifactsList/ArtifactCard/PreviewParts.tsx:
- Around line 14-30: The preview effect in PreviewParts keeps previous text
until the new fetch resolves, causing stale previews; inside the useEffect for
url/onError, reset the cached preview state (call setText with an empty string
or undefined) before invoking async load(), then proceed with the existing fetch
logic (keeping cancelled handling and onError) so the component renders a
loading/empty state immediately when url changes; refer to the useEffect block,
the load() async function, setText, cancelled, url, and onError.

In
`@autogpt_platform/frontend/src/app/`(platform)/artifacts/components/ArtifactsList/parsers.ts:
- Around line 28-41: The parser unconditionally drops the last line and
naive-splits on delimiter which breaks quoted fields; update the logic around
lines, delimiter and cells so you only pop the last line when the fetched text
was actually truncated (e.g., detect truncation by checking if the original text
does NOT end with a newline/CR or by using a truncation flag provided by the
fetch), and replace the line.split(delimiter) call with a quote-aware CSV
tokenizer (either call an existing CSV parse helper or add a parseCsvLine(line,
delimiter) utility that handles quoted fields and escaped quotes) while still
enforcing maxRows and maxCols when building cells (respecting sniffDelimiter,
maxRows and maxCols).

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: b626b9aa-e426-44a3-98ed-84810d3793e6

📥 Commits

Reviewing files that changed from the base of the PR and between 3db29bc and ceaff14.

⛔ Files ignored due to path filters (1)

• autogpt_platform/backend/poetry.lock is excluded by !**/*.lock

📒 Files selected for processing (21)

• autogpt_platform/backend/backend/api/features/workspace/preview.py
• autogpt_platform/backend/backend/api/features/workspace/preview_test.py
• autogpt_platform/backend/backend/api/features/workspace/routes.py
• autogpt_platform/backend/backend/api/middleware/security.py
• autogpt_platform/backend/backend/util/gcs_utils.py
• autogpt_platform/backend/backend/util/workspace_storage.py
• autogpt_platform/backend/pyproject.toml
• autogpt_platform/frontend/src/app/(platform)/artifacts/__tests__/main.test.tsx
• autogpt_platform/frontend/src/app/(platform)/artifacts/components/ArtifactsList/ArtifactCard/CardPreview.tsx
• autogpt_platform/frontend/src/app/(platform)/artifacts/components/ArtifactsList/ArtifactCard/MediaPreview.tsx
• autogpt_platform/frontend/src/app/(platform)/artifacts/components/ArtifactsList/ArtifactCard/PreviewParts.tsx
• autogpt_platform/frontend/src/app/(platform)/artifacts/components/ArtifactsList/ArtifactCard/StructuredPreviews.tsx
• autogpt_platform/frontend/src/app/(platform)/artifacts/components/ArtifactsList/ArtifactCard/TextPreviews.tsx
• autogpt_platform/frontend/src/app/(platform)/artifacts/components/ArtifactsList/ArtifactsList.tsx
• autogpt_platform/frontend/src/app/(platform)/artifacts/components/ArtifactsList/FileIllustration.test.tsx
• autogpt_platform/frontend/src/app/(platform)/artifacts/components/ArtifactsList/FileIllustration.tsx
• autogpt_platform/frontend/src/app/(platform)/artifacts/components/ArtifactsList/helpers.test.ts
• autogpt_platform/frontend/src/app/(platform)/artifacts/components/ArtifactsList/helpers.ts
• autogpt_platform/frontend/src/app/(platform)/artifacts/components/ArtifactsList/parsers.ts
• autogpt_platform/frontend/src/app/(platform)/artifacts/page.tsx
• autogpt_platform/frontend/src/components/layout/Navbar/Navbar.tsx

[Abhi1992002]

Fixed in 9f464c2: build_preview_response now wraps dispatch and maps FileNotFoundError (file row present but bytes gone from storage) to a 404 across all preview kinds. Added test_preview_404_when_bytes_missing_from_storage.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@autogpt_platform/backend/backend/api/features/workspace/preview_test.py`:
- Around line 166-174: The test test_office_preview_corrupt_zip_returns_415
currently only checks the status code; update it to also assert the error detail
to ensure the corrupt-zip branch is hit. After calling response =
client.get("/files/file-001/preview") assert something like
response.json()["detail"] (or response.get_json()["detail"]) contains a
distinguishing phrase from the corrupt-archive error (e.g., "not a zip",
"invalid zip", or the exact message used by the preview handler). Target the
response object in this test function so the assertion ties the 415 to the
corrupt-zip path rather than any other 415 cause.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 0a6e749c-86d1-4d85-82bc-4d1e6faa961a

📥 Commits

Reviewing files that changed from the base of the PR and between 659b7e9 and 06dbda4.

⛔ Files ignored due to path filters (1)

• autogpt_platform/backend/poetry.lock is excluded by !**/*.lock

📒 Files selected for processing (9)

• autogpt_platform/backend/backend/api/features/workspace/preview.py
• autogpt_platform/backend/backend/api/features/workspace/preview_test.py
• autogpt_platform/backend/backend/api/middleware/security_test.py
• autogpt_platform/backend/backend/util/workspace_storage.py
• autogpt_platform/backend/pyproject.toml
• autogpt_platform/frontend/src/app/(platform)/artifacts/components/ArtifactsList/ArtifactCard/MediaPreview.tsx
• autogpt_platform/frontend/src/app/(platform)/artifacts/components/ArtifactsList/ArtifactCard/PreviewParts.tsx
• autogpt_platform/frontend/src/app/(platform)/artifacts/components/ArtifactsList/parsers.test.ts
• autogpt_platform/frontend/src/app/(platform)/artifacts/components/ArtifactsList/parsers.ts

✅ Files skipped from review due to trivial changes (1)

• autogpt_platform/frontend/src/app/(platform)/artifacts/components/ArtifactsList/parsers.test.ts

🚧 Files skipped from review as they are similar to previous changes (6)

• autogpt_platform/backend/pyproject.toml
• autogpt_platform/frontend/src/app/(platform)/artifacts/components/ArtifactsList/ArtifactCard/MediaPreview.tsx
• autogpt_platform/frontend/src/app/(platform)/artifacts/components/ArtifactsList/ArtifactCard/PreviewParts.tsx
• autogpt_platform/backend/backend/util/workspace_storage.py
• autogpt_platform/frontend/src/app/(platform)/artifacts/components/ArtifactsList/parsers.ts
• autogpt_platform/backend/backend/api/features/workspace/preview.py

📜 Review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (15)

• GitHub Check: check API types
• GitHub Check: integration_test
• GitHub Check: lint
• GitHub Check: end-to-end tests
• GitHub Check: type-check (3.11)
• GitHub Check: type-check (3.13)
• GitHub Check: type-check (3.12)
• GitHub Check: test (3.11)
• GitHub Check: test (3.12)
• GitHub Check: test (3.13)
• GitHub Check: lint
• GitHub Check: Seer Code Review
• GitHub Check: Check PR Status
• GitHub Check: Analyze (typescript)
• GitHub Check: Analyze (python)

🧰 Additional context used

📓 Path-based instructions (6)

autogpt_platform/backend/**/*.py

📄 CodeRabbit inference engine (.github/copilot-instructions.md)

autogpt_platform/backend/**/*.py: Use Python 3.11 (required; managed by Poetry via pyproject.toml) for backend development
Always run 'poetry run format' (Black + isort) before linting in backend development
Always run 'poetry run lint' (ruff) after formatting in backend development

autogpt_platform/backend/**/*.py: Use poetry run ... command for executing Python package dependencies
Use top-level imports only — avoid local/inner imports except for lazy imports of heavy optional dependencies like openpyxl
Use absolute imports with from backend.module import ... for cross-package imports; single-dot relative imports are acceptable for sibling modules within the same package; avoid double-dot relative imports
Do not use duck typing — avoid hasattr/getattr/isinstance for type dispatch; use typed interfaces/unions/protocols instead
Use Pydantic models over dataclass/namedtuple/dict for structured data
Do not use linter suppressors — no # type: ignore, # noqa, # pyright: ignore; fix the type/code instead
Prefer list comprehensions over manual loop-and-append patterns
Use early return with guard clauses first to avoid deep nesting
Use %s for deferred interpolation in debug log statements for efficiency; use f-strings elsewhere for readability (e.g., logger.debug("Processing %s items", count) vs logger.info(f"Processing {count} items"))
Sanitize error paths by using os.path.basename() in error messages to avoid leaking directory structure
Be aware of TOCTOU (Time-Of-Check-Time-Of-Use) issues — avoid check-then-act patterns for file access and credit charging
Use transaction=True for Redis pipelines to ensure atomicity on multi-step operations
Use max(0, value) guards for computed values that should never be negative
Keep files under ~300 lines; if a file grows beyond this, split by responsibility (extract helpers, models, or a sub-module into a new file)
Keep functions under ~40 lines; extract named helpers when a function grows longer
...

Files:

• autogpt_platform/backend/backend/api/middleware/security_test.py
• autogpt_platform/backend/backend/api/features/workspace/preview_test.py

autogpt_platform/{backend,autogpt_libs}/**/*.py

📄 CodeRabbit inference engine (AGENTS.md)

Format Python code with poetry run format

Files:

• autogpt_platform/backend/backend/api/middleware/security_test.py
• autogpt_platform/backend/backend/api/features/workspace/preview_test.py

autogpt_platform/backend/**/api/**/*.py

📄 CodeRabbit inference engine (autogpt_platform/backend/AGENTS.md)

autogpt_platform/backend/**/api/**/*.py: Use Security() instead of Depends() for authentication dependencies to get proper OpenAPI security specification
Follow SSE (Server-Sent Events) protocol: use data: lines for frontend-parsed events (must match Zod schema) and : comment lines for heartbeats/status

Files:

• autogpt_platform/backend/backend/api/middleware/security_test.py
• autogpt_platform/backend/backend/api/features/workspace/preview_test.py

autogpt_platform/backend/**/*_test.py

📄 CodeRabbit inference engine (autogpt_platform/backend/AGENTS.md)

autogpt_platform/backend/**/*_test.py: Use pytest with snapshot testing for API responses
Colocate test files with source files using *_test.py naming convention
Mock at boundaries — mock where the symbol is used, not where it's defined; after refactoring, update mock targets to match new module paths
Use AsyncMock from unittest.mock for async functions in tests
When writing tests, use Test-Driven Development (TDD): write failing tests marked with @pytest.mark.xfail before implementation, then remove the marker once the implementation is complete
When creating snapshots in tests, use poetry run pytest path/to/test.py --snapshot-update; always review snapshot changes with git diff before committing

Files:

• autogpt_platform/backend/backend/api/middleware/security_test.py
• autogpt_platform/backend/backend/api/features/workspace/preview_test.py

autogpt_platform/backend/**/api/middleware/**/*.py

📄 CodeRabbit inference engine (autogpt_platform/backend/AGENTS.md)

The cache protection middleware in backend/api/middleware/security.py disables caching for ALL endpoints by default using Cache-Control: no-store, no-cache, must-revalidate, private; only explicitly permitted paths in CACHEABLE_PATHS can be cached

Files:

• autogpt_platform/backend/backend/api/middleware/security_test.py

autogpt_platform/backend/backend/api/features/**/*.py

📄 CodeRabbit inference engine (.github/copilot-instructions.md)

Update routes in '/backend/backend/api/features/' and add/update Pydantic models in the same directory for API development

Files:

• autogpt_platform/backend/backend/api/features/workspace/preview_test.py

🔇 Additional comments (1)

autogpt_platform/backend/backend/api/middleware/security_test.py (1)

121-122: LGTM!

Also applies to: 129-130

[Abhi1992002]

Fixed in c871be4: now reveal on either onLoadedData (first painted frame → no blank box, your point) or onLoadedMetadata (fallback so the preview is never left permanently hidden when the browser only fetches metadata under preload="metadata", per the earlier CodeRabbit note). Handles both concerns.

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)

autogpt_platform/backend/backend/api/features/workspace/preview_test.py (2)

156-163: ⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Assert the 415 detail to pin this test to the missing-thumbnail branch.

As written, this passes for any 415 (e.g., a corrupt-ZIP failure), so it doesn't actually prove the raw is None path. Mirror the tightening already applied to test_office_preview_corrupt_zip_returns_415 by asserting the distinguishing detail ("No embedded thumbnail" per _office_thumbnail).

Suggested test tightening

     response = client.get("/files/file-001/preview")
 
     assert response.status_code == 415
+    assert response.json()["detail"] == "No embedded thumbnail"

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@autogpt_platform/backend/backend/api/features/workspace/preview_test.py`
around lines 156 - 163, The test
test_office_preview_without_thumbnail_returns_415 is currently only asserting a
415 status and can be triggered by any 415 error; update it to also assert the
error detail matches the missing-thumbnail branch by checking the response JSON
detail equals (or contains) the specific message emitted by _office_thumbnail
(e.g., "No embedded thumbnail"); locate the test function and add an assertion
on response.json()["detail"] (or response.json().get("detail")) to pin the
failure to the raw is None path.

---

10-10: ⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

Fix preview_test.py import style and strengthen the 415 assertion

• Move the fixture-local import from autogpt_libs.auth.jwt_utils import get_jwt_payload (line 25) to a top-level import to match the “avoid local/inner imports” rule.
• In test_office_preview_without_thumbnail_returns_415 (lines 156-163), assert the response body detail (e.g., response.json()["detail"]) in addition to status_code, like the corrupt-zip test already does.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@autogpt_platform/backend/backend/api/features/workspace/preview_test.py` at
line 10, Move the fixture-local import of get_jwt_payload to a top-level import
(add "from autogpt_libs.auth.jwt_utils import get_jwt_payload" alongside the
existing top-level imports such as FPDF) to comply with the no-local-import
rule, and in the test_office_preview_without_thumbnail_returns_415 test add an
assertion on the response body detail (e.g., assert response.status_code == 415
and "detail" in response.json() and expected substring or exact message ==
response.json()["detail"]) similar to the corrupt-zip test to validate the error
message content; update only the import location and enhance the assertion in
test_office_preview_without_thumbnail_returns_415 (leave other behavior
unchanged).

🧹 Nitpick comments (1)

autogpt_platform/backend/backend/api/features/workspace/preview_test.py (1)

23-29: 💤 Low value

Prefer a top-level import for get_jwt_payload.

get_jwt_payload is a lightweight symbol; the inner import in the fixture isn't a lazy heavy-dependency case. Move it to module scope unless there's an import-time side effect that requires deferral.

As per coding guidelines: "Use top-level imports only — avoid local/inner imports except for lazy imports of heavy optional dependencies like openpyxl".

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@autogpt_platform/backend/backend/api/features/workspace/preview_test.py`
around lines 23 - 29, Move the inner import of get_jwt_payload out of the
setup_app_auth fixture to module scope: add a top-level import for
get_jwt_payload from autogpt_libs.auth.jwt_utils at the top of the test module,
then update the setup_app_auth fixture to reference get_jwt_payload directly (it
currently sets app.dependency_overrides[get_jwt_payload] =
mock_jwt_user["get_jwt_payload"]); keep the yield and
app.dependency_overrides.clear() behavior unchanged and ensure no import-time
side effects exist before making this change.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Outside diff comments:
In `@autogpt_platform/backend/backend/api/features/workspace/preview_test.py`:
- Around line 156-163: The test
test_office_preview_without_thumbnail_returns_415 is currently only asserting a
415 status and can be triggered by any 415 error; update it to also assert the
error detail matches the missing-thumbnail branch by checking the response JSON
detail equals (or contains) the specific message emitted by _office_thumbnail
(e.g., "No embedded thumbnail"); locate the test function and add an assertion
on response.json()["detail"] (or response.json().get("detail")) to pin the
failure to the raw is None path.
- Line 10: Move the fixture-local import of get_jwt_payload to a top-level
import (add "from autogpt_libs.auth.jwt_utils import get_jwt_payload" alongside
the existing top-level imports such as FPDF) to comply with the no-local-import
rule, and in the test_office_preview_without_thumbnail_returns_415 test add an
assertion on the response body detail (e.g., assert response.status_code == 415
and "detail" in response.json() and expected substring or exact message ==
response.json()["detail"]) similar to the corrupt-zip test to validate the error
message content; update only the import location and enhance the assertion in
test_office_preview_without_thumbnail_returns_415 (leave other behavior
unchanged).

---

Nitpick comments:
In `@autogpt_platform/backend/backend/api/features/workspace/preview_test.py`:
- Around line 23-29: Move the inner import of get_jwt_payload out of the
setup_app_auth fixture to module scope: add a top-level import for
get_jwt_payload from autogpt_libs.auth.jwt_utils at the top of the test module,
then update the setup_app_auth fixture to reference get_jwt_payload directly (it
currently sets app.dependency_overrides[get_jwt_payload] =
mock_jwt_user["get_jwt_payload"]); keep the yield and
app.dependency_overrides.clear() behavior unchanged and ensure no import-time
side effects exist before making this change.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: c9baa972-7cbc-4812-ae6d-1b863830a5e5

📥 Commits

Reviewing files that changed from the base of the PR and between 06dbda4 and 9f464c2.

📒 Files selected for processing (2)

• autogpt_platform/backend/backend/api/features/workspace/preview.py
• autogpt_platform/backend/backend/api/features/workspace/preview_test.py

🚧 Files skipped from review as they are similar to previous changes (1)

• autogpt_platform/backend/backend/api/features/workspace/preview.py

📜 Review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (9)

• GitHub Check: integration_test
• GitHub Check: check API types
• GitHub Check: Seer Code Review
• GitHub Check: end-to-end tests
• GitHub Check: test (3.13)
• GitHub Check: Check PR Status
• GitHub Check: test (3.11)
• GitHub Check: test (3.12)
• GitHub Check: Analyze (python)

🧰 Additional context used

📓 Path-based instructions (5)

autogpt_platform/backend/**/*.py

📄 CodeRabbit inference engine (.github/copilot-instructions.md)

autogpt_platform/backend/**/*.py: Use Python 3.11 (required; managed by Poetry via pyproject.toml) for backend development
Always run 'poetry run format' (Black + isort) before linting in backend development
Always run 'poetry run lint' (ruff) after formatting in backend development

autogpt_platform/backend/**/*.py: Use poetry run ... command for executing Python package dependencies
Use top-level imports only — avoid local/inner imports except for lazy imports of heavy optional dependencies like openpyxl
Use absolute imports with from backend.module import ... for cross-package imports; single-dot relative imports are acceptable for sibling modules within the same package; avoid double-dot relative imports
Do not use duck typing — avoid hasattr/getattr/isinstance for type dispatch; use typed interfaces/unions/protocols instead
Use Pydantic models over dataclass/namedtuple/dict for structured data
Do not use linter suppressors — no # type: ignore, # noqa, # pyright: ignore; fix the type/code instead
Prefer list comprehensions over manual loop-and-append patterns
Use early return with guard clauses first to avoid deep nesting
Use %s for deferred interpolation in debug log statements for efficiency; use f-strings elsewhere for readability (e.g., logger.debug("Processing %s items", count) vs logger.info(f"Processing {count} items"))
Sanitize error paths by using os.path.basename() in error messages to avoid leaking directory structure
Be aware of TOCTOU (Time-Of-Check-Time-Of-Use) issues — avoid check-then-act patterns for file access and credit charging
Use transaction=True for Redis pipelines to ensure atomicity on multi-step operations
Use max(0, value) guards for computed values that should never be negative
Keep files under ~300 lines; if a file grows beyond this, split by responsibility (extract helpers, models, or a sub-module into a new file)
Keep functions under ~40 lines; extract named helpers when a function grows longer
...

Files:

• autogpt_platform/backend/backend/api/features/workspace/preview_test.py

autogpt_platform/backend/backend/api/features/**/*.py

📄 CodeRabbit inference engine (.github/copilot-instructions.md)

Update routes in '/backend/backend/api/features/' and add/update Pydantic models in the same directory for API development

Files:

• autogpt_platform/backend/backend/api/features/workspace/preview_test.py

autogpt_platform/{backend,autogpt_libs}/**/*.py

📄 CodeRabbit inference engine (AGENTS.md)

Format Python code with poetry run format

Files:

• autogpt_platform/backend/backend/api/features/workspace/preview_test.py

autogpt_platform/backend/**/api/**/*.py

📄 CodeRabbit inference engine (autogpt_platform/backend/AGENTS.md)

autogpt_platform/backend/**/api/**/*.py: Use Security() instead of Depends() for authentication dependencies to get proper OpenAPI security specification
Follow SSE (Server-Sent Events) protocol: use data: lines for frontend-parsed events (must match Zod schema) and : comment lines for heartbeats/status

Files:

• autogpt_platform/backend/backend/api/features/workspace/preview_test.py

autogpt_platform/backend/**/*_test.py

📄 CodeRabbit inference engine (autogpt_platform/backend/AGENTS.md)

autogpt_platform/backend/**/*_test.py: Use pytest with snapshot testing for API responses
Colocate test files with source files using *_test.py naming convention
Mock at boundaries — mock where the symbol is used, not where it's defined; after refactoring, update mock targets to match new module paths
Use AsyncMock from unittest.mock for async functions in tests
When writing tests, use Test-Driven Development (TDD): write failing tests marked with @pytest.mark.xfail before implementation, then remove the marker once the implementation is complete
When creating snapshots in tests, use poetry run pytest path/to/test.py --snapshot-update; always review snapshot changes with git diff before committing

Files:

• autogpt_platform/backend/backend/api/features/workspace/preview_test.py

🧠 Learnings (16)

📚 Learning: 2026-04-08T17:28:23.439Z

Learnt from: CR
Repo: Significant-Gravitas/AutoGPT PR: 0
File: autogpt_platform/backend/AGENTS.md:0-0
Timestamp: 2026-04-08T17:28:23.439Z
Learning: Applies to autogpt_platform/backend/**/*_test.py : When creating snapshots in tests, use `poetry run pytest path/to/test.py --snapshot-update`; always review snapshot changes with `git diff` before committing

Applied to files:

• autogpt_platform/backend/backend/api/features/workspace/preview_test.py

📚 Learning: 2026-04-08T17:28:23.439Z

Learnt from: CR
Repo: Significant-Gravitas/AutoGPT PR: 0
File: autogpt_platform/backend/AGENTS.md:0-0
Timestamp: 2026-04-08T17:28:23.439Z
Learning: Applies to autogpt_platform/backend/**/*_test.py : Use pytest with snapshot testing for API responses

Applied to files:

• autogpt_platform/backend/backend/api/features/workspace/preview_test.py

📚 Learning: 2026-04-08T17:28:23.439Z

Learnt from: CR
Repo: Significant-Gravitas/AutoGPT PR: 0
File: autogpt_platform/backend/AGENTS.md:0-0
Timestamp: 2026-04-08T17:28:23.439Z
Learning: Applies to autogpt_platform/backend/**/*_test.py : Colocate test files with source files using `*_test.py` naming convention

Applied to files:

• autogpt_platform/backend/backend/api/features/workspace/preview_test.py

📚 Learning: 2026-04-08T17:28:23.439Z

Learnt from: CR
Repo: Significant-Gravitas/AutoGPT PR: 0
File: autogpt_platform/backend/AGENTS.md:0-0
Timestamp: 2026-04-08T17:28:23.439Z
Learning: Applies to autogpt_platform/backend/**/*_test.py : Mock at boundaries — mock where the symbol is **used**, not where it's **defined**; after refactoring, update mock targets to match new module paths

Applied to files:

• autogpt_platform/backend/backend/api/features/workspace/preview_test.py

📚 Learning: 2026-02-04T16:49:42.490Z

Learnt from: CR
Repo: Significant-Gravitas/AutoGPT PR: 0
File: .github/copilot-instructions.md:0-0
Timestamp: 2026-02-04T16:49:42.490Z
Learning: Applies to autogpt_platform/backend/**/test/**/*.py : Use snapshot testing with '--snapshot-update' flag in backend tests when output changes; always review with 'git diff'

Applied to files:

• autogpt_platform/backend/backend/api/features/workspace/preview_test.py

📚 Learning: 2026-02-04T16:49:42.490Z

Learnt from: CR
Repo: Significant-Gravitas/AutoGPT PR: 0
File: .github/copilot-instructions.md:0-0
Timestamp: 2026-02-04T16:49:42.490Z
Learning: Applies to autogpt_platform/backend/backend/api/features/**/*.py : Update routes in '/backend/backend/api/features/' and add/update Pydantic models in the same directory for API development

Applied to files:

• autogpt_platform/backend/backend/api/features/workspace/preview_test.py

📚 Learning: 2026-02-26T17:02:22.448Z

Learnt from: Pwuts
Repo: Significant-Gravitas/AutoGPT PR: 12211
File: .pre-commit-config.yaml:160-179
Timestamp: 2026-02-26T17:02:22.448Z
Learning: Keep the pre-commit hook pattern broad for autogpt_platform/backend to ensure OpenAPI schema changes are captured. Do not narrow to backend/api/ alone, since the generated schema depends on Pydantic models across multiple directories (backend/data/, backend/blocks/, backend/copilot/, backend/integrations/, backend/util/). Narrowing could miss schema changes and cause frontend type desynchronization.

Applied to files:

• autogpt_platform/backend/backend/api/features/workspace/preview_test.py

📚 Learning: 2026-03-05T15:42:08.207Z

Learnt from: ntindle
Repo: Significant-Gravitas/AutoGPT PR: 12297
File: .claude/skills/backend-check/SKILL.md:14-16
Timestamp: 2026-03-05T15:42:08.207Z
Learning: In Python files under autogpt_platform/backend (recursively), rely on poetry run format to perform formatting (Black + isort) and linting (ruff). Do not run poetry run lint as a separate step after poetry run format, since format already includes linting checks.

Applied to files:

• autogpt_platform/backend/backend/api/features/workspace/preview_test.py

📚 Learning: 2026-03-16T16:35:40.236Z

Learnt from: majdyz
Repo: Significant-Gravitas/AutoGPT PR: 12440
File: autogpt_platform/backend/backend/api/features/workflow_import.py:54-63
Timestamp: 2026-03-16T16:35:40.236Z
Learning: Avoid using the word 'competitor' in public-facing identifiers and text. Use neutral naming for API paths, model names, function names, and UI text. Examples: rename 'CompetitorFormat' to 'SourcePlatform', 'convert_competitor_workflow' to 'convert_workflow', '/competitor-workflow' to '/workflow'. Apply this guideline to files under autogpt_platform/backend and autogpt_platform/frontend.

Applied to files:

• autogpt_platform/backend/backend/api/features/workspace/preview_test.py

📚 Learning: 2026-03-31T15:37:38.626Z

Learnt from: majdyz
Repo: Significant-Gravitas/AutoGPT PR: 12623
File: autogpt_platform/backend/backend/copilot/tools/agent_generator/fixer.py:37-47
Timestamp: 2026-03-31T15:37:38.626Z
Learning: When validating/constructing Anthropic API model IDs in Significant-Gravitas/AutoGPT, allow the hyphen-separated Claude Opus 4.6 model ID `claude-opus-4-6` (it corresponds to `LlmModel.CLAUDE_4_6_OPUS` in `autogpt_platform/backend/backend/blocks/llm.py`). Do NOT require the dot-separated form in Anthropic contexts. Only OpenRouter routing variants should use the dot separator (e.g., `anthropic/claude-opus-4.6`); `claude-opus-4-6` should be treated as correct when passed to Anthropic, and flagged only if it’s used in the OpenRouter path where the dot form is expected.

Applied to files:

• autogpt_platform/backend/backend/api/features/workspace/preview_test.py

📚 Learning: 2026-04-15T02:43:36.890Z

Learnt from: ntindle
Repo: Significant-Gravitas/AutoGPT PR: 12780
File: autogpt_platform/backend/backend/copilot/tools/workspace_files.py:0-0
Timestamp: 2026-04-15T02:43:36.890Z
Learning: When reviewing Python exception handlers, do not flag `isinstance(e, X)` checks as dead/unreachable if the caught exception `X` is a subclass of the exception type being handled. For example, if `X` (e.g., `VirusScanError`) inherits from `ValueError` (directly or via an intermediate class) and it can be raised within an `except ValueError:` block, then `isinstance(e, X)` inside that handler is reachable and should not be treated as dead code.

Applied to files:

• autogpt_platform/backend/backend/api/features/workspace/preview_test.py

📚 Learning: 2026-05-23T05:29:43.085Z

Learnt from: majdyz
Repo: Significant-Gravitas/AutoGPT PR: 13200
File: autogpt_platform/backend/backend/executor/scheduler.py:590-593
Timestamp: 2026-05-23T05:29:43.085Z
Learning: When reviewing Python code that uses Pydantic discriminated/tagged unions (e.g., `Annotated[Union[...], Field(discriminator="kind")]`), recognize that using `isinstance(x, SomeVariantInfo)` to narrow the union is an intentional and correct runtime guard and should also enable static type narrowing in tools like Pyright. Do not recommend replacing such `isinstance`-based narrowing with `cast(...)` when the check already proves the variant at runtime.

Applied to files:

• autogpt_platform/backend/backend/api/features/workspace/preview_test.py

📚 Learning: 2026-04-22T11:46:04.431Z

Learnt from: majdyz
Repo: Significant-Gravitas/AutoGPT PR: 12881
File: autogpt_platform/backend/backend/copilot/config.py:0-0
Timestamp: 2026-04-22T11:46:04.431Z
Learning: Do not flag the Claude Sonnet 4.6 model ID as incorrect when it uses the project’s established hyphenated convention: `anthropic/claude-sonnet-4-6`. This hyphen form is the intentional, production convention and should be treated as valid (including in files like llm.py, blocks tests, reasoning.py, `_is_anthropic_model` tests, and config defaults). Note that OpenRouter also accepts the dot variant `anthropic/claude-sonnet-4.6`, so either form may be tolerated, but `anthropic/claude-sonnet-4-6` should be considered the standard to match project usage.

Applied to files:

• autogpt_platform/backend/backend/api/features/workspace/preview_test.py

📚 Learning: 2026-04-22T11:46:12.892Z

Learnt from: majdyz
Repo: Significant-Gravitas/AutoGPT PR: 12881
File: autogpt_platform/backend/backend/copilot/baseline/service.py:322-332
Timestamp: 2026-04-22T11:46:12.892Z
Learning: In this codebase (Significant-Gravitas/AutoGPT), OpenRouter-routed Anthropic model IDs should use the hyphen-separated convention (e.g., `anthropic/claude-sonnet-4-6`, `anthropic/claude-opus-4-6`). Although OpenRouter may accept both hyphen and dot variants, treat the hyphen-separated form as the intended, correct codebase-wide convention and do not flag it as an error. Only flag the dot-separated variant (e.g., `anthropic/claude-sonnet-4.6`) as incorrect when reviewing/validating model ID strings for OpenRouter-routed Anthropic models.

Applied to files:

• autogpt_platform/backend/backend/api/features/workspace/preview_test.py

📚 Learning: 2026-05-07T18:48:14.242Z

Learnt from: majdyz
Repo: Significant-Gravitas/AutoGPT PR: 13040
File: autogpt_platform/backend/backend/blocks/llm.py:0-0
Timestamp: 2026-05-07T18:48:14.242Z
Learning: In this repository, isort may split imports from the same module into separate blocks when some imports are aliased (e.g., `from module import X as Y`) and others are not. Preserve the two-block layout when it results from isort (such as keeping `from openai.types.chat import ChatCompletion as OpenAIChatCompletion` separate from non-aliased imports from `openai.types.chat`). Do not treat that split as a style issue during review; merging them into a single block can fail CI with `Imports are incorrectly sorted and/or formatted`.

Applied to files:

• autogpt_platform/backend/backend/api/features/workspace/preview_test.py

📚 Learning: 2026-05-26T14:24:34.866Z

Learnt from: Abhi1992002
Repo: Significant-Gravitas/AutoGPT PR: 13217
File: autogpt_platform/backend/backend/api/features/search/service.py:137-137
Timestamp: 2026-05-26T14:24:34.866Z
Learning: In the Significant-Gravitas/AutoGPT backend, treat `user_id` (an opaque UUID used only for correlation/tracing) as non-PII. Do not flag direct logging of `user_id` in `logger.warning`/`logger.info` statements as a PII exposure issue, as the established convention is to log `user_id` for tracing while reserving PII for fields like email or display name.

Applied to files:

• autogpt_platform/backend/backend/api/features/workspace/preview_test.py