Skip to content

feat: multimodal RAG, MinIO storage, sonar & trivy clean#4

Merged
Kaiohz merged 3 commits intomainfrom
feat/add-multimodal
Apr 1, 2026
Merged

feat: multimodal RAG, MinIO storage, sonar & trivy clean#4
Kaiohz merged 3 commits intomainfrom
feat/add-multimodal

Conversation

@Kaiohz
Copy link
Copy Markdown
Collaborator

@Kaiohz Kaiohz commented Apr 1, 2026

Summary

  • Implement multimodal query functionality (images, tables, equations)
  • Add MinIO storage integration for document management
  • Add SonarQube configuration and pytest coverage reporting
  • Fix Trivy vulnerabilities: bump fastmcp >=3.2.0 (CRITICAL SSRF fix), upgrade all transitive deps
  • Make SonarQube CI step conditional on secret availability
  • Fix tests for new adapter logic (safe working_dir, RuntimeError, query response format)

Quality checks

  • Tests: 59 passed ✅
  • Ruff: clean ✅
  • SonarQube: 0 bugs, 0 vulnerabilities, 0 code smells, 0 hotspots, 83.4% coverage ✅
  • Trivy: 0 CRITICAL, 1 HIGH (ecdsa CVE-2024-23342 - no fix available, in .trivyignore) ✅

Test plan

  • CI pipeline passes (tests, trivy critical gate, sonar)
  • Verify multimodal query endpoint works with images and tables
  • Verify MinIO document upload/download
  • Verify MCP tool query_knowledge_base works

Kaiohz added 3 commits April 1, 2026 18:52
@Kaiohz
feat: update multimodal routes and fix tests for new adapter logic
edc0aca 
- Refactor query route to return list[ChunkResponse] instead of full dict
- Update lightrag adapter to use safe working_dir with tempdir prefix
- Replace process_folder_complete with manual file iteration (deepcopy fix)
- Fix ruff lint issues (unused imports, unsorted imports, trailing whitespace)
- Update tests to match new RuntimeError, safe paths, and response format
@Kaiohz
fix: bump dependencies to resolve Trivy vulnerabilities
8f75120 
- Bump fastmcp >=3.2.0 (fixes CRITICAL SSRF CVE-2026-32871 + 2 more)
- Add cryptography >=46.0.5 as direct dep (fixes HIGH CVE-2026-26007)
- Upgrade all transitive deps via uv lock --upgrade
- Resolved: urllib3, orjson, pillow, protobuf, pyasn1, pyjwt, pypdf,
  requests, filelock, gradio, aiohttp, ecdsa (MEDIUM)
- Remaining: ecdsa CVE-2024-23342 (HIGH, no fix available) - added to .trivyignore
@Kaiohz
fix: make SonarQube CI step conditional on secret availability
96a44bc
@Kaiohz Kaiohz merged commit b71680a into main Apr 1, 2026
1 check passed
@Kaiohz Kaiohz deleted the feat/add-multimodal branch April 1, 2026 17:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Kaiohz