Feat/resilience UI i18n model cooldown - [deferred to v4.0.0-rc1]

[rafacpti23]

Summary

• Describe the user-facing or operational change.

Related Issues

• Closes #
• Related to #

Validation

• npm run lint
• npm run test:unit
• npm run test:coverage
• Coverage is still >= 60% for statements, lines, functions, and branches
• SonarQube PR analysis is green or any remaining issues are explicitly documented below

Tests Added Or Updated

• List every changed or added automated test file.
• If no production code changed, state that here.

Coverage Notes

• If this PR changes src/, open-sse/, electron/, or bin/, explain which tests cover the change.
• If coverage moved down in any touched file, explain why and what follow-up task will recover it.

Reviewer Notes

• Call out any risky areas, migrations, feature flags, or manual validation that reviewers should know about.

---

⏳ Deferred to v4.0.0-rc1 — This PR will be integrated in the v4.0.0 release cycle due to its scope and architectural impact.

[gemini-code-assist]

Code Review

This pull request introduces a major expansion of the platform under the 'Easy IA' branding, adding a customer-facing landing site and portal, a SaaS management dashboard for plans and customers, and Qdrant integration for semantic memory. Feedback highlights critical security risks including insecure JWT secret fallbacks, hardcoded secrets, and missing API prefixes in the middleware matcher that could lead to broken access control. Further improvements are required for internationalization of error messages, cookie security, and replacing synchronous hashing with asynchronous methods to prevent event loop blocking.

[gemini-code-assist]

Using an empty string as a fallback for JWT_SECRET is a critical security risk. If the environment variable is missing, the application will use a predictable secret, allowing anyone to forge valid management tokens. The application should throw an error if the secret is not configured.

function getJwtSecret(): Uint8Array {
  const secret = process.env.JWT_SECRET;
  if (!secret) throw new Error("JWT_SECRET is not configured");
  return new TextEncoder().encode(secret);
}

[gemini-code-assist]

The new middleware matcher is missing several critical API prefixes that were present in the previous version, such as /v1, /chat, /responses, /codex, and /models. Since these routes are often used as entry points (and then rewritten to /api/v1/...), excluding them from the matcher will cause requests to these endpoints to bypass middleware logic, including request ID generation, graceful shutdown checks, and body size limits.

Suggested change

	matcher: ["/", "/adm/:path*", "/dashboard/:path*", "/api/:path*"],
	matcher: ["/", "/adm/:path*", "/dashboard/:path*", "/api/:path*", "/v1/:path*", "/v1", "/chat/:path*", "/responses/:path*", "/responses", "/codex/:path*", "/codex", "/models"],

[gemini-code-assist]

The session cookie is configured with secure: false. This allows the cookie to be transmitted over unencrypted HTTP connections, making it vulnerable to interception. It should be set to true in production environments.

Suggested change

	sameSite: "lax",
	secure: process.env.NODE_ENV === "production",

[gemini-code-assist]

Hardcoding a fallback secret for JWT signing (easyia-local-portal-secret-change-me) is insecure. If the SITE_PORTAL_SECRET environment variable is missing, the application will use this known string, allowing attackers to forge portal session tokens. The application should require a secret from the environment.

[gemini-code-assist]

The request parameter is typed as any. Using a specific type like NextRequest from next/server would provide better type safety and IDE support.

Suggested change

	export async function proxy(request: any) {
	export async function proxy(request: import("next/server").NextRequest) {

[gemini-code-assist]

The normalizeUserFacingErrorMessage function uses hardcoded Portuguese strings for error messages. As the project supports multiple languages and uses an i18n system (next-intl), these messages should be externalized to the locale JSON files to ensure that users see errors in their preferred language.

[gemini-code-assist]

Using bcrypt.hashSync in an asynchronous route handler blocks the event loop, which can lead to performance bottlenecks. It is better to use the asynchronous bcrypt.hash method.

[gemini-code-assist]

Using bcrypt.hashSync in an asynchronous route handler blocks the event loop. It is recommended to use the asynchronous bcrypt.hash method instead.

[diegosouzapw]

Hey @rafacpti23, thanks for this contribution! 🚀

We really appreciate the work you've put into these features — the SaaS module, Qdrant integration, model cooldowns, and resilience improvements are all excellent additions.

However, given the scope of the changes (~28K+ lines, 100 files), this PR is better suited for the next major release cycle. We don't want to rush such a large feature set into v3.8.0 where it could introduce regressions.

Plan: This PR will be deferred to v4.0.0-rc1, where we'll have a dedicated integration window for these features. We'll keep this PR open and track it for the v4.0.0 milestone.

In the meantime, the model cooldown feature (PR #2146) has been extracted as a focused PR and will be integrated into v3.8.0 separately.

Thanks again for the amazing work! 🙌

[diegosouzapw]

Thank you for this contribution! After review, this PR has been deferred to the v4.0.0-rc1 milestone as it introduces architectural changes that are better suited for the next major release. We'll revisit it there. We appreciate your work and will keep this open.

[diegosouzapw]

Thank you @rafacpti23! Deferred to v4.0.0-rc1 alongside #2143 and #2144 for the full resilience UI + i18n integration. Will be merged with full credit when that cycle opens.