fix the filter issue in find project filter sidebar

[Mohan1203]

Issues

This PR resolves the radio button selection conflict between filters.

Fixes #184

Summary by CodeRabbit

• Bug Fixes

  • Improved filter handling with enhanced identifier generation to ensure stability and prevent conflicts when similar filter values exist across different filter types.

• Chores

  • Added Docker Compose configuration file featuring PostgreSQL database and API services, enabling streamlined setup for local development and testing.

[vercel]

Someone is attempting to deploy a commit to the AJEET PRATAP SINGH's projects Team on Vercel.

A member of the Team first needs to authorize it.

[coderabbitai]

Walkthrough

The pull request addresses a filter label selection bug by generating unique composite IDs for filter options and adds a Docker Compose configuration file defining PostgreSQL and API services for local development.

Changes

Cohort / File(s)	Summary
Filter Component Fix apps/web/src/components/ui/Filter.tsx	Modified filter row rendering to generate unique composite inputIds (${filterName}-${filter}) and apply them to RadioGroupItem id and Label htmlFor attributes, ensuring labels correctly associate with their intended radio buttons.
Docker Infrastructure Setup docker-compose.yml	Added new Docker Compose v3.8 configuration defining two services: postgres (image 15, port 5432, volume for data persistence) and api (builds from current context, port 4000, depends on postgres service).

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

• The Filter component change is a targeted, localized fix addressing ID uniqueness without altering event handling or UI presentation
• Docker Compose file is straightforward declarative configuration with standard PostgreSQL and API service definitions

Poem

🐰 A rabbit hops through filters bright,
With IDs unique, now labeled right!
No more confusion, each button knows,
Which filter controls where each label goes. ✨
And Docker spins up with postgres in tow,
Local dev's ready to build and to grow!

Pre-merge checks and finishing touches

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Out of Scope Changes check	⚠️ Warning	The docker-compose.yml addition is out of scope; the PR objectives and linked issue focus on fixing filter selection behavior, not adding Docker infrastructure files.	Remove docker-compose.yml or move it to a separate infrastructure setup PR to keep this PR focused on the filter bug fix.
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly relates to the main change: fixing filter selection behavior in the Find Projects sidebar filter component.
Linked Issues check	✅ Passed	The Filter.tsx changes directly address issue #184 by ensuring unique inputIds for filter items, preventing label-to-radio-button misalignment that caused Competition labels to select Popularity options.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

Tip

📝 Customizable high-level summaries are now available in beta!

You can now customize how CodeRabbit generates the high-level summary in your pull requests — including its content, structure, tone, and formatting.

• Provide your own instructions using the high_level_summary_instructions setting.
• Format the summary however you like (bullet lists, tables, contributor stats, etc.).
• Use high_level_summary_in_walkthrough to move the summary from the description to the walkthrough section.

Example:

"Create a concise high-level summary as a bullet-point list. Then include a Markdown table showing lines added and removed by each contributing author."

Note: This feature is currently in beta for Pro-tier users, and pricing will be announced later.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[cla-assistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.

---

Mohan Dhila seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (2)

docker-compose.yml (2)

22-22: Consider using development for NODE_ENV in docker-compose.

Docker Compose is typically used for local development environments. Setting NODE_ENV: production may disable helpful development features like verbose error messages and hot-reloading.

-      NODE_ENV: production
+      NODE_ENV: ${NODE_ENV:-development}

---

23-24: Add health check to ensure database readiness.

The depends_on directive only ensures the postgres container starts before the api container, but doesn't wait for PostgreSQL to be ready to accept connections. This can cause the API to fail on startup.

    depends_on:
-      - postgres
+      postgres:
+        condition: service_healthy

Also add a health check to the postgres service:

  postgres:
    image: postgres:15
    environment:
      POSTGRES_USER: ${POSTGRES_USER:-opensox}
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-opensox}
      POSTGRES_DB: ${POSTGRES_DB:-opensox}
    ports:
      - "5432:5432"
    volumes:
      - postgres_data:/var/lib/postgresql/data
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U opensox"]
+      interval: 5s
+      timeout: 5s
+      retries: 5

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 97e699a and 265df9a.

📒 Files selected for processing (2)

• apps/web/src/components/ui/Filter.tsx (1 hunks)
• docker-compose.yml (1 hunks)

🧰 Additional context used

🧬 Code graph analysis (1)

apps/web/src/components/ui/Filter.tsx (2)

apps/web/src/components/ui/radio-group.tsx (1)

• RadioGroupItem (44-44)

apps/web/src/components/ui/label.tsx (1)

• Label (26-26)

🪛 Checkov (3.2.334)

docker-compose.yml

[medium] 19-20: Basic Auth Credentials

(CKV_SECRET_4)

🔇 Additional comments (2)

apps/web/src/components/ui/Filter.tsx (1)

39-59: Excellent fix for the radio button selection bug!

The implementation correctly addresses the issue by generating unique inputId values combining filterName and filter (e.g., "Popularity-Most Stars" vs "Competition-Most Stars"). This prevents ID collisions between filter groups that were causing labels in one group to inadvertently target radio buttons in another group.

The fix ensures:

• Unique IDs for each filter option across all filter groups
• Proper htmlFor attribute linking labels to their corresponding radio buttons
• Stable keys for React rendering

docker-compose.yml (1)

1-27: Clarify the connection between Docker Compose and the filter bug fix.

This Docker Compose configuration appears unrelated to the filter sidebar bug fix described in the PR objectives (issue #184). The PR is focused on fixing a UI radio button selection issue, not adding Docker infrastructure.

Could you clarify why the Docker Compose configuration is included in this PR? Consider:

• Moving it to a separate PR if it's unrelated infrastructure setup
• Updating the PR description to explain the connection if these changes are related

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Security: Hardcoded database credentials.

The hardcoded credentials (opensox/opensox) are acceptable for local development but should never be used in production environments.

Consider documenting that these are development-only credentials or using environment variables for better flexibility:

    environment:
-      POSTGRES_USER: opensox
-      POSTGRES_PASSWORD: opensox
-      POSTGRES_DB: opensox
+      POSTGRES_USER: ${POSTGRES_USER:-opensox}
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-opensox}
+      POSTGRES_DB: ${POSTGRES_DB:-opensox}

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	POSTGRES_USER: opensox
	POSTGRES_PASSWORD: opensox
	POSTGRES_DB: opensox
	environment:
	POSTGRES_USER: ${POSTGRES_USER:-opensox}
	POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-opensox}
	POSTGRES_DB: ${POSTGRES_DB:-opensox}

🤖 Prompt for AI Agents

In docker-compose.yml around lines 6 to 8, the Postgres credentials are
hardcoded (POSTGRES_USER/POSTGRES_PASSWORD/POSTGRES_DB set to "opensox"), which
is insecure for production; change them to read from environment variables
(e.g., POSTGRES_USER: ${POSTGRES_USER:-opensox}) or document they are dev-only
and add a warning comment, and update README/deployment docs to instruct setting
secure credentials via env files or secrets for non-development deployments.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

Security: Hardcoded JWT secret in plain text.

The hardcoded JWT_SECRET: your-secret-key is a critical security issue. Secrets should never be committed to version control in plain text.

Based on static analysis hints.

Replace with an environment variable reference:

    environment:
      DATABASE_URL: postgresql://opensox:opensox@postgres:5432/opensox?schema=public
-      JWT_SECRET: your-secret-key
+      JWT_SECRET: ${JWT_SECRET:?JWT_SECRET must be set}
      PORT: 4000
      NODE_ENV: production

Add a .env.example file to document required environment variables:

# .env.example
JWT_SECRET=generate-a-secure-random-secret-here
POSTGRES_USER=opensox
POSTGRES_PASSWORD=opensox
POSTGRES_DB=opensox

🧰 Tools

🪛 Checkov (3.2.334)

[medium] 19-20: Basic Auth Credentials

(CKV_SECRET_4)

🤖 Prompt for AI Agents

In docker-compose.yml around lines 19 to 20, the JWT_SECRET is hardcoded as
plain text which is a security risk; update the compose file to reference an
environment variable (e.g., use ${JWT_SECRET}) instead of the literal string and
configure docker-compose to load secrets via an env_file or environment
variables supplied at runtime; additionally add a .env.example in the repo
listing required variables (JWT_SECRET, POSTGRES_USER, POSTGRES_PASSWORD,
POSTGRES_DB) with placeholder/example values and update documentation/README to
instruct maintainers to set a secure JWT_SECRET outside version control.