fix: fixed the problem of global search js resource access failure

[zzcr]

PR

PR Checklist

Please check if your PR fulfills the following requirements:

• The commit message follows our Commit Message Guidelines
• Tests for the changes have been added (for bug fixes / features)
• Docs have been added / updated (for bug fixes / features)

PR Type

What kind of change does this PR introduce?

• Bugfix
• Feature
• Code style update (formatting, local variables)
• Refactoring (no functional changes, no api changes)
• Build related changes
• CI related changes
• Documentation content changes
• Other... Please describe:

What is the current behavior?

Issue Number: N/A

What is the new behavior?

Does this PR introduce a breaking change?

• Yes
• No

Other information

Summary by CodeRabbit

• New Features
  • Integrated a new search functionality within the application.
• Bug Fixes
  • Corrected font-weight rendering for b and strong tags.
  • Fixed a syntax error in the .DocSearch-Button class.
• Chores
  • Updated version number in the project configuration.
  • Added new dependencies for search functionality.

[coderabbitai]

Walkthrough

The pull request introduces changes across several files, primarily focusing on the removal and modification of the DocSearch functionality. The index.html file sees the removal of related CSS and JavaScript, making the search box visible. The package.json file is updated to a new version and includes new dependencies for DocSearch. The App.vue file removes logic related to displaying the search box, while main.js adds imports and logic for initializing the search feature. The style.css file undergoes minor formatting improvements and corrections.

Changes

File	Change Summary
examples/sites/index.html	Removed DocSearch CSS link, JavaScript initialization, and made search box visible.
examples/sites/package.json	Updated version from 3.20.2 to 3.20.3, added dependencies for @docsearch/js and @docsearch/css.
examples/sites/src/App.vue	Removed constant envTarget and related logic for displaying the search box.
examples/sites/src/main.js	Added imports for docsearch and its CSS, introduced logic to initialize search based on envTarget.
examples/sites/src/style.css	Defined font-weight for b and strong, improved CSS formatting, and corrected a syntax error.

Suggested labels

bug

🐰 "In the garden where changes bloom,
The search box shines, dispelling gloom.
With styles refined and logic clear,
Our code hops forth, full of cheer!
Dependencies added, the version's new,
A leap of progress, for me and you!" 🐇

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[github-actions]

[e2e-test-warn]
The component to be tested is missing.

The title of the Pull request should look like "fix(vue-renderless): [action-menu, alert] fix xxx bug".

Please make sure you've read our contributing guide

[coderabbitai]

Actionable comments posted: 1

🧹 Outside diff range and nitpick comments (1)

examples/sites/src/main.js (1)

34-35: Consider pinning DocSearch dependency versions

To ensure consistent builds and prevent unexpected breaking changes, consider specifying exact versions for the DocSearch imports.

-import docsearch from '@docsearch/js'
-import '@docsearch/css'
+import docsearch from '@docsearch/[email protected]'
+import '@docsearch/[email protected]'

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between c6a0664 and 5c9fb43.

📒 Files selected for processing (5)

• examples/sites/index.html (1 hunks)
• examples/sites/package.json (2 hunks)
• examples/sites/src/App.vue (0 hunks)
• examples/sites/src/main.js (1 hunks)
• examples/sites/src/style.css (3 hunks)

💤 Files with no reviewable changes (1)

• examples/sites/src/App.vue

✅ Files skipped from review due to trivial changes (1)

• examples/sites/package.json

🧰 Additional context used

🪛 Gitleaks (8.21.2)

examples/sites/src/main.js

46-46: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

🔇 Additional comments (7)

examples/sites/src/style.css (3)

7-8: LGTM: Font weight fix is appropriate.

The explicit font-weight definition correctly addresses the reset.css side effect.

---

26-27: LGTM: Grid cell alignment is properly defined.

The vertical alignment rule follows standard grid styling practices.

---

47-47: LGTM: Fixed missing semicolon in transition property.

The syntax error has been correctly addressed.

examples/sites/index.html (2)

30-30: LGTM! Removal of jsdelivr CDN dependencies.

The change aligns with the PR objective to fix jsdelivr loading errors by moving away from CDN-hosted dependencies.

---

30-30: Verify search box initialization.

The search box div has been added, but its functionality depends on proper initialization from other files.

Let's verify the search initialization code:

✅ Verification successful

Let me gather more information about the search box implementation.

---

Based on the search results, I can now provide a final response:

Search box is properly initialized with DocSearch

The search box initialization is properly handled in examples/sites/src/main.js using DocSearch:

docsearch({
  appId: 'AGPA5UXHMH',
  apiKey: '5fa09fc20270efa61d68e2c2eb0f56df',
  indexName: 'opentiny',
  container: '.search-box',
  debug: false
})

The search box also has proper styling defined in examples/sites/src/style.css for positioning and z-index handling.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify search box initialization in main.js and related files

# Check main.js for search initialization
echo "Checking main.js for search initialization:"
rg -A 5 "search-box" ./src/main.js

# Check for any DocSearch related imports
echo "Checking for DocSearch imports:"
rg "@docsearch" ./src/main.js

# Check if the search-box class is styled
echo "Checking for search-box styles:"
rg "search-box" -g "*.css" -g "*.scss"

Length of output: 587

---

Script:

#!/bin/bash
# Check the content of style.css to understand the search box styling
echo "Checking search box styles in style.css:"
cat examples/sites/src/style.css

# Look for any JavaScript files that might handle search functionality
echo -e "\nLooking for JavaScript files in examples/sites:"
fd -e js examples/sites

# Check for any search-related code in JavaScript files
echo -e "\nChecking for search-related code in JS files:"
rg -i "search" examples/sites --type js -A 5

Length of output: 101035

examples/sites/src/main.js (2)

37-37: LGTM!

Good practice using environment variable with a fallback value.

---

34-51: Verify alignment with PR objectives

The PR is titled "Fix load jsdelivr error" but the changes primarily implement DocSearch integration. Please clarify:

1. How these changes address the jsdelivr loading issue
2. If there are missing changes related to the jsdelivr fix
3. If the PR title/description needs updating to reflect the actual changes

🧰 Tools

🪛 Gitleaks (8.21.2)

46-46: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)

[coderabbitai]

💡 Codebase verification

⚠️ Potential issue

Security: DocSearch credentials require proper configuration

The hardcoded DocSearch credentials should be moved to environment variables. While these are client-side API keys, it's still a best practice to:

1. Create a .env file in examples/sites/ directory
2. Add the following variables:

VITE_DOCSEARCH_APP_ID=AGPA5UXHMH
VITE_DOCSEARCH_API_KEY=5fa09fc20270efa61d68e2c2eb0f56df

3. Update the code as suggested in the diff
4. Add .env to .gitignore if not already present

The Vite configuration already supports environment variables through loadEnv(), so this change aligns with the existing setup.

🔗 Analysis chain

Security: Move API credentials to environment variables

The DocSearch API credentials are currently hardcoded in the source code. While DocSearch's client-side API keys are designed to be public, it's still a security best practice to:

1. Move these credentials to environment variables
2. Document their usage
3. Enable appropriate CORS and rate limiting on the DocSearch application side

Apply this diff to use environment variables:

 if (envTarget === 'open') {
   docsearch({
-    appId: 'AGPA5UXHMH',
-    apiKey: '5fa09fc20270efa61d68e2c2eb0f56df',
+    appId: import.meta.env.VITE_DOCSEARCH_APP_ID,
+    apiKey: import.meta.env.VITE_DOCSEARCH_API_KEY,
     indexName: 'opentiny',
     container: '.search-box',
     debug: false
   })
 }

Also, verify the DocSearch application settings:

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check if the DocSearch application has appropriate CORS settings
# Note: This requires the gh CLI to be authenticated

# Check if there are any existing issues about CORS configuration
gh issue list --search "docsearch cors" --limit 5

# Check if there are any security-related discussions
gh issue list --search "docsearch security" --limit 5

Length of output: 107

---

Script:

#!/bin/bash
# Let's verify if these are indeed Algolia DocSearch credentials and if there's any documentation about their usage

# Check for any environment variable setup in the repository
rg -l "VITE_DOCSEARCH|ALGOLIA|DOCSEARCH" --type env

# Look for any documentation mentioning DocSearch setup
rg -l "docsearch|algolia" --type md

# Check if these credentials are used elsewhere in the codebase
rg "AGPA5UXHMH|5fa09fc20270efa61d68e2c2eb0f56df"

# Look for any existing environment variable usage with DocSearch
rg "import\.meta\.env\.VITE_DOCSEARCH"

Length of output: 382

---

Script:

#!/bin/bash
# Let's check for any existing environment configuration files and documentation about environment setup

# Look for common environment file patterns
fd -e env -e env.example -e env.local -e env.development -e env.production

# Check the changelog for any DocSearch related information
cat examples/sites/demos/pc/webdoc/changelog.md

# Look for any configuration or setup files
fd -e config.js -e config.ts

# Check package.json for Algolia/DocSearch dependencies
fd package.json -x cat {}

Length of output: 68024

---

Script:

#!/bin/bash
# Let's verify if there are any environment variable configurations in the Vite setup

# Check for any Vite config files
fd -e vite.config.js -e vite.config.ts

# Look for any environment files in the examples/sites directory
fd -t f . examples/sites/ -x file {}

# Check if these credentials are used in any configuration files
rg -C 3 "VITE_DOCSEARCH" --type js --type ts --type json

Length of output: 65565

---

Script:

#!/bin/bash
# Let's check for environment files and configuration in a simpler way

# Look for .env files
ls -la examples/sites/.env* 2>/dev/null

# Check the Vite config file directly
cat examples/sites/vite.config.js 2>/dev/null
cat examples/sites/vite.config.ts 2>/dev/null

# Look for any documentation about environment setup
rg -l "VITE_DOCSEARCH|environment variable" --type md

Length of output: 5266

🧰 Tools

🪛 Gitleaks (8.21.2)

46-46: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)