Introduced a shared HTTP client with optimized settings

[vinyas-bharadwaj]

Description

Type of Change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation update
• Code refactoring
• Performance improvement
• Other (please describe):

Related Issue

Fixes #60

Changes Made

• Introduces a shared HTTP client with optimized settings.
• Uses this client for Claude, Grok and Groq, API calls
• Adds a separate client with extended timeout for Ollama.

Testing

• Tested with Gemini API
• Tested with Grok API
• Tested on Windows
• Tested on Linux
• Tested on macOS
• Added/updated tests (if applicable)

Checklist

• My code follows the project's code style
• I have performed a self-review of my code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings or errors
• I have tested this in a real Git repository
• I have read the CONTRIBUTING.md guidelines

Screenshots (if applicable)

Additional Notes

---

For Hacktoberfest Participants

• This PR is submitted as part of Hacktoberfest 2025

Thank you for your contribution! 🎉

Summary by CodeRabbit

• Refactor

  • Centralized HTTP networking to use a shared client for consistent timeouts and connection handling.
  • Introduced a dedicated client with extended timeout for local Ollama requests to improve long-running operations.
  • Standardized request construction and headers for Ollama calls for better reliability.

• Performance

  • Improved connection reuse and stability via a shared transport configuration.

• Chores

  • Removed duplicated client initialization across modules in favor of a single provider.

[coderabbitai]

Walkthrough

Centralized HTTP client management was introduced via internal/http/client.go. Existing providers (Claude, Grok, Groq) were refactored to use the shared client getter. Ollama integration now uses a dedicated long-timeout client and explicit http.Request construction with headers. Redundant per-file client setups and TLS configs were removed.

Changes

Cohort / File(s)	Summary
Central HTTP client factory internal/http/client.go	Added shared HTTP client module with singleton getters: GetClient() (30s timeout) and GetOllamaClient() (10m timeout). Introduced common http.Transport with TLS and connection settings.
Provider refactors to shared client internal/claude/claude.go, internal/groq/groq.go	Replaced local/default clients with httpClient.GetClient().Do(req) via alias import of internal/http. No public APIs changed.
Grok: remove custom TLS and singleton internal/grok/grok.go	Deleted in-file HTTP singleton, TLS transport, and helper. Switched to httpClient.GetClient(). Pruned TLS/time imports.
Ollama: explicit request + dedicated client internal/ollama/ollama.go	Replaced http.Post with http.NewRequest + Content-Type: application/json; send via httpClient.GetOllamaClient().Do(req). Adjusted error handling; response handling unchanged.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor Caller
  participant Provider as Provider (Claude/Grok/Groq)
  participant HTTPPkg as internal/http
  participant Net as net/http

  Caller->>Provider: GenerateCommitMessage(...)
  Provider->>HTTPPkg: GetClient()
  activate HTTPPkg
  alt First call
    HTTPPkg->>HTTPPkg: init sharedClient (sync.Once)
    note over HTTPPkg: Timeout: 30s<br/>Shared Transport
  else Subsequent calls
    HTTPPkg-->>Provider: return sharedClient
  end
  deactivate HTTPPkg
  Provider->>Net: sharedClient.Do(req)
  Net-->>Provider: resp / error
  Provider-->>Caller: result / error

Loading

sequenceDiagram
  autonumber
  actor Caller
  participant Ollama as internal/ollama
  participant HTTPPkg as internal/http
  participant Net as net/http

  Caller->>Ollama: GenerateCommitMessage(...)
  Ollama->>Ollama: http.NewRequest(POST, url, body)
  Ollama->>Ollama: req.Header["Content-Type"] = application/json
  Ollama->>HTTPPkg: GetOllamaClient()
  activate HTTPPkg
  alt First call
    HTTPPkg->>HTTPPkg: init ollamaClient (sync.Once)
    note over HTTPPkg: Timeout: 10m<br/>Shared Transport
  end
  HTTPPkg-->>Ollama: ollamaClient
  deactivate HTTPPkg
  Ollama->>Net: ollamaClient.Do(req)
  Net-->>Ollama: resp
  Ollama->>Ollama: read body, status check, JSON decode
  Ollama-->>Caller: result / error

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Poem

I hop through code with whiskers keen,
One client now—so crisp, so clean.
No more TLS tangles to comb,
Shared burrow where requests call home.
For Ollama, a longer trail,
Ten-minute hops that never fail. 🐇✨

Pre-merge checks and finishing touches

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The title clearly highlights the main change of introducing a shared HTTP client with optimized settings, concisely reflecting the central refactoring across multiple provider modules without extraneous detail.
Linked Issues Check	✅ Passed	The changes fully satisfy issue #60 by establishing the shared HTTP client factory, replacing each provider’s custom client instantiation in claude.go, grok.go, and groq.go, and adding a dedicated extended‐timeout client for Ollama in line with the linked objectives.
Out of Scope Changes Check	✅ Passed	All modifications are strictly focused on consolidating HTTP client creation and adapting request calls to the new factory, with no unrelated features or modules touched.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 91457b4 and eacc47c.

📒 Files selected for processing (1)

• internal/http/client.go (1 hunks)

🧰 Additional context used

🪛 ast-grep (0.39.5)

internal/http/client.go

[warning] 24-26: MinVersionis missing from this TLS configuration. By default, TLS 1.2 is currently used as the minimum when acting as a client, and TLS 1.0 when acting as a server. General purpose web applications should default to TLS 1.3 with all other protocols disabled. Only where it is known that a web server must support legacy clients with unsupported an insecure browsers (such as Internet Explorer 10), it may be necessary to enable TLS 1.0 to provide support. AddMinVersion: tls.VersionTLS13' to the TLS configuration to bump the minimum version to TLS 1.3.
Context: tls.Config{
InsecureSkipVerify: false,
}
Note: [CWE-327]: Use of a Broken or Risky Cryptographic Algorithm [OWASP A03:2017]: Sensitive Data Exposure [OWASP A02:2021]: Cryptographic Failures [REFERENCES]
https://owasp.org/Top10/A02_2021-Cryptographic_Failures

(missing-ssl-minversion-go)

🔇 Additional comments (2)

internal/http/client.go (2)

31-40: LGTM with one condition.

The singleton pattern is correctly implemented with sync.Once for thread-safe lazy initialization. The 30-second timeout is appropriate for cloud API calls. The implementation will be fully secure once the TLS MinVersion is added to createTransport().

---

42-51: LGTM with one condition.

The dedicated Ollama client with a 10-minute timeout is appropriate for local inference workloads, which can be time-intensive. The singleton pattern is correctly implemented. The implementation will be fully secure once the TLS MinVersion is added to createTransport().

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between bc0e7c3 and 91457b4.

📒 Files selected for processing (6)

• internal/claude/claude.go (2 hunks)
• internal/grok/grok.go (2 hunks)
• internal/groq/groq.go (3 hunks)
• internal/http/client.go (1 hunks)
• internal/ollama/ollama.go (2 hunks)
• test2.txt (1 hunks)

🧰 Additional context used

🧬 Code graph analysis (4)

internal/grok/grok.go (1)

internal/http/client.go (1)

• GetClient (19-37)

internal/claude/claude.go (1)

internal/http/client.go (1)

• GetClient (19-37)

internal/ollama/ollama.go (1)

internal/http/client.go (1)

• GetOllamaClient (40-58)

internal/groq/groq.go (1)

internal/http/client.go (1)

• GetClient (19-37)

🪛 ast-grep (0.39.5)

internal/http/client.go

[warning] 25-27: MinVersionis missing from this TLS configuration. By default, TLS 1.2 is currently used as the minimum when acting as a client, and TLS 1.0 when acting as a server. General purpose web applications should default to TLS 1.3 with all other protocols disabled. Only where it is known that a web server must support legacy clients with unsupported an insecure browsers (such as Internet Explorer 10), it may be necessary to enable TLS 1.0 to provide support. AddMinVersion: tls.VersionTLS13' to the TLS configuration to bump the minimum version to TLS 1.3.
Context: tls.Config{
InsecureSkipVerify: false,
}
Note: [CWE-327]: Use of a Broken or Risky Cryptographic Algorithm [OWASP A03:2017]: Sensitive Data Exposure [OWASP A02:2021]: Cryptographic Failures [REFERENCES]
https://owasp.org/Top10/A02_2021-Cryptographic_Failures

(missing-ssl-minversion-go)

---

[warning] 46-48: MinVersionis missing from this TLS configuration. By default, TLS 1.2 is currently used as the minimum when acting as a client, and TLS 1.0 when acting as a server. General purpose web applications should default to TLS 1.3 with all other protocols disabled. Only where it is known that a web server must support legacy clients with unsupported an insecure browsers (such as Internet Explorer 10), it may be necessary to enable TLS 1.0 to provide support. AddMinVersion: tls.VersionTLS13' to the TLS configuration to bump the minimum version to TLS 1.3.
Context: tls.Config{
InsecureSkipVerify: false,
}
Note: [CWE-327]: Use of a Broken or Risky Cryptographic Algorithm [OWASP A03:2017]: Sensitive Data Exposure [OWASP A02:2021]: Cryptographic Failures [REFERENCES]
https://owasp.org/Top10/A02_2021-Cryptographic_Failures

(missing-ssl-minversion-go)

🔇 Additional comments (5)

internal/groq/groq.go (1)

85-88: Shared client usage looks solid

Great to see this path now using the centralized HTTP client; the swap is clean and keeps the existing flow intact.

internal/claude/claude.go (1)

62-66: Centralized client integration looks good

The switch to the shared client is straightforward and keeps the Claude call path unchanged otherwise. Nicely aligned with the new factory.

internal/ollama/ollama.go (1)

50-59: Ollama request refactor looks correct

Building the request explicitly and routing it through GetOllamaClient() keeps behavior while benefiting from the dedicated timeout—nice cleanup.

internal/grok/grok.go (1)

48-52: Shared client adoption confirmed

This path now leverages the centralized client without altering the rest of the flow—exactly what we wanted.

internal/http/client.go (1)

10-16: LGTM! Singleton pattern correctly implemented.

The use of separate sync.Once instances for each client ensures thread-safe lazy initialization without race conditions.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Add explicit TLS MinVersion and extract common transport logic.

Two issues:

1. Security gap: The TLS configuration lacks an explicit MinVersion, defaulting to TLS 1.2. Modern applications should enforce TLS 1.3.
2. Code duplication: Transport settings are duplicated in GetOllamaClient. Extract to a helper function.

As per static analysis hints.

Apply this diff to address both issues:

+// createTransport returns a configured HTTP transport with secure TLS settings
+func createTransport() *http.Transport {
+	return &http.Transport{
+		TLSHandshakeTimeout: 10 * time.Second,
+		MaxIdleConns:        10,
+		IdleConnTimeout:     30 * time.Second,
+		DisableCompression:  true,
+		TLSClientConfig: &tls.Config{
+			InsecureSkipVerify: false,
+			MinVersion:         tls.VersionTLS13,
+		},
+	}
+}
+
 // GetClient returns a shared HTTP client with optimized settings for cloud APIs
 func GetClient() *http.Client {
 	clientOnce.Do(func() {
-		transport := &http.Transport{
-			TLSHandshakeTimeout: 10 * time.Second,
-			MaxIdleConns:        10,
-			IdleConnTimeout:     30 * time.Second,
-			DisableCompression:  true,
-			TLSClientConfig: &tls.Config{
-				InsecureSkipVerify: false,
-			},
-		}
-
 		sharedClient = &http.Client{
 			Timeout:   30 * time.Second,
-			Transport: transport,
+			Transport: createTransport(),
 		}
 	})
 	return sharedClient
 }

🧰 Tools

🪛 ast-grep (0.39.5)

[warning] 25-27: MinVersionis missing from this TLS configuration. By default, TLS 1.2 is currently used as the minimum when acting as a client, and TLS 1.0 when acting as a server. General purpose web applications should default to TLS 1.3 with all other protocols disabled. Only where it is known that a web server must support legacy clients with unsupported an insecure browsers (such as Internet Explorer 10), it may be necessary to enable TLS 1.0 to provide support. AddMinVersion: tls.VersionTLS13' to the TLS configuration to bump the minimum version to TLS 1.3.
Context: tls.Config{
InsecureSkipVerify: false,
}
Note: [CWE-327]: Use of a Broken or Risky Cryptographic Algorithm [OWASP A03:2017]: Sensitive Data Exposure [OWASP A02:2021]: Cryptographic Failures [REFERENCES]
https://owasp.org/Top10/A02_2021-Cryptographic_Failures

(missing-ssl-minversion-go)

🤖 Prompt for AI Agents

In internal/http/client.go around lines 18 to 37, the TLS config is missing an
explicit MinVersion (defaulting to TLS1.2) and the transport creation is
duplicated elsewhere; update the TLSClientConfig to set MinVersion:
tls.VersionTLS13 and extract the transport construction into a new helper
function (e.g., newSharedTransport) that returns *http.Transport with
TLSHandshakeTimeout, MaxIdleConns, IdleConnTimeout, DisableCompression and
TLSClientConfig (including InsecureSkipVerify:false and MinVersion), then call
that helper from GetClient (and from GetOllamaClient) so both use the same
centralized transport-building logic.

[DFanso]

hey @vinyas-bharadwaj can u remove the test2.txt file

[DFanso]

Approved 🎊