Staging-->Main

.dockerignore

@@ -0,0 +1,13 @@
+.venv
+node_modules
+dist
+.git
+.github
+*.md
+!README.md
+__pycache__
+*.pyc
+.env
+.env.*
+e2e
+tests

.env.example

@@ -42,29 +42,61 @@ FALKORDB_URL=redis://localhost:6379/0  # REQUIRED - change to your FalkorDB URL
 # FALKORDB_PORT=6379
 
 # -----------------------------
-# Optional API / secret tokens
+# API / secret tokens
 # -----------------------------
-# API token for internal API access (optional)
-# SECRET_TOKEN=your_secret_token
+# Optional: static bearer token for internal / programmatic API access.
+# When set, this token is accepted as a "master" API key.
+# When unset, only user-generated tokens are accepted.
 # SECRET_TOKEN_ERP=your_erp_token
 
 # -----------------------------
 # AI / LLM configuration (optional)
 # -----------------------------
-# The default is to use Azure OpenAI if all three variables are set.
-# If the OPENAI_API_KEY is set, it will use OpenAI directly.
+# QueryWeaver supports multiple AI providers. Set ONE of the following API keys.
+# Provider selection precedence (first match wins):
+# OLLAMA_MODEL > OPENAI_API_KEY > GEMINI_API_KEY > ANTHROPIC_API_KEY > COHERE_API_KEY > Azure (fallback)
+#
+# Optional: Override the default models (both must be from the SAME provider):
+# COMPLETION_MODEL=provider/model-name
+# EMBEDDING_MODEL=provider/model-name
+#
+# IMPORTANT: The provider must match your API key. If you set gemini/* models,
+# you must have GEMINI_API_KEY set. Mismatched overrides may cause runtime errors.
+#
+# Examples (using Gemini - requires GEMINI_API_KEY):
+#   COMPLETION_MODEL=gemini/gemini-3-pro-preview
+#   EMBEDDING_MODEL=gemini/gemini-embedding-001
 
-# Azure OpenAI (example)
-# AZURE_API_KEY=your_azure_api_key
-# AZURE_API_BASE=https://your-resource.openai.azure.com/
-# AZURE_API_VERSION=2023-05-15
+# Examples (using OpenAI - requires OPENAI_API_KEY):
+#   COMPLETION_MODEL=openai/gpt-4.1
+#   EMBEDDING_MODEL=openai/text-embedding-ada-002
 
-# OpenAI (example)
+# OpenAI - uses openai/gpt-4.1 and openai/text-embedding-ada-002
 # OPENAI_API_KEY=your_openai_api_key
 
-# Optional: override default model names from api/config.py
-# COMPLETION_MODEL=azure/gpt-4.1
-# EMBEDDING_MODEL=azure/text-embedding-ada-002
+# Google Gemini - uses gemini/gemini-3-pro-preview and gemini/gemini-embedding-001
+# GEMINI_API_KEY=your_gemini_api_key
+
+# Anthropic - uses anthropic/claude-sonnet-4-5-20250929
+# Note: Anthropic has no native embeddings. You MUST also set one of:
+#   VOYAGE_API_KEY or EMBEDDING_MODEL for embeddings (startup fails otherwise).
+# ANTHROPIC_API_KEY=your_anthropic_api_key
+# VOYAGE_API_KEY=your_voyage_api_key  # Optional: for Voyage AI embeddings with Anthropic
+
+# Cohere - uses cohere/command-a-03-2025 and cohere/embed-v4.0
+# COHERE_API_KEY=your_cohere_api_key
+# COHERE_MODEL=command-a-03-2025
+# COHERE_EMBEDDING_MODEL=embed-v4.0
+
+# Local open-source model via Ollama (through LiteLLM)
+# OLLAMA_MODEL=llama3.1
+# OLLAMA_EMBEDDING_MODEL=nomic-embed-text
+# OLLAMA_API_BASE=http://localhost:11434
+
+# Azure OpenAI (default fallback) - uses azure/gpt-4.1 and azure/text-embedding-ada-002
+# AZURE_API_KEY=your_azure_api_key
+# AZURE_API_BASE=https://your-resource.openai.azure.com/
+# AZURE_API_VERSION=2023-05-15
 
 # -----------------------------
 # OAuth configuration (optional — uncomment to enable login flows)

.github/copilot-instructions.md

@@ -10,7 +10,7 @@ QueryWeaver is an open-source Text2SQL tool that transforms natural language int
 - **Backend**: Python 3.12+, FastAPI 0.115.0+, FalkorDB (Redis-based graph database)
 - **AI/ML**: LiteLLM with Azure OpenAI/OpenAI integration for text-to-SQL generation
 - **Testing**: pytest for unit tests, Playwright for E2E testing
-- **Dependencies**: pipenv for package management
+- **Dependencies**: uv for package management
 - **Authentication**: authlib with Google/GitHub OAuth
 - **Deployment**: Docker support, Vercel configuration
 
@@ -22,8 +22,9 @@ Follow this order for a reliable local setup; if you customize the steps, ensure
 
 ### 1. Initial Setup (recommended for new contributors)
 ```bash
-# Install pipenv if not available
-pip install pipenv
+# Install uv if not available
+pip install uv
+# or visit https://docs.astral.sh/uv/getting-started/installation/
 
 # Install dependencies (backend + frontend) and prepare dev tools
 # Recommended: use the Make helper which installs Python deps and frontend deps
@@ -34,9 +35,9 @@ make install
 make setup-dev
 
 # OR manual steps if you prefer more granular control:
-# pipenv sync --dev
-# pipenv run playwright install chromium
-# pipenv run playwright install-deps
+# uv sync
+# uv run playwright install chromium
+# uv run playwright install-deps
 
 # Set up environment file
 cp .env.example .env
@@ -51,9 +52,9 @@ Note: This project includes a TypeScript frontend in `app/` that must be built b
 make setup-dev
 
 # OR manual steps:
-pipenv sync --dev
-pipenv run playwright install chromium
-pipenv run playwright install-deps
+uv sync
+uv run playwright install chromium
+uv run playwright install-deps
 ```
 
 ### 3. Testing Commands
@@ -82,19 +83,19 @@ make docker-stop
 ```bash
 # Run pylint (can be run without FalkorDB)
 make lint
-# OR manually: pipenv run pylint $(git ls-files '*.py')
+# OR manually: uv run pylint $(git ls-files '*.py')
 ```
 
 ### 5. Running the Application
 
 ```bash
 # Development server with debug mode
 make run-dev
-# OR manually: pipenv run uvicorn api.index:app --host "localhost" --port "5000" --reload
+# OR manually: uv run uvicorn api.index:app --host "localhost" --port "5000" --reload
 
 # Production mode
 make run-prod
-# OR manually: pipenv run uvicorn api.index:app --host "localhost" --port "5000"
+# OR manually: uv run uvicorn api.index:app --host "localhost" --port "5000"
 ```
 
 Important: If you're preparing a production deployment or have changed frontend code, run `make build-prod` (or `make build-dev` for a development build) first to produce the static bundle used by the app.
@@ -183,8 +184,8 @@ make docker-falkordb
 **Error**: E2E tests fail with browser not found
 **Solution**:
 ```bash
-pipenv run playwright install chromium
-pipenv run playwright install-deps
+uv run playwright install chromium
+uv run playwright install-deps
 ```
 
 ### 3. Missing Environment File
@@ -197,10 +198,10 @@ cp .env.example .env
 
 ### 4. Import Errors During Testing
 **Error**: Module import failures in tests
-**Solution**: Ensure you're using pipenv and dependencies are installed:
+**Solution**: Ensure you're using uv and dependencies are installed:
 ```bash
-pipenv sync --dev
-pipenv run pytest tests/ -k "not e2e"
+uv sync
+uv run python -m pytest tests/ -k "not e2e"
 ```
 
 ### 5. Port Conflicts
@@ -242,7 +243,7 @@ tests/
 ```
 
 ### Configuration Files
-- `Pipfile` & `Pipfile.lock`: Python dependencies
+- `pyproject.toml` & `uv.lock`: Python dependencies
 - `pytest.ini`: Test configuration with custom markers
 - `Makefile`: Build and development commands
 - `.env.example`: Environment variable template
@@ -268,7 +269,7 @@ The repository has comprehensive CI/CD in `.github/workflows/`:
 
 2. **pylint.yml**: Code quality checks
    - Runs on every push
-   - Uses same Python/pipenv setup
+   - Uses same Python/uv setup
 
 3. **e2e-tests.yml**: Dedicated E2E testing
    - Separate workflow for E2E tests
@@ -281,8 +282,8 @@ The repository has comprehensive CI/CD in `.github/workflows/`:
 All workflows follow this pattern:
 ```yaml
 - Python 3.12 setup
-- pipenv installation
-- pipenv sync --dev
+- uv installation
+- uv sync
 - .env file creation with test values (use FALKORDB_URL in CI)
 - FalkorDB service startup (for tests requiring DB)
 - Playwright browser installation (for E2E tests)

.github/dependabot.yml

@@ -10,7 +10,7 @@ updates:
     target-branch: "staging"
     schedule:
       interval: "weekly"
-  - package-ecosystem: "pip"
+  - package-ecosystem: "uv"
     directory: "/"
     target-branch: "staging"
     schedule:

.github/wordlist.txt

@@ -1,13 +1,16 @@
 QueryWeaver
 FalkorDB
 OAuth
+DDL
+DML
 AGPL
 Affero
 nullability
 schemas
 psycopg
 html
 PostgreSQLLoader
+PostgresLoader
 api
 postgres
 postgresql
@@ -30,8 +33,8 @@ Nullability
 endcapture
 CVSS
 falkordb
-pipenv
-Pipenv
+uv
+pyproject
 README
 md
 UI
@@ -71,9 +74,13 @@ namespace
 namespaced
 
 CSRF
+Anthropic
+Cohere
 LLM
+Ollama
 OpenAI
 OpenAI's
+DockerHub
 Dockerhub
 FDE
 github
@@ -95,4 +102,22 @@ Sanitization
 JOINs
 subqueries
 subquery
-TTL
+TTL
+
+config
+docstring
+dotenv
+ESLint
+GraphNotFoundError
+HSTS
+init
+InternalError
+InvalidArgumentError
+Middleware
+monorepo
+PRs
+pylint
+pytest
+Radix
+Zod
+Dependabot

.github/workflows/dependency-review.yml

@@ -29,12 +29,9 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: 'Checkout repository'
-        uses: actions/checkout@v6
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
       - name: 'Dependency Review'
-        uses: actions/dependency-review-action@v4
+        uses: actions/dependency-review-action@2031cfc080254a8a887f58cffee85186f0e49e48 # v4
         # Commonly enabled options, see https://github.com/actions/dependency-review-action#configuration-options for all available options.
         with:
           comment-summary-in-pr: always
-        #   fail-on-severity: moderate
-        #   deny-licenses: GPL-1.0-or-later, LGPL-2.0-or-later
-        #   retry-on-snapshot-warnings: true