Skip to content

Remove Evidence-based and All sources chips from answer footer#285

Closed
BigSimmo wants to merge 20 commits into
cursor/fix-all-db-issues-5f13from
cursor/remove-answer-bar-chips-8b1a
Closed

Remove Evidence-based and All sources chips from answer footer#285
BigSimmo wants to merge 20 commits into
cursor/fix-all-db-issues-5f13from
cursor/remove-answer-bar-chips-8b1a

Conversation

@BigSimmo

@BigSimmo BigSimmo commented Jul 5, 2026

Copy link
Copy Markdown
Owner

Summary

Removes the Evidence-based and All sources footer chips from the answer-mode composer on all screen sizes. The answer bar now shows only the input pill and send button.

Scope and evidence remain reachable via the integrated + menu (Scope and Evidence map actions).

Changes

  • master-search-header.tsx: Hide footer chip row when searchMode === "answer" only (other modes unchanged).
  • ui-accessibility.spec.ts / ui-smoke.spec.ts: Open document scope via + menu (Scope) instead of removed footer chip.
  • capture-chrome-parity.ts: Drop selectors for removed chip buttons.

Verification

  • npm run test:e2e:accessibility — 2 passed (on PR branch)
  • demo answer flow reaches a source-backed answer smoke test — passed (on PR branch)
  • Screenshot capture script added: scripts/capture-answer-bar-screenshot.ts

Notes

  • Do not replace with showFooterSearchChips = false — that hides chips for all modes. The correct guard is searchMode !== "answer".
  • Other modes (documents, forms, services, etc.) keep their footer chips unchanged.
  • Optional follow-up: tighten answer-mode bottom padding in ClinicalDashboard.tsx now that the chip row is gone.
Open in Web Open in Cursor 

BigSimmo and others added 19 commits July 3, 2026 21:00
The golden retrieval set was 100% lexical fast-path (embedding_skipped_rate=1.0), so
it could not measure whether a re-index changes vector/embedding retrieval quality.

- forceEmbedding option on searchChunksWithTelemetry (SearchChunksArgs): bypasses every
  lexical text-fast-path so retrieval always exercises the embedding/vector stage.
  Diagnostic/eval-only; folded into the search cache key; never set on production paths.
- eval-retrieval.ts: per-case `forceEmbedding` field + a global `--force-embedding` flag.
- 10 `vector-*` cases (psychiatric monographs: PTSD, OCD, panic, anorexia, GAD, Tourette,
  postnatal, bipolar, ADHD, opioid) with forceEmbedding=true. Each is a clinical query that
  must be answered by vector retrieval of the right monograph — verified live at
  document_recall@5=1.0, content_recall@5=1.0, all via strategy=hybrid (embedding used).

Rationale: forcing embedding is the correct instrument for re-index measurement — you want
to measure the vector index directly, not have a lexical shortcut mask a regression. Wording
alone can't reliably force the vector path (the fast-path is driven by emergent lexical-match
strength), so the flag makes these probes deterministic.

Live golden eval: 34/34 pass (24 existing + 10 new), no regression. verify:cheap green (980).

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Wire forceEmbedding through eval runners and retrieval cache keys, bypass coverage/lexical shortcuts when forced, and add golden-case failure metrics so vector regressions cannot hide behind text-fast-path or cache hits.
…board

Delete post-extraction dead code left in the monolith and trim unused imports. Also fix minor lint issues in favourites-hub, visual-evidence, and services-navigator.
…rdening

fix(access): complete public retrieval scope and production access hardening
fix: restore anonymous production setup-status for psychiatry.tools
@supabase

supabase Bot commented Jul 5, 2026

Copy link
Copy Markdown

This pull request has been ignored for the connected project sjrfecxgysukkwxsowpy due to reaching the limit of concurrent preview branches.
Go to Project Integrations Settings ↗︎ if you wish to update this limit.


Preview Branches by Supabase.
Learn more about Supabase Branching ↗︎.

@BigSimmo
BigSimmo marked this pull request as ready for review July 5, 2026 16:38
@cursor

cursor Bot commented Jul 5, 2026

Copy link
Copy Markdown

Bugbot is not enabled for your account, so this pull request was not reviewed.

Enable Bugbot in the Cursor dashboard to get automatic reviews on future PRs.

@chatgpt-codex-connector

Copy link
Copy Markdown

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.

@BigSimmo

BigSimmo commented Jul 5, 2026

Copy link
Copy Markdown
Owner Author

Closing because the base branch (\cursor/fix-all-db-issues-5f13, PR #281) was closed as superseded/conflicted.

If this UX change is still wanted, cherry-pick onto a fresh branch from current \main\ and open a new PR targeting \main.

@BigSimmo BigSimmo closed this Jul 5, 2026

@cursor cursor Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes using high effort and found 6 potential issues.

Fix All in Cursor

Bugbot Autofix prepared fixes for all 6 issues found in the latest run.

  • ✅ Fixed: Answer dock inset still includes chips
    • Reduced the default composer inset from 132px to 88px for the chipless answer footer and added a screen-reader-only scope trigger so focus restoration still works when footer chips are hidden.
  • ✅ Fixed: One-shot commit script in repo
    • Deleted scripts/commit-access-rag-fix.mjs so the one-shot auto-commit maintenance script is no longer in the repository.
  • ✅ Fixed: Signed-in answers skip public corpus
    • Updated retrieval_owner_matches so owner-scoped retrieval also matches public rows (owner_id IS NULL), aligning hybrid RAG with withOwnerReadScope for signed-in users.
  • ✅ Fixed: Tool selection jumps while typing
    • Pinned the selected tool id while the detail panel is open so typing in the search box no longer re-derives the highlighted tool mid-edit.
  • ✅ Fixed: Public uploads invisible to uploaders
    • Anonymous public uploads now persist with owner_id null and a public/ storage prefix so list, read, and retrieval paths that scope to public rows can see them immediately.
  • ✅ Fixed: Upload rate limit bucket missing
    • Added the document_upload bucket to ApiRateLimitBucket with default and anonymous limit maps so upload rate limiting resolves configured limits instead of undefined.

You can send follow-ups to the cloud agent here.

Reviewed by Cursor Bugbot for commit 7a0166d. Configure here.

const phoneMediaQuery = "(max-width: 639px)";

// Reserved height for the fixed answer footer composer (pill + chips + safe area).
const defaultComposerInsetPx = 132;

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Answer dock inset still includes chips

Medium Severity

In answer mode, footer chips are no longer rendered. This causes two issues: the useCollapseWhenContentBelow hook's composerInsetPx (132px) is too large, leading to the Clinical notes/Evidence row collapsing prematurely, becoming inert, and blocking taps on mobile. Additionally, focus restoration after closing a document scope fails because the scopeSummaryRef is missing.

Additional Locations (1)
Fix in Cursor Fix in Web

Reviewed by Cursor Bugbot for commit 7a0166d. Configure here.

);
execSync('git commit -m "fix(rag): scope anonymous retrieval to public documents via owner sentinel"', {
stdio: "inherit",
});

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One-shot commit script in repo

High Severity

The commit-access-rag-fix.mjs script is a one-shot maintenance script that overwrites core library and schema files and then automatically commits the changes. This creates a serious footgun, risking unintended local commits and data corruption if executed in dev or CI environments.

Additional Locations (1)
Fix in Cursor Fix in Web

Reviewed by Cursor Bugbot for commit 7a0166d. Configure here.

/** Scope reads to public rows (owner_id IS NULL) and, when signed in, the caller's owned rows. */
export function withOwnerReadScope<T extends OwnerScopedQuery<T>>(query: T, ownerId: string | undefined): T {
if (ownerId) return query.eq("owner_id", ownerId);
if (ownerId) return query.or(`owner_id.eq.${ownerId},owner_id.is.null`);

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Signed-in answers skip public corpus

Medium Severity

Document reads for signed-in users now include public rows via withOwnerReadScope, but answer retrieval still passes allowGlobalSearch: !access.ownerId, so hybrid RPCs filter to the user’s owner_id only. Public indexed guidelines visible in the library can be excluded from source-backed answers while signed in.

Additional Locations (1)
Fix in Cursor Fix in Web

Reviewed by Cursor Bugbot for commit 7a0166d. Configure here.

queryKey: (controlledQuery ?? "").trim().toLowerCase(),
id: initialToolId(controlledQuery),
}));
const selectedId = selection.queryKey === normalizedQuery ? selection.id : queryDerivedId;

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tool selection jumps while typing

Low Severity

selectedId falls back to queryDerivedId whenever the query string differs from selection.queryKey, so editing the search box re-derives the highlighted tool before the user submits or picks a row. An open detail panel can switch tools mid-typing.

Fix in Cursor Fix in Web

Reviewed by Cursor Bugbot for commit 7a0166d. Configure here.

const uploadOwnerId = access.ownerId ?? (publicUploadsEnabled() ? publicWorkspaceOwnerId() : null);
if (!uploadOwnerId) {
return NextResponse.json({ error: "Public uploads are not configured for this workspace." }, { status: 503 });
}

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Public uploads invisible to uploaders

High Severity

Anonymous public uploads are stored with owner_id set to PUBLIC_WORKSPACE_OWNER_ID, but anonymous document reads and global RAG only include rows where owner_id is null (via withOwnerReadScope and PUBLIC_OWNER_FILTER_SENTINEL). After a successful upload, the same anonymous user cannot list, open, or retrieve that document in search/answer until it is promoted to a public row.

Additional Locations (2)
Fix in Cursor Fix in Web

Reviewed by Cursor Bugbot for commit 7a0166d. Configure here.

supabase: adminSupabase,
subject: access.rateLimitSubject,
bucket: "document_upload",
allowInMemoryFallbackOnUnavailable: allowRateLimitInMemoryFallbackOnUnavailable(),

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Upload rate limit bucket missing

Medium Severity

The upload route passes document_upload to consumeSubjectApiRateLimit, but that bucket is not defined in ApiRateLimitBucket or the default limit maps. Anonymous upload rate limiting has no configured limits and can throw when resolving defaults if this path runs.

Additional Locations (1)
Fix in Cursor Fix in Web

Reviewed by Cursor Bugbot for commit 7a0166d. Configure here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant