fix(cookbooks): Fix regressed issues in cookbooks

[HamadaSalhab]

PR Type

Enhancement, Bug fix, Documentation

---

Description

• Enhanced security by replacing hardcoded API keys with environment variables.

• Improved logging and error handling in spider.py for better debugging.

• Updated JSON transformation examples and clarified instructions in cookbooks.

• Refined sarcastic headline generation logic and outputs in cookbooks.

---

Changes walkthrough 📝

	Relevant files
Enhancement	05-video-processing-with-natural-language.ipynb Security and example improvements in video processing notebook cookbooks/05-video-processing-with-natural-language.ipynb Replaced hardcoded API keys with environment variables. Updated JSON transformation examples and clarified instructions. Adjusted execution counts and improved example outputs. Enhanced clarity in transformation logic and added explanations. +55/-48  02-sarcastic-news-headline-generator.ipynb Security and logic updates in sarcastic headline generator cookbooks/02-sarcastic-news-headline-generator.ipynb Replaced hardcoded API keys with environment variables. Updated sarcastic headline generation logic and outputs. Adjusted execution counts and improved example outputs. Enhanced clarity in API integration setup. +69/-51
Bug fix	spider.py Enhanced logging and error handling in spider utility        integrations-service/integrations/utils/integrations/spider.py Added logging for debugging API key usage and spider arguments. Improved error handling with detailed logging on exceptions. Removed unused parameters in spider method calls. Configured logger for better traceability. +13/-3
Additional files	01-website-crawler.ipynb +49/-124 03-trip-planning-assistant.ipynb +453/-475

---

Need help?

Type /help how to ... in the comments thread for any questions about Qodo Merge usage.

Check out the documentation for more information.

---

Important

Enhance security, logging, and logic in cookbooks and spider.py by replacing hardcoded API keys, improving error handling, and refining examples.

• Security Enhancements:
  • Replaced hardcoded API keys with environment variables in 05-video-processing-with-natural-language.ipynb and 02-sarcastic-news-headline-generator.ipynb.
• Logging and Error Handling:
  • Improved logging and error handling in spider.py for better debugging and traceability.
• Cookbook Updates:
  • Updated JSON transformation examples and clarified instructions in 05-video-processing-with-natural-language.ipynb.
  • Refined sarcastic headline generation logic and outputs in 02-sarcastic-news-headline-generator.ipynb.
• Miscellaneous:
  • Adjusted execution counts and improved example outputs in cookbooks.

^{This description was created by for 29c7eeb. It will automatically update as commits are pushed.}

[qodo-merge-for-open-source]

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪

🧪 No relevant tests

🔒 Security concerns Improved security: The PR replaces hardcoded API keys with environment variables in multiple notebooks (lines 167 in 05-video-processing-with-natural-language.ipynb and line 162 in 02-sarcastic-news-headline-generator.ipynb). This is a good security practice. However, there are still placeholder credentials for Cloudinary (cloudinary_api_key, cloudinary_api_secret, cloudinary_cloud_name) that should ideally also use environment variables instead of string placeholders.

⚡ Recommended focus areas for review Commented Code There are commented-out parameters in the spider method call that should either be removed or properly implemented. # params=arguments.params, # stream=False, # content_type=arguments.content_type, Placeholder Credentials The PR replaces hardcoded API keys with environment variables in some places but still uses placeholder values for Cloudinary credentials. "cloudinary_api_key = \"your_cloudinary_api_key\"\n", "cloudinary_api_secret = \"your_cloudinary_api_secret\"\n", "cloudinary_cloud_name = \"your_cloudinary_cloud_name\"\n",

[qodo-merge-for-open-source]

CI Feedback 🧐

A test triggered by this PR failed. Here is an AI-generated analysis of the failure:

Action: Lint-And-Format

Failed stage: Run stefanzweifel/git-auto-commit-action@v4 [❌]

Failure summary: The action failed because the git-auto-commit-action encountered a conflict. The linting process fixed an import sorting issue in integrations/utils/integrations/spider.py, but when trying to commit these changes, git refused because there were already local changes to the same file that would be overwritten by the checkout operation. The error message specifically states: "Your local changes to the following files would be overwritten by checkout: integrations-service/integrations/utils/integrations/spider.py"

Relevant error logs: 1: ##[group]Operating System 2: Ubuntu ... 126: prune-cache: true 127: ignore-nothing-to-cache: false 128: ##[endgroup] 129: Downloading uv from "https://github.com/astral-sh/uv/releases/download/0.6.14/uv-x86_64-unknown-linux-gnu.tar.gz" ... 130: [command]/usr/bin/tar xz --warning=no-unknown-keyword --overwrite -C /home/runner/work/_temp/04fd3e05-48c3-463e-b9b3-a66ca6d4edbe -f /home/runner/work/_temp/d0f7eebd-0602-41d1-bd4c-ba0f91a6a79c 131: Added /opt/hostedtoolcache/uv/0.6.14/x86_64 to the path 132: Added /home/runner/.local/bin to the path 133: Set UV_CACHE_DIR to /home/runner/work/_temp/setup-uv-cache 134: Successfully installed uv version 0.6.14 135: Searching files using cache dependency glob: **/uv.lock 136: /home/runner/work/julep/julep/agents-api/uv.lock 137: /home/runner/work/julep/julep/cli/uv.lock 138: /home/runner/work/julep/julep/integrations-service/uv.lock 139: Found 3 files to hash. 140: Trying to restore uv cache from GitHub Actions cache with key: setup-uv-1-x86_64-unknown-linux-gnu-0.6.14-8069f6544188f6e328e860fe6b3f3acb49261fcc67acb1067e0cc823d3ede0f8 141: ##[warning]Failed to restore: Cache service responded with 422 142: No GitHub Actions cache found for key: setup-uv-1-x86_64-unknown-linux-gnu-0.6.14-8069f6544188f6e328e860fe6b3f3acb49261fcc67acb1067e0cc823d3ede0f8 ... 379: + wikipedia==1.4.0 380: + wrapt==1.17.0 381: + wsproto==1.2.0 382: + yarl==1.18.0 383: ##[group]Run cd integrations-service 384: �[36;1mcd integrations-service�[0m 385: �[36;1muv run poe format�[0m 386: �[36;1muv run poe lint�[0m 387: shell: /usr/bin/bash -e {0} 388: env: 389: UV_CACHE_DIR: /home/runner/work/_temp/setup-uv-cache 390: ##[endgroup] 391: �[37mPoe =>�[0m �[94mruff format�[0m 392: 72 files left unchanged 393: �[37mPoe =>�[0m �[94mruff check�[0m 394: Fixed 1 error: 395: - integrations/utils/integrations/spider.py: 396: 1 × I001 (unsorted-imports) 397: Found 1 error (1 fixed, 0 remaining). 398: ##[group]Run stefanzweifel/git-auto-commit-action@v4 ... 420: INPUT_BRANCH value: x/cookook-fixes 421: From https://github.com/julep-ai/julep 422: * [new branch] c/bump-typespec -> origin/c/bump-typespec 423: * [new branch] dev -> origin/dev 424: * [new branch] f/api-call-integration-tools -> origin/f/api-call-integration-tools 425: * [new branch] f/chat-system-tool-calls -> origin/f/chat-system-tool-calls 426: * [new branch] f/claude-code-stuff -> origin/f/claude-code-stuff 427: * [new branch] f/dependency-injection -> origin/f/dependency-injection 428: * [new branch] f/grafana-traefik -> origin/f/grafana-traefik 429: * [new branch] f/increase-test-coverage -> origin/f/increase-test-coverage 430: * [new branch] f/optimize-transition-queries -> origin/f/optimize-transition-queries 431: * [new branch] f/refactor-tests -> origin/f/refactor-tests 432: * [new branch] f/repsonses-filesearch-tool -> origin/f/repsonses-filesearch-tool 433: * [new branch] f/responses-api -> origin/f/responses-api 434: * [new branch] f/secrets-store -> origin/f/secrets-store 435: * [new branch] f/tasks-validation-errors-enhancement -> origin/f/tasks-validation-errors-enhancement 436: * [new branch] feature/issue-1162-add-secrets-store -> origin/feature/issue-1162-add-secrets-store 437: * [new branch] main -> origin/main 438: * [new branch] restore-main -> origin/restore-main 439: * [new branch] v0.3 -> origin/v0.3 440: * [new branch] x/cookook-fixes -> origin/x/cookook-fixes 441: * [new branch] x/fix-cli-init -> origin/x/fix-cli-init 442: * [new branch] x/remove-connection-pool -> origin/x/remove-connection-pool 443: * [new branch] x/speed-up-search -> origin/x/speed-up-search 444: * [new branch] x/typespec-refactor -> origin/x/typespec-refactor 445: * [new tag] v0.3.4 -> v0.3.4 446: error: Your local changes to the following files would be overwritten by checkout: 447: integrations-service/integrations/utils/integrations/spider.py 448: Please commit your changes or stash them before you switch branches. 449: Aborting 450: Error: Invalid status code: 1 451: at ChildProcess.<anonymous> (/home/runner/work/_actions/stefanzweifel/git-auto-commit-action/v4/index.js:17:19) 452: at ChildProcess.emit (node:events:524:28) 453: at maybeClose (node:internal/child_process:1104:16) 454: at ChildProcess._handle.onexit (node:internal/child_process:304:5) { 455: code: 1 456: } 457: Error: Invalid status code: 1 458: at ChildProcess.<anonymous> (/home/runner/work/_actions/stefanzweifel/git-auto-commit-action/v4/index.js:17:19)

[qodo-merge-for-open-source]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
Possible issue	Correct API parameter name The parameter name for the Brave API key should be api_key instead of brave_api_key. This inconsistency will cause the integration to fail when attempting to authenticate with the Brave API. cookbooks/02-sarcastic-news-headline-generator.ipynb [249] integration: provider: brave setup: - brave_api_key: "{BRAVE_API_KEY}" + api_key: "{BRAVE_API_KEY}" [To ensure code accuracy, apply this suggestion manually] Suggestion importance[1-10]: 9 __ Why: The suggestion correctly identifies that the parameter name should be "api_key" instead of "brave_api_key". This is a critical fix as using the wrong parameter name would cause authentication failures when integrating with the Brave API.	High
	Fix template variable syntax Remove the space between the dollar sign and underscore in the URL parameter. The current syntax $ ['url'] is incorrect and will cause parsing errors. The correct syntax should be $['url']. cookbooks/01-website-crawler.ipynb [256-259] # Step 0: Call the spider_crawler tool with the url input - tool: spider_crawler arguments: - url: $ _['url'] # You can also use 'steps[0].input.url' + url: $_['url'] # You can also use 'steps[0].input.url' params: request: smart_mode limit: $ 2 # limit to 2 pages return_format: markdown proxy_enabled: $ True filter_output_images: $ True [To ensure code accuracy, apply this suggestion manually] Suggestion importance[1-10]: 8 __ Why: The suggestion correctly identifies a syntax error in the template variable. The space between $ and _ would cause parsing errors when the task is executed, preventing the URL parameter from being properly passed to the spider_crawler tool.	Medium
	✅ Restore required method parameters Suggestion Impact: The commit directly implemented the suggestion by uncommenting and restoring the three parameters (params, stream, and content_type) that were previously commented out in the spider client method call. code diff: url=str(arguments.url), - # params=arguments.params, - # stream=False, - # content_type=arguments.content_type, + params=arguments.params, + stream=False, + content_type=arguments.content_type, ): The commented-out parameters have been removed from the method call, which could cause functionality issues if these parameters are required by the spider client. Consider restoring these parameters or ensuring they're not needed before removing them. integrations-service/integrations/utils/integrations/spider.py [49-56] async with AsyncSpider(api_key=api_key) as spider_client: async for result in getattr(spider_client, method_name)( url=str(arguments.url), - # params=arguments.params, - # stream=False, - # content_type=arguments.content_type, + params=arguments.params, + stream=False, + content_type=arguments.content_type, ): results = result [Suggestion has been applied] Suggestion importance[1-10]: 8 __ Why: The PR commented out parameters that might be essential for the spider client's functionality. Removing these parameters without ensuring they're not needed could break the API calls. This suggestion correctly identifies a potential regression issue.	Medium
	Add environment variable error handling Add error handling for the case when the environment variable "JULEP_API_KEY" is not set. This will prevent the application from crashing with a KeyError when the environment variable is missing. cookbooks/03-trip-planning-assistant.ipynb [182] -JULEP_API_KEY = os.environ["JULEP_API_KEY"] +JULEP_API_KEY = os.environ.get("JULEP_API_KEY", "YOUR_API_KEY") +if JULEP_API_KEY == "YOUR_API_KEY": + print("Warning: Please set the JULEP_API_KEY environment variable") [To ensure code accuracy, apply this suggestion manually] Suggestion importance[1-10]: 7 __ Why: This suggestion adds important error handling for missing environment variables, which would prevent the notebook from crashing with a KeyError. The graceful fallback and warning message improve user experience significantly.	Medium
	Fix YAML indentation The indentation of the unwrap: true parameter is incorrect. It should be aligned with the prompt parameter at the same indentation level, not as a separate block. This misalignment will cause the YAML parser to interpret it incorrectly. cookbooks/01-website-crawler.ipynb [284] ''' {{_['documents']}} I want you to create a short summary (no longer than 100 words) of the results you found while crawling that website. ''' -unwrap: true [To ensure code accuracy, apply this suggestion manually] Suggestion importance[1-10]: 7 __ Why: The suggestion correctly identifies an indentation issue with the "unwrap: true" parameter. This misalignment would cause the YAML parser to interpret it incorrectly, potentially leading to runtime errors when executing the task.	Medium
Update

[ellipsis-dev]

❌ Changes requested. Reviewed everything up to 6478b12 in 1 minute and 49 seconds

More details

• Looked at 55 lines of code in 1 files
• Skipped 4 files when reviewing.
• Skipped posting 3 drafted comments based on config settings.

1. integrations-service/integrations/utils/integrations/spider.py:52

• Draft comment:
  Ensure commented-out parameters are intentional. If removal is permanent, remove dead code.
• Reason this comment was not posted:
  Decided after close inspection that this draft comment was likely wrong and/or not actionable: usefulness confidence = 20% vs. threshold = 50%
  Commented-out code is generally considered a code smell and should be removed if it's no longer needed. However, this could be temporary debugging or testing code. The comment doesn't provide strong guidance - it just asks to "ensure" the comments are intentional. Per the rules, we should not ask authors to "ensure" or "verify" things.
  The comment could be more actionable by directly stating "Remove commented out code if no longer needed" instead of asking for verification. Also, this could be temporary debugging code that the author intends to uncomment later.
  While commented-out code is a valid concern, the way this comment is phrased violates our rules about not asking authors to verify or ensure things. A more direct "remove if not needed" would be better.
  The comment should be deleted because it asks the author to "ensure" something rather than making a clear, actionable request. If commented code is an issue, it should be raised differently.

2. integrations-service/integrations/utils/integrations/spider.py:45

• Draft comment:
  Avoid logging sensitive API key information; consider removing or masking the API key in logs.
• Reason this comment was not posted:
  Marked as duplicate.

3. integrations-service/integrations/utils/integrations/spider.py:52

• Draft comment:
  Remove or document the commented-out parameters to clarify why they are disabled.
• Reason this comment was not posted:
  Confidence changes required: 50% <= threshold 50%
  None

Workflow ID: wflow_OWtzmGMCmrbiehHj

---

Want Ellipsis to fix these issues? Tag @ellipsis-dev in a comment. You can customize Ellipsis with 👍 / 👎 feedback, review rules, user-specific overrides, quiet mode, and more.

[ellipsis-dev]

👍 Looks good to me! Incremental review on 29c7eeb in 1 minute and 34 seconds

More details

• Looked at 52 lines of code in 1 files
• Skipped 0 files when reviewing.
• Skipped posting 7 drafted comments based on config settings.

1. integrations-service/integrations/utils/integrations/spider.py:48

• Draft comment:
  If multiple pages are returned, overwriting 'results' may drop earlier entries. Consider accumulating them (e.g. appending to a list) if intended.
• Reason this comment was not posted:
  Comment was on unchanged code.

2. integrations-service/integrations/utils/integrations/spider.py:56

• Draft comment:
  Consider chaining the caught exception (using 'raise RuntimeError(msg) from e') to preserve traceback for better debugging.
• Reason this comment was not posted:
  Comment was on unchanged code.

3. integrations-service/integrations/utils/integrations/spider.py:33

• Draft comment:
  Ensure the DEMO_API_KEY check and fallback to environment variable is thoroughly documented to avoid confusion in API key handling.
• Reason this comment was not posted:
  Confidence changes required: 33% <= threshold 50%
  None

4. integrations-service/integrations/utils/integrations/spider.py:33

• Draft comment:
  Using the walrus operator here to check for 'DEMO_API_KEY' is concise, but consider extracting 'DEMO_API_KEY' into a named constant. This improves readability and maintainability. Also, ensure that the environment-provided 'spider_api_key' is non-empty to avoid misconfigurations.
• Reason this comment was not posted:
  Comment was not on a location in the diff, so it can't be submitted as a review comment.

5. integrations-service/integrations/utils/integrations/spider.py:57

• Draft comment:
  When handling exceptions here, consider using exception chaining (e.g. 'raise RuntimeError(msg) from e') so that the original traceback isn’t lost. This can aid in debugging.
• Reason this comment was not posted:
  Comment was on unchanged code.

6. integrations-service/integrations/utils/integrations/spider.py:42

• Draft comment:
  The async loop assigns each yielded result to the same 'results' variable, overwriting previous values. Confirm that only a single (or final) result is intended. If multiple results are expected, consider accumulating them in a list.
• Reason this comment was not posted:
  Comment was on unchanged code.

7. integrations-service/integrations/utils/integrations/spider.py:6

• Draft comment:
  Importing 'spider_api_key' from the environment enhances security. Just ensure that the environment variable is reliably set in all deployment contexts to avoid fallback issues.
• Reason this comment was not posted:
  Confidence changes required: 50% <= threshold 50%
  None

Workflow ID: wflow_QdulbUZbTh9GQdGU

---

You can customize Ellipsis with 👍 / 👎 feedback, review rules, user-specific overrides, quiet mode, and more.