Feat/swagger UI overhaul#568
Merged
Merged
Conversation
…d brand Swagger UI - Rewrite OpenApiConfig.java with 38 tags in groups 01-09 - Add @tag to 4 previously untagged endpoints (ILogoutEndpoint, RestSlackWebhook, RestToolHistory, RestA2AEndpoint) - Register 10 missing tags in OpenApiConfig (MCP Calls, Channel Integrations, User Memory, RAG Ingestion, RAG Knowledge Bases, Prompt Snippets, Global Variables, Attachments, Template Preview, A2A Protocol) - Rename eddi-logo.png to logo.png (Quarkus standard auto-detection) - Overhaul style.css: amber/stone palette matching EDDI Manager, fix border-agenttom typos, dark-themed operations and models
…nc palette - Add OpenApiTagSortFilter (OASFilter) to sort tags in OpenAPI doc - Add quarkus.swagger-ui.tags-sorter=alpha for UI-level sorting - Set quarkus.swagger-ui.theme=original to remove default theme - Rewrite style.css using exact Manager dark-mode zinc palette: background=#09090b, surface=#18181b, border=#27272a, fg=#fafaf9
…n CSS overrides - Replace numbered prefixes (01., 02., etc.) with category/sub format: Agents, Agents / Setup, Configuration / LLM, etc. - Fix 19 files with corrupted byte 0xB7 from PowerShell Set-Content (Windows-1252 middle dot vs UTF-8) by using ASCII '/' separator - Remove UTF-8 BOM from 30 files added by System.IO.File.WriteAllText - Add !important overrides: Explore button, version stamps, backgrounds - Set quarkus.swagger-ui.theme=original to disable default blue theme - Include updated Manager assets and Dockerfile from working tree
…ntrast - Add description attribute to all 49 interface-level @tag annotations (SmallRye overrides @OpenAPIDefinition descriptions with null when interface @tag lacks description) - Fix topbar: pure black with !important, brighter border for separation - Fix version badges: 6.1.1 gets prominent amber bg, OAS 3.1 demoted to subtle gray - Fix pre.version text: was #09090b on #27272a (invisible dark-on-dark)
Updated across all locations: pom.xml, Dockerfile, OpenApiConfig, Helm Chart, K8s manifests, and Red Hat certification workflow.
Rewrote CSS to scope all dark theme colors under html.dark-mode so the lamp icon toggle creates a visible switch between themes: - Light mode: white bg, dark text, amber-600 accents - Dark mode: EDDI Manager palette (zinc-950 bg, amber-500 accents) - Topbar stays dark in both modes for brand consistency
Dependency Review✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.Scanned FilesNone |
Contributor
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: defaults Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (2)
✅ Files skipped from review due to trivial changes (2)
📝 WalkthroughWalkthroughBumps the project version from 6.1.0 to 6.1.1 across all manifests (pom.xml, Dockerfile, Helm, Kubernetes, workflow). Reorganizes OpenAPI tags into a hierarchical taxonomy across ~45 REST interfaces, adds an alphabetical tag-sort OASFilter, rewrites the Swagger UI CSS theme with light/dark modes, and removes stale versioned language-mode JavaScript bundles. ChangesSwagger UI Tag Reorganization & Branding
Version Bump 6.1.0 → 6.1.1
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~25 minutes Possibly related PRs
Suggested reviewers
Poem
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Pull request overview
Updates the Quarkus-served Swagger UI and related assets to align with EDDI branding and a cleaner OpenAPI tag taxonomy, while also bumping the project/versioned deployment artifacts to 6.1.1.
Changes:
- Reworked OpenAPI tag taxonomy across REST resources/interfaces and updated Swagger UI configuration (theme + tag sorting).
- Updated embedded Manager entrypoint asset references and removed a large set of obsolete frontend bundle artifacts.
- Version + infrastructure bumps to 6.1.1 across Maven, container image build args, and deployment manifests (Helm/K8s/GitHub workflow inputs).
Reviewed changes
Copilot reviewed 96 out of 100 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| src/main/resources/META-INF/resources/manage.html | Updates Manager HTML to reference the new hashed JS/CSS bundles. |
| src/main/resources/META-INF/resources/assets/yaml-C5eaV0RI.js | Removes old bundled asset (obsolete build output). |
| src/main/resources/META-INF/resources/assets/yaml-BtJQtdrv.js | Removes old bundled asset (obsolete build output). |
| src/main/resources/META-INF/resources/assets/xml-Wsqe13ye.js | Removes old bundled asset (obsolete build output). |
| src/main/resources/META-INF/resources/assets/xml-Dzl_rdxd.js | Removes old bundled asset (obsolete build output). |
| src/main/resources/META-INF/resources/assets/typescript-G7Eu3Ar3.js | Removes old bundled asset (obsolete build output). |
| src/main/resources/META-INF/resources/assets/typescript-D1IyJ0Mn.js | Removes old bundled asset (obsolete build output). |
| src/main/resources/META-INF/resources/assets/tsMode-DcqLl0pR.js | Removes old bundled asset (obsolete build output). |
| src/main/resources/META-INF/resources/assets/razor-BRw03YNd.js | Removes old bundled asset (obsolete build output). |
| src/main/resources/META-INF/resources/assets/razor-BPd4BWpj.js | Removes old bundled asset (obsolete build output). |
| src/main/resources/META-INF/resources/assets/python-nn_VEFur.js | Removes old bundled asset (obsolete build output). |
| src/main/resources/META-INF/resources/assets/python-BoyG6M2a.js | Removes old bundled asset (obsolete build output). |
| src/main/resources/META-INF/resources/assets/mdx-CzWNFZ_r.js | Removes old bundled asset (obsolete build output). |
| src/main/resources/META-INF/resources/assets/mdx-Cjguuzo_.js | Removes old bundled asset (obsolete build output). |
| src/main/resources/META-INF/resources/assets/liquid-C_tKVlev.js | Removes old bundled asset (obsolete build output). |
| src/main/resources/META-INF/resources/assets/liquid-BU54st6I.js | Removes old bundled asset (obsolete build output). |
| src/main/resources/META-INF/resources/assets/jsonMode-D3E7SjOF.js | Removes old bundled asset (obsolete build output). |
| src/main/resources/META-INF/resources/assets/jsonMode-BrbWbOAE.js | Removes old bundled asset (obsolete build output). |
| src/main/resources/META-INF/resources/assets/javascript-SxiXgJ1p.js | Removes old bundled asset (obsolete build output). |
| src/main/resources/META-INF/resources/assets/javascript-CmDShlNU.js | Removes old bundled asset (obsolete build output). |
| src/main/resources/META-INF/resources/assets/htmlMode-FnQ1MKvn.js | Removes old bundled asset (obsolete build output). |
| src/main/resources/META-INF/resources/assets/htmlMode-CqKL2ox8.js | Removes old bundled asset (obsolete build output). |
| src/main/resources/META-INF/resources/assets/html-z1CojlRt.js | Removes old bundled asset (obsolete build output). |
| src/main/resources/META-INF/resources/assets/html-CXIKgM1_.js | Removes old bundled asset (obsolete build output). |
| src/main/resources/META-INF/resources/assets/handlebars-u8CdY6Y6.js | Removes old bundled asset (obsolete build output). |
| src/main/resources/META-INF/resources/assets/handlebars-B6GL_0Gw.js | Removes old bundled asset (obsolete build output). |
| src/main/resources/META-INF/resources/assets/freemarker2-DqDWCtuK.js | Removes old bundled asset (obsolete build output). |
| src/main/resources/META-INF/resources/assets/freemarker2-Dl3FuCzB.js | Removes old bundled asset (obsolete build output). |
| src/main/resources/META-INF/resources/assets/cssMode-DMPmy9yy.js | Removes old bundled asset (obsolete build output). |
| src/main/resources/META-INF/resources/assets/cssMode-CRRdssKx.js | Removes old bundled asset (obsolete build output). |
| src/main/resources/META-INF/branding/logo.png | Adds EDDI logo for Swagger UI branding. |
| src/main/resources/application.properties | Bumps version to 6.1.1; adds Swagger UI theme + tag sorter; updates OpenAPI version + container tags. |
| src/main/java/ai/labs/eddi/ui/IRestHtmlChatResource.java | Updates REST tag taxonomy/description for Chat UI. |
| src/main/java/ai/labs/eddi/secrets/rest/IRestSecretStore.java | Updates REST tag taxonomy/description for Secrets Vault. |
| src/main/java/ai/labs/eddi/modules/templating/rest/IRestTemplatePreview.java | Updates REST tag taxonomy/description for Template Preview. |
| src/main/java/ai/labs/eddi/modules/nlp/IRestSemanticParser.java | Updates REST tag taxonomy/description for NLP tool endpoint. |
| src/main/java/ai/labs/eddi/modules/llm/rest/RestToolHistory.java | Adds OpenAPI tag metadata for tool history endpoint. |
| src/main/java/ai/labs/eddi/integrations/slack/rest/RestSlackWebhook.java | Adds OpenAPI tag metadata for Slack webhook endpoint. |
| src/main/java/ai/labs/eddi/engine/triggermanagement/IRestUserConversationStore.java | Updates REST tag taxonomy/description for conversation history store. |
| src/main/java/ai/labs/eddi/engine/triggermanagement/IRestAgentTriggerStore.java | Updates REST tag taxonomy/description for agent administration triggers. |
| src/main/java/ai/labs/eddi/engine/tenancy/rest/IRestTenantQuota.java | Updates REST tag taxonomy/description for tenant quotas. |
| src/main/java/ai/labs/eddi/engine/schedule/IRestScheduleStore.java | Updates REST tag taxonomy/description for schedules. |
| src/main/java/ai/labs/eddi/engine/memory/rest/RestAttachmentUpload.java | Updates REST tag taxonomy/description for attachments. |
| src/main/java/ai/labs/eddi/engine/memory/rest/IRestConversationStore.java | Updates REST tag taxonomy/description for conversation store. |
| src/main/java/ai/labs/eddi/engine/gdpr/IRestGdprAdmin.java | Updates REST tag taxonomy/description for GDPR/privacy admin endpoints. |
| src/main/java/ai/labs/eddi/engine/audit/rest/IRestAuditStore.java | Updates REST tag taxonomy/description for audit trail. |
| src/main/java/ai/labs/eddi/engine/api/IRestLogAdmin.java | Updates REST tag taxonomy/description for logs admin endpoints. |
| src/main/java/ai/labs/eddi/engine/api/IRestGroupConversation.java | Updates REST tag taxonomy/description for group conversations. |
| src/main/java/ai/labs/eddi/engine/api/IRestCoordinatorAdmin.java | Updates REST tag taxonomy/description for coordinator admin endpoints. |
| src/main/java/ai/labs/eddi/engine/api/IRestAgentSetup.java | Updates REST tag taxonomy/description for agent setup endpoints. |
| src/main/java/ai/labs/eddi/engine/api/IRestAgentManagement.java | Updates REST tag taxonomy/description for managed conversation endpoints. |
| src/main/java/ai/labs/eddi/engine/api/IRestAgentEngineStreaming.java | Updates REST tag taxonomy/description for streaming conversation endpoints. |
| src/main/java/ai/labs/eddi/engine/api/IRestAgentEngine.java | Updates REST tag taxonomy/description for conversation endpoints. |
| src/main/java/ai/labs/eddi/engine/api/IRestAgentAdministration.java | Updates REST tag taxonomy/description for agent administration endpoints. |
| src/main/java/ai/labs/eddi/engine/api/ILogoutEndpoint.java | Adds OpenAPI tag metadata for auth/session endpoints. |
| src/main/java/ai/labs/eddi/engine/a2a/RestA2AEndpoint.java | Adds class-level OpenAPI tag; removes method-level tags for capability discovery endpoints. |
| src/main/java/ai/labs/eddi/configs/workflows/IRestWorkflowStore.java | Updates REST tag taxonomy/description for workflow store. |
| src/main/java/ai/labs/eddi/configs/workflows/IRestWorkflowStepStore.java | Updates REST tag taxonomy/description for workflow step store. |
| src/main/java/ai/labs/eddi/configs/variables/rest/IRestGlobalVariableStore.java | Updates REST tag taxonomy/description for global variables store. |
| src/main/java/ai/labs/eddi/configs/snippets/IRestPromptSnippetStore.java | Updates REST tag taxonomy/description for prompt snippets store. |
| src/main/java/ai/labs/eddi/configs/rules/IRestRuleSetStore.java | Updates REST tag taxonomy/description for behavior rules store. |
| src/main/java/ai/labs/eddi/configs/rag/IRestRagStore.java | Updates REST tag taxonomy/description for RAG store. |
| src/main/java/ai/labs/eddi/configs/rag/IRestRagIngestion.java | Updates REST tag taxonomy/description for RAG ingestion. |
| src/main/java/ai/labs/eddi/configs/propertysetter/IRestPropertySetterStore.java | Updates REST tag taxonomy/description for property setter store. |
| src/main/java/ai/labs/eddi/configs/properties/IRestUserMemoryStore.java | Updates REST tag taxonomy for user memory. |
| src/main/java/ai/labs/eddi/configs/properties/IRestPropertiesStore.java | Updates REST tag taxonomy/description for properties store. |
| src/main/java/ai/labs/eddi/configs/parser/IRestParserStore.java | Updates REST tag taxonomy/description for parser store. |
| src/main/java/ai/labs/eddi/configs/output/keys/IRestOutputActions.java | Updates REST tag taxonomy/description for output actions. |
| src/main/java/ai/labs/eddi/configs/output/IRestOutputStore.java | Updates REST tag taxonomy/description for output store. |
| src/main/java/ai/labs/eddi/configs/OpenApiTagSortFilter.java | Adds build-time OpenAPI tag sorting filter. |
| src/main/java/ai/labs/eddi/configs/OpenApiConfig.java | Updates canonical OpenAPI tag list/taxonomy and bumps OpenAPI info version. |
| src/main/java/ai/labs/eddi/configs/mcpcalls/IRestMcpCallsStore.java | Updates REST tag taxonomy/description for MCP calls store. |
| src/main/java/ai/labs/eddi/configs/llm/IRestLlmStore.java | Updates REST tag taxonomy/description for LLM store. |
| src/main/java/ai/labs/eddi/configs/groups/IRestAgentGroupStore.java | Updates REST tag taxonomy/description for agent group store. |
| src/main/java/ai/labs/eddi/configs/dictionary/IRestExpression.java | Updates REST tag taxonomy/description for dictionary expressions. |
| src/main/java/ai/labs/eddi/configs/dictionary/IRestDictionaryStore.java | Updates REST tag taxonomy/description for dictionary store. |
| src/main/java/ai/labs/eddi/configs/dictionary/IRestAction.java | Updates REST tag taxonomy/description for dictionary actions. |
| src/main/java/ai/labs/eddi/configs/descriptors/IRestDocumentDescriptorStore.java | Updates REST tag taxonomy/description for descriptors. |
| src/main/java/ai/labs/eddi/configs/deployment/IRestDeploymentStore.java | Updates REST tag taxonomy/description for deployments. |
| src/main/java/ai/labs/eddi/configs/channels/IRestChannelIntegrationStore.java | Updates REST tag taxonomy/description for channel integrations. |
| src/main/java/ai/labs/eddi/configs/apicalls/IRestApiCallsStore.java | Updates REST tag taxonomy/description for API calls store. |
| src/main/java/ai/labs/eddi/configs/agents/IRestCapabilityRegistry.java | Updates REST tag taxonomy from numbered to category-based. |
| src/main/java/ai/labs/eddi/configs/agents/IRestAgentStore.java | Ensures Agents tag has description (consistent UI taxonomy). |
| src/main/java/ai/labs/eddi/configs/admin/IRestOrphanAdmin.java | Updates REST tag taxonomy/description for orphans admin. |
| src/main/java/ai/labs/eddi/backup/IRestImportService.java | Updates REST tag taxonomy/description for backup import. |
| src/main/java/ai/labs/eddi/backup/IRestExportService.java | Updates REST tag taxonomy/description for backup export. |
| src/main/docker/Dockerfile | Updates base image digest and EDDI_VERSION build arg to 6.1.1. |
| pom.xml | Bumps Maven project version to 6.1.1. |
| k8s/quickstart.yaml | Bumps app.kubernetes.io/version labels to 6.1.1. |
| k8s/base/eddi-deployment.yaml | Bumps app.kubernetes.io/version labels to 6.1.1. |
| helm/eddi/Chart.yaml | Bumps Helm chart appVersion to 6.1.1. |
| docs/changelog.md | Adds changelog entry for Swagger/OpenAPI presentation changes. |
| .github/workflows/redhat-certify.yml | Updates default workflow_dispatch version input to 6.1.1. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Actionable comments posted: 3
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
src/main/java/ai/labs/eddi/modules/llm/rest/RestToolHistory.java (1)
1-37:⚠️ Potential issue | 🟠 MajorAdd
@ApplicationScopedannotation to RestToolHistory class.The class uses constructor injection with
@Injectbut is missing the required@ApplicationScopedCDI scope annotation. Add@ApplicationScopedabove the class declaration to ensure proper singleton lifecycle management for the injected dependencies.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@src/main/java/ai/labs/eddi/modules/llm/rest/RestToolHistory.java` around lines 1 - 37, The RestToolHistory class is missing the required `@ApplicationScoped` CDI scope annotation for proper singleton lifecycle management with constructor injection. Add the `@ApplicationScoped` annotation from jakarta.enterprise.context package to the imports section, then place the `@ApplicationScoped` annotation above the RestToolHistory class declaration (before the `@Path` annotation) to ensure the injected dependencies are properly managed as a singleton.Source: Coding guidelines
🧹 Nitpick comments (1)
src/main/java/ai/labs/eddi/configs/OpenApiTagSortFilter.java (1)
14-16: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick winUpdate stale Javadoc to match current taxonomy.
The comment still describes numeric tag prefixes (
01.,02.), but the taxonomy now uses named hierarchical tags. Please align the Javadoc with current behavior.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@src/main/java/ai/labs/eddi/configs/OpenApiTagSortFilter.java` around lines 14 - 16, The Javadoc comment for the OpenApiTagSortFilter class currently describes numeric tag prefixes (01., 02., etc.) but the implementation now uses named hierarchical tags. Update the class-level Javadoc comment to accurately reflect the current taxonomy by replacing references to numeric prefixes with descriptions of the named hierarchical tag structure, while maintaining the core purpose of alphabetically sorting OpenAPI tags for stable grouping in Swagger UI and API consumers.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@docs/changelog.md`:
- Line 12: The Tag Taxonomy heading on line 12 states an incorrect tag count of
38, but the actual tag count listed in the subsequent lines totals 40 tags
(4+4+10+3+3+4+5+6+1). Update the text "Tag Taxonomy (38 tags, 9 groups)" to read
"Tag Taxonomy (40 tags, 9 groups)" to reflect the correct count of tags
enumerated in the taxonomy breakdown.
- Around line 7-53: The changelog is missing documentation for two important
Swagger UI features. Add a new subsection under the "Swagger UI Branding"
section that documents the OpenApiTagSortFilter component and its alphabetical
tag sorting capability via the `quarkus.swagger-ui.tags-sorter=alpha`
configuration in application.properties. Additionally, expand the CSS overhaul
description to explicitly document the dual-theme support architecture, clearly
distinguishing between the light mode (white backgrounds, dark text, amber-600
accents) and dark mode (scoped under `html.dark-mode` with the EDDI Manager
palette of zinc-950 backgrounds, zinc-900 surfaces, and amber-500 accents),
emphasizing that the dark mode toggle capability is a significant architectural
feature of the CSS rewrite beyond the visual styling changes already documented
in lines 36-46.
In `@src/main/docker/Dockerfile`:
- Line 81: The Docker FROM directive uses an invalid or unverified digest for
the UBI9 OpenJDK 25 runtime image that does not exist in official Red Hat
records. Replace the current digest in the FROM statement (the sha256 hash
following the @ symbol) with the correct and verified digest by querying the Red
Hat Ecosystem Catalog using the skopeo inspect command as specified in the
comment. Ensure the final FROM directive contains the official validated digest
from Red Hat's released container image records.
---
Outside diff comments:
In `@src/main/java/ai/labs/eddi/modules/llm/rest/RestToolHistory.java`:
- Around line 1-37: The RestToolHistory class is missing the required
`@ApplicationScoped` CDI scope annotation for proper singleton lifecycle
management with constructor injection. Add the `@ApplicationScoped` annotation
from jakarta.enterprise.context package to the imports section, then place the
`@ApplicationScoped` annotation above the RestToolHistory class declaration
(before the `@Path` annotation) to ensure the injected dependencies are properly
managed as a singleton.
---
Nitpick comments:
In `@src/main/java/ai/labs/eddi/configs/OpenApiTagSortFilter.java`:
- Around line 14-16: The Javadoc comment for the OpenApiTagSortFilter class
currently describes numeric tag prefixes (01., 02., etc.) but the implementation
now uses named hierarchical tags. Update the class-level Javadoc comment to
accurately reflect the current taxonomy by replacing references to numeric
prefixes with descriptions of the named hierarchical tag structure, while
maintaining the core purpose of alphabetically sorting OpenAPI tags for stable
grouping in Swagger UI and API consumers.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: defaults
Review profile: CHILL
Plan: Pro
Run ID: 120314fd-135f-4c6d-95e6-900b59644ae4
⛔ Files ignored due to path filters (1)
src/main/resources/META-INF/branding/logo.pngis excluded by!**/*.png
📒 Files selected for processing (99)
.github/workflows/redhat-certify.ymldocs/changelog.mdhelm/eddi/Chart.yamlk8s/base/eddi-deployment.yamlk8s/quickstart.yamlpom.xmlsrc/main/docker/Dockerfilesrc/main/java/ai/labs/eddi/backup/IRestExportService.javasrc/main/java/ai/labs/eddi/backup/IRestImportService.javasrc/main/java/ai/labs/eddi/configs/OpenApiConfig.javasrc/main/java/ai/labs/eddi/configs/OpenApiTagSortFilter.javasrc/main/java/ai/labs/eddi/configs/admin/IRestOrphanAdmin.javasrc/main/java/ai/labs/eddi/configs/agents/IRestAgentStore.javasrc/main/java/ai/labs/eddi/configs/agents/IRestCapabilityRegistry.javasrc/main/java/ai/labs/eddi/configs/apicalls/IRestApiCallsStore.javasrc/main/java/ai/labs/eddi/configs/channels/IRestChannelIntegrationStore.javasrc/main/java/ai/labs/eddi/configs/deployment/IRestDeploymentStore.javasrc/main/java/ai/labs/eddi/configs/descriptors/IRestDocumentDescriptorStore.javasrc/main/java/ai/labs/eddi/configs/dictionary/IRestAction.javasrc/main/java/ai/labs/eddi/configs/dictionary/IRestDictionaryStore.javasrc/main/java/ai/labs/eddi/configs/dictionary/IRestExpression.javasrc/main/java/ai/labs/eddi/configs/groups/IRestAgentGroupStore.javasrc/main/java/ai/labs/eddi/configs/llm/IRestLlmStore.javasrc/main/java/ai/labs/eddi/configs/mcpcalls/IRestMcpCallsStore.javasrc/main/java/ai/labs/eddi/configs/output/IRestOutputStore.javasrc/main/java/ai/labs/eddi/configs/output/keys/IRestOutputActions.javasrc/main/java/ai/labs/eddi/configs/parser/IRestParserStore.javasrc/main/java/ai/labs/eddi/configs/properties/IRestPropertiesStore.javasrc/main/java/ai/labs/eddi/configs/properties/IRestUserMemoryStore.javasrc/main/java/ai/labs/eddi/configs/propertysetter/IRestPropertySetterStore.javasrc/main/java/ai/labs/eddi/configs/rag/IRestRagIngestion.javasrc/main/java/ai/labs/eddi/configs/rag/IRestRagStore.javasrc/main/java/ai/labs/eddi/configs/rules/IRestRuleSetStore.javasrc/main/java/ai/labs/eddi/configs/snippets/IRestPromptSnippetStore.javasrc/main/java/ai/labs/eddi/configs/variables/rest/IRestGlobalVariableStore.javasrc/main/java/ai/labs/eddi/configs/workflows/IRestWorkflowStepStore.javasrc/main/java/ai/labs/eddi/configs/workflows/IRestWorkflowStore.javasrc/main/java/ai/labs/eddi/engine/a2a/RestA2AEndpoint.javasrc/main/java/ai/labs/eddi/engine/api/ILogoutEndpoint.javasrc/main/java/ai/labs/eddi/engine/api/IRestAgentAdministration.javasrc/main/java/ai/labs/eddi/engine/api/IRestAgentEngine.javasrc/main/java/ai/labs/eddi/engine/api/IRestAgentEngineStreaming.javasrc/main/java/ai/labs/eddi/engine/api/IRestAgentManagement.javasrc/main/java/ai/labs/eddi/engine/api/IRestAgentSetup.javasrc/main/java/ai/labs/eddi/engine/api/IRestCoordinatorAdmin.javasrc/main/java/ai/labs/eddi/engine/api/IRestGroupConversation.javasrc/main/java/ai/labs/eddi/engine/api/IRestLogAdmin.javasrc/main/java/ai/labs/eddi/engine/audit/rest/IRestAuditStore.javasrc/main/java/ai/labs/eddi/engine/gdpr/IRestGdprAdmin.javasrc/main/java/ai/labs/eddi/engine/memory/rest/IRestConversationStore.javasrc/main/java/ai/labs/eddi/engine/memory/rest/RestAttachmentUpload.javasrc/main/java/ai/labs/eddi/engine/schedule/IRestScheduleStore.javasrc/main/java/ai/labs/eddi/engine/tenancy/rest/IRestTenantQuota.javasrc/main/java/ai/labs/eddi/engine/triggermanagement/IRestAgentTriggerStore.javasrc/main/java/ai/labs/eddi/engine/triggermanagement/IRestUserConversationStore.javasrc/main/java/ai/labs/eddi/integrations/slack/rest/RestSlackWebhook.javasrc/main/java/ai/labs/eddi/modules/llm/rest/RestToolHistory.javasrc/main/java/ai/labs/eddi/modules/nlp/IRestSemanticParser.javasrc/main/java/ai/labs/eddi/modules/templating/rest/IRestTemplatePreview.javasrc/main/java/ai/labs/eddi/secrets/rest/IRestSecretStore.javasrc/main/java/ai/labs/eddi/ui/IRestHtmlChatResource.javasrc/main/resources/META-INF/branding/style.csssrc/main/resources/META-INF/resources/assets/cssMode-CRRdssKx.jssrc/main/resources/META-INF/resources/assets/cssMode-DMPmy9yy.jssrc/main/resources/META-INF/resources/assets/freemarker2-Dl3FuCzB.jssrc/main/resources/META-INF/resources/assets/freemarker2-DqDWCtuK.jssrc/main/resources/META-INF/resources/assets/handlebars-B6GL_0Gw.jssrc/main/resources/META-INF/resources/assets/handlebars-u8CdY6Y6.jssrc/main/resources/META-INF/resources/assets/html-CXIKgM1_.jssrc/main/resources/META-INF/resources/assets/html-z1CojlRt.jssrc/main/resources/META-INF/resources/assets/htmlMode-CqKL2ox8.jssrc/main/resources/META-INF/resources/assets/htmlMode-FnQ1MKvn.jssrc/main/resources/META-INF/resources/assets/index-BFi5BZ7U.jssrc/main/resources/META-INF/resources/assets/index-CJdl8JdC.csssrc/main/resources/META-INF/resources/assets/index-Cfhvosw6.jssrc/main/resources/META-INF/resources/assets/javascript-CmDShlNU.jssrc/main/resources/META-INF/resources/assets/javascript-SxiXgJ1p.jssrc/main/resources/META-INF/resources/assets/jsonMode-BrbWbOAE.jssrc/main/resources/META-INF/resources/assets/jsonMode-D3E7SjOF.jssrc/main/resources/META-INF/resources/assets/liquid-BU54st6I.jssrc/main/resources/META-INF/resources/assets/liquid-C_tKVlev.jssrc/main/resources/META-INF/resources/assets/lspLanguageFeatures-CWMiI3_8.jssrc/main/resources/META-INF/resources/assets/lspLanguageFeatures-CjZ9t0R-.jssrc/main/resources/META-INF/resources/assets/mdx-Cjguuzo_.jssrc/main/resources/META-INF/resources/assets/mdx-CzWNFZ_r.jssrc/main/resources/META-INF/resources/assets/python-BoyG6M2a.jssrc/main/resources/META-INF/resources/assets/python-nn_VEFur.jssrc/main/resources/META-INF/resources/assets/razor-BPd4BWpj.jssrc/main/resources/META-INF/resources/assets/razor-BRw03YNd.jssrc/main/resources/META-INF/resources/assets/tsMode-B9PvQzQZ.jssrc/main/resources/META-INF/resources/assets/tsMode-DcqLl0pR.jssrc/main/resources/META-INF/resources/assets/typescript-D1IyJ0Mn.jssrc/main/resources/META-INF/resources/assets/typescript-G7Eu3Ar3.jssrc/main/resources/META-INF/resources/assets/xml-Dzl_rdxd.jssrc/main/resources/META-INF/resources/assets/xml-Wsqe13ye.jssrc/main/resources/META-INF/resources/assets/yaml-BtJQtdrv.jssrc/main/resources/META-INF/resources/assets/yaml-C5eaV0RI.jssrc/main/resources/META-INF/resources/manage.htmlsrc/main/resources/application.properties
💤 Files with no reviewable changes (32)
- src/main/resources/META-INF/resources/assets/freemarker2-DqDWCtuK.js
- src/main/resources/META-INF/resources/assets/handlebars-u8CdY6Y6.js
- src/main/resources/META-INF/resources/assets/yaml-BtJQtdrv.js
- src/main/resources/META-INF/resources/assets/htmlMode-FnQ1MKvn.js
- src/main/resources/META-INF/resources/assets/freemarker2-Dl3FuCzB.js
- src/main/resources/META-INF/resources/assets/mdx-CzWNFZ_r.js
- src/main/resources/META-INF/resources/assets/lspLanguageFeatures-CjZ9t0R-.js
- src/main/resources/META-INF/resources/assets/python-nn_VEFur.js
- src/main/resources/META-INF/resources/assets/jsonMode-BrbWbOAE.js
- src/main/resources/META-INF/resources/assets/python-BoyG6M2a.js
- src/main/resources/META-INF/resources/assets/razor-BRw03YNd.js
- src/main/resources/META-INF/resources/assets/yaml-C5eaV0RI.js
- src/main/resources/META-INF/resources/assets/typescript-D1IyJ0Mn.js
- src/main/resources/META-INF/resources/assets/liquid-C_tKVlev.js
- src/main/resources/META-INF/resources/assets/liquid-BU54st6I.js
- src/main/resources/META-INF/resources/assets/javascript-CmDShlNU.js
- src/main/resources/META-INF/resources/assets/html-CXIKgM1_.js
- src/main/resources/META-INF/resources/assets/handlebars-B6GL_0Gw.js
- src/main/resources/META-INF/resources/assets/javascript-SxiXgJ1p.js
- src/main/resources/META-INF/resources/assets/typescript-G7Eu3Ar3.js
- src/main/resources/META-INF/resources/assets/mdx-Cjguuzo_.js
- src/main/resources/META-INF/resources/assets/tsMode-B9PvQzQZ.js
- src/main/resources/META-INF/resources/assets/htmlMode-CqKL2ox8.js
- src/main/resources/META-INF/resources/assets/html-z1CojlRt.js
- src/main/resources/META-INF/resources/assets/cssMode-DMPmy9yy.js
- src/main/resources/META-INF/resources/assets/cssMode-CRRdssKx.js
- src/main/resources/META-INF/resources/assets/razor-BPd4BWpj.js
- src/main/resources/META-INF/resources/assets/jsonMode-D3E7SjOF.js
- src/main/resources/META-INF/resources/assets/xml-Dzl_rdxd.js
- src/main/resources/META-INF/resources/assets/tsMode-DcqLl0pR.js
- src/main/resources/META-INF/resources/assets/lspLanguageFeatures-CWMiI3_8.js
- src/main/resources/META-INF/resources/assets/xml-Wsqe13ye.js
| # | ||
| ### | ||
| FROM registry.access.redhat.com/ubi9/openjdk-25-runtime:1.24@sha256:0f4e0418d97fdf5d825b26660f6609ca6760f98ba92a5a31f2208c89270a19d5 | ||
| FROM registry.access.redhat.com/ubi9/openjdk-25-runtime:1.24@sha256:2aed9f3a5fac4def355ac36d5c59c7a3067857da424adaa9c6929ff71310467e |
Contributor
There was a problem hiding this comment.
🔒 Security & Privacy | 🔴 Critical
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
# Verify Red Hat UBI9 OpenJDK 25 base image digest and check for CVEs
IMAGE="registry.access.redhat.com/ubi9/openjdk-25-runtime:1.24@sha256:2aed9f3a5fac4def355ac36d5c59c7a3067857da424adaa9c6929ff71310467e"
echo "=== Verifying digest pulls successfully ==="
docker manifest inspect "${IMAGE}" 2>&1 | head -20
echo ""
echo "=== Checking Red Hat security advisories ==="
# Query Red Hat security data API for UBI9 OpenJDK 25
curl -s "https://access.redhat.com/labs/securitydataapi/cve.json?product=Red%20Hat%20Enterprise%20Linux%209&package=openjdk" | \
jq -r '.[] | select(.severity == "Critical" or .severity == "Important") | "\(.CVE) - \(.severity) - \(.bugzilla_description // "No description")"' | \
head -10
echo ""
echo "=== GitHub Security Advisories check ==="
gh api graphql -f query='
{
securityVulnerabilities(first: 5, ecosystem: MAVEN, package: "openjdk") {
nodes {
advisory {
summary
severity
publishedAt
}
vulnerableVersionRange
}
}
}'Repository: labsai/EDDI
Length of output: 427
🌐 Web query:
UBI9 OpenJDK 25 runtime registry.access.redhat.com ubi9/openjdk-25-runtime:1.24 digest sha256:2aed9f3a5fac4def355ac36d5c59c7a3067857da424adaa9c6929ff71310467e
💡 Result:
The container image registry.access.redhat.com/ubi9/openjdk-25-runtime:1.24 is an official Red Hat Universal Base Image (UBI) 9 runtime image for OpenJDK 25 [1][2][3][4]. Regarding the specific digest you provided (sha256:2aed9f3a5fac4def355ac36d5c59c7a3067857da424adaa9c6929ff71310467e): According to official Red Hat advisory records (such as RHBA-2026:1458), this specific digest does not appear in the lists of confirmed, released container image digests for the ubi9/openjdk-25-runtime image [5]. Official Red Hat container images are periodically updated with new digests as part of regular errata and security patching processes [6][5]. If you are attempting to pull this specific image, it is recommended to verify the tag and digest directly against the Red Hat Ecosystem Catalog to ensure you are using a trusted, supported version [1]. You can inspect the latest digests for this image by using the skopeo or podman command-line tools to query the Red Hat registry [1].
Citations:
- 1: https://catalog.redhat.com/en/software/containers/ubi9/openjdk-25-runtime/69204990c46419100ce30a5b
- 2: https://rh-openjdk.github.io/redhat-openjdk-containers/ubi9-openjdk-containers-1.24/ubi9-openjdk-25-runtime.html
- 3: https://github.com/rh-openjdk/redhat-openjdk-containers/blob/ubi9/ubi9-openjdk-25-runtime.yaml
- 4: https://rh-openjdk.github.io/redhat-openjdk-containers/
- 5: https://access.redhat.com/errata/RHBA-2026:1458
- 6: chore(deps): update registry.access.redhat.com/ubi9/openjdk-25-runtime docker tag to v1.24-2.1781533370 cryostatio/cryostat-reports#580
🌐 Web query:
Red Hat UBI9 OpenJDK 25 runtime CVE vulnerabilities security advisories
💡 Result:
Red Hat provides official Universal Base Image (UBI) 9 container images for OpenJDK 25, including both full JDK and runtime-only variants [1][2][3][4]. These images are available through the Red Hat Ecosystem Catalog and are maintained as part of Red Hat's containerized middleware portfolio [1][2][5]. Security and bug fix updates for these images are issued through Red Hat's standard advisory channels. Because container images are periodically updated to include the latest patches, users are advised to use the most recent image tags and regularly rebuild their dependent applications [6][7][8]. For security-specific information, Red Hat publishes Security Advisories (RHSA) when vulnerabilities are identified and patched within the OpenJDK packages [9][10]. As of June 2026, recent security updates for OpenJDK 25 have addressed multiple vulnerabilities, including issues related to cryptography, TLS handling, and third-party library dependencies (such as libpng and giflib) [9]. Users should monitor the Red Hat Errata and Security Data pages for their specific environment to track new CVEs and available patches [9][10]. Key resources for tracking and managing these updates include: - Red Hat Ecosystem Catalog: The official source for discovering and pulling verified UBI-based OpenJDK images [1][2]. - Red Hat Errata (RHSA/RHBA): The definitive source for security advisories and bug fixes [6][9]. - Red Hat OpenJDK Container Documentation: Provides configuration details and image metadata [5].
Citations:
- 1: https://catalog.redhat.com/en/software/containers/ubi9/openjdk-25/69204893fc0d23c633bf5c29
- 2: https://catalog.redhat.com/en/software/containers/ubi9/openjdk-25-runtime/69204990c46419100ce30a5b
- 3: https://rh-openjdk.github.io/redhat-openjdk-containers/ubi9-openjdk-containers-1.24/ubi9-openjdk-25.html
- 4: https://rh-openjdk.github.io/redhat-openjdk-containers/ubi9-openjdk-containers-1.24/ubi9-openjdk-25-runtime.html
- 5: https://rh-openjdk.github.io/redhat-openjdk-containers/index.html
- 6: https://access.redhat.com/errata/RHBA-2025:23727
- 7: https://access.redhat.com/errata/RHBA-2025:1365
- 8: https://access.redhat.com/errata/RHBA-2025:0669
- 9: https://access.redhat.com/errata/RHSA-2026:9693
- 10: https://access.redhat.com/errata/RHSA-2026:9689
🌐 Web query:
registry.access.redhat.com ubi9/openjdk-25-runtime:1.24 Red Hat official image
💡 Result:
The image registry.access.redhat.com/ubi9/openjdk-25-runtime:1.24 is an official Red Hat container image [1]. It is based on the Red Hat Universal Base Image 9 (UBI9) and is designed to provide a runtime environment for Java applications using OpenJDK 25 [1][2]. Key details about this image: - Purpose: It provides a hardened, enterprise-ready environment specifically for running Java applications (fat-jar and flat classpath) [2]. - Base Layer: The image is built upon the Red Hat UBI9 minimal image [2]. - Maintenance: It is part of the Red Hat OpenJDK container images project, with documentation and source code maintained in the Red Hat OpenJDK GitHub repository [2][3][4]. - Usage: The image is widely recognized in ecosystems such as Quarkus, where it serves as a default base image for containerizing Java applications built with OpenJDK 25 or higher [5]. - Versioning: The 1.24 tag refers to the version of the container image build, and it may receive periodic updates to the underlying packages (represented by longer tag suffixes) [2][6]. You can find the official catalog entry and further documentation through the Red Hat Ecosystem Catalog and the dedicated project documentation pages [1][3].
Citations:
- 1: https://catalog.redhat.com/en/software/containers/ubi9/openjdk-25-runtime/69204990c46419100ce30a5b
- 2: https://github.com/rh-openjdk/redhat-openjdk-containers/blob/ubi9/ubi9-openjdk-25-runtime.yaml
- 3: https://rh-openjdk.github.io/redhat-openjdk-containers/index.html
- 4: https://github.com/rh-openjdk/redhat-openjdk-containers
- 5: https://quarkus.io/guides/container-image
- 6: chore(deps): update registry.access.redhat.com/ubi9/openjdk-25-runtime docker tag to v1.24-2.1781533370 cryostatio/cryostat-reports#580
The specified digest does not exist in official Red Hat records and must be replaced with a valid digest.
The digest sha256:2aed9f3a5fac4def355ac36d5c59c7a3067857da424adaa9c6929ff71310467e for registry.access.redhat.com/ubi9/openjdk-25-runtime:1.24 does not appear in the confirmed, released container image digests according to Red Hat advisory RHBA-2026:1458. Using an unverified or non-existent digest violates OpenSSF supply-chain compliance. Verify the correct digest by querying the Red Hat Ecosystem Catalog directly with skopeo inspect docker://registry.access.redhat.com/ubi9/openjdk-25-runtime:1.24 and update the FROM directive with the official digest.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@src/main/docker/Dockerfile` at line 81, The Docker FROM directive uses an
invalid or unverified digest for the UBI9 OpenJDK 25 runtime image that does not
exist in official Red Hat records. Replace the current digest in the FROM
statement (the sha256 hash following the @ symbol) with the correct and verified
digest by querying the Red Hat Ecosystem Catalog using the skopeo inspect
command as specified in the comment. Ensure the final FROM directive contains
the official validated digest from Red Hat's released container image records.
- OpenApiTagSortFilter: removed stale Javadoc referencing numbered prefixes - RestA2AEndpoint: added method-level @tag for Capability Registry on .well-known/capabilities endpoints - RestToolHistory: added missing @ApplicationScoped CDI annotation - changelog: rewritten to match actual changes (category-based tags, light/dark mode, tag count 40, version 6.1.1, Manager update)
rolandpickl
approved these changes
Jun 23, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Swagger UI Overhaul, Manager Update
Complete Swagger UI redesign with EDDI branding, proper dual-theme support, clean API taxonomy, Manager frontend update, base image bump, and version 6.1.1 across all artifacts.
Swagger UI — API Documentation
Tag Taxonomy
01. Conversations) with category-based names (Conversations / Store,Configuration / LLM,Security / Audit Trail) — 9 top-level groups, 40 tags total@Tagannotations (SmallRye was silently dropping descriptions from@OpenAPIDefinitionwhen interface-level@Taglacked one)OpenApiTagSortFiltersorts tags alphabetically; fixedUnsupportedOperationExceptionon unmodifiable listLight / Dark Mode
style.css(635 lines) with proper dual-theme support — all dark colors scoped underhtml.dark-modeso the lamp toggle creates a visible switchBranding & Accessibility
6.1.1uses amber background with WCAG AAA contrast (10.7:1)original(preventsfeeling-bluefrom overriding custom styles)Manager Frontend
manage.htmlasset references to latest EDDI-Manager build (index-BG966qvF.js,index-CEYc6_5T.css)Infrastructure & Versioning
Version Bump → 6.1.1
pom.xml<version>application.propertiessystemRuntime.projectVersion,info-version,additional-tagsOpenApiConfig.java@Info(version)DockerfileARG EDDI_VERSIONChart.yamlappVersioneddi-deployment.yamlapp.kubernetes.io/version(×2)quickstart.yamlapp.kubernetes.io/version(×2)redhat-certify.ymlDocker Base Image
sha256:0f4e04...→sha256:2aed9f...)Type of Change
Checklist
./mvnw clean verify -DskipITs)Summary by CodeRabbit
New Features
Documentation
Style
Chores