From 32fa3bbe28943f29906bbcd85333cfc7464e0e59 Mon Sep 17 00:00:00 2001
From: Claudio Fuentes <imclaudfuen@gmail.com>
Date: Thu, 31 Jul 2025 15:21:38 -0400
Subject: [PATCH 1/5] refactor: unify S3 client configuration across app and
 portal

- Simplified the S3 client initialization by consolidating the credential handling into a single configuration object, ensuring explicit credentials are always provided.
- Enhanced code readability and maintainability by removing conditional logic for environment-specific credential handling.
---
 apps/app/src/app/s3.ts      | 24 +++++++-----------------
 apps/portal/src/utils/s3.ts | 24 +++++++-----------------
 2 files changed, 14 insertions(+), 34 deletions(-)

diff --git a/apps/app/src/app/s3.ts b/apps/app/src/app/s3.ts
index 86b045a56..10571ae57 100644
--- a/apps/app/src/app/s3.ts
+++ b/apps/app/src/app/s3.ts
@@ -21,23 +21,13 @@ if (!APP_AWS_ACCESS_KEY_ID || !APP_AWS_SECRET_ACCESS_KEY || !BUCKET_NAME || !APP
 // Create a single S3 client instance
 // Add null checks or assertions if the checks above don't guarantee non-null values
 
-export const s3Client = new S3Client(
-  // If we are on Vercel, we MUST provide explicit credentials.
-  process.env.VERCEL === '1'
-    ? {
-        region: APP_AWS_REGION!,
-        credentials: {
-          accessKeyId: APP_AWS_ACCESS_KEY_ID!,
-          secretAccessKey: APP_AWS_SECRET_ACCESS_KEY!,
-        },
-      }
-    : // For any other environment (like AWS ECS or local dev),
-      // we only need to provide the region. The AWS SDK will
-      // automatically find the credentials from the environment.
-      {
-        region: APP_AWS_REGION!,
-      },
-);
+export const s3Client = new S3Client({
+  region: APP_AWS_REGION!,
+  credentials: {
+    accessKeyId: APP_AWS_ACCESS_KEY_ID!,
+    secretAccessKey: APP_AWS_SECRET_ACCESS_KEY!,
+  },
+});
 
 // Ensure BUCKET_NAME is exported and non-null checked if needed elsewhere explicitly
 if (!BUCKET_NAME && process.env.NODE_ENV === 'production') {
diff --git a/apps/portal/src/utils/s3.ts b/apps/portal/src/utils/s3.ts
index e4c4a0d4e..827f7f297 100644
--- a/apps/portal/src/utils/s3.ts
+++ b/apps/portal/src/utils/s3.ts
@@ -21,23 +21,13 @@ if (!APP_AWS_ACCESS_KEY_ID || !APP_AWS_SECRET_ACCESS_KEY || !BUCKET_NAME || !APP
 
 // Create a single S3 client instance
 // Add null checks or assertions if the checks above don't guarantee non-null values
-export const s3Client = new S3Client(
-  // If we are on Vercel, we MUST provide explicit credentials.
-  process.env.VERCEL === '1'
-    ? {
-        region: APP_AWS_REGION!,
-        credentials: {
-          accessKeyId: APP_AWS_ACCESS_KEY_ID!,
-          secretAccessKey: APP_AWS_SECRET_ACCESS_KEY!,
-        },
-      }
-    : // For any other environment (like AWS ECS or local dev),
-      // we only need to provide the region. The AWS SDK will
-      // automatically find the credentials from the environment.
-      {
-        region: APP_AWS_REGION!,
-      },
-);
+export const s3Client = new S3Client({
+  region: APP_AWS_REGION!,
+  credentials: {
+    accessKeyId: APP_AWS_ACCESS_KEY_ID!,
+    secretAccessKey: APP_AWS_SECRET_ACCESS_KEY!,
+  },
+});
 
 // Ensure BUCKET_NAME is exported and non-null checked if needed elsewhere explicitly
 if (!BUCKET_NAME && process.env.NODE_ENV === 'production') {

From 43d1232d2afd84cfa65ef25302628f737aab0ff5 Mon Sep 17 00:00:00 2001
From: Claudio Fuentes <imclaudfuen@gmail.com>
Date: Thu, 31 Jul 2025 15:39:57 -0400
Subject: [PATCH 2/5] refactor: improve S3 client initialization and error
 handling

- Enhanced the S3 client setup by consolidating credential checks and providing detailed error logging for missing or invalid environment variables.
- Introduced a redaction function to mask sensitive information in error logs, improving security and clarity during initialization failures.
- Ensured the application fails gracefully when S3 client configuration is invalid, preventing further execution without a valid client.
---
 apps/app/src/app/s3.ts | 57 +++++++++++++++++++++++++-----------------
 1 file changed, 34 insertions(+), 23 deletions(-)

diff --git a/apps/app/src/app/s3.ts b/apps/app/src/app/s3.ts
index 10571ae57..749c29401 100644
--- a/apps/app/src/app/s3.ts
+++ b/apps/app/src/app/s3.ts
@@ -6,34 +6,45 @@ const APP_AWS_SECRET_ACCESS_KEY = process.env.APP_AWS_SECRET_ACCESS_KEY;
 
 export const BUCKET_NAME = process.env.APP_AWS_BUCKET_NAME;
 
-if (!APP_AWS_ACCESS_KEY_ID || !APP_AWS_SECRET_ACCESS_KEY || !BUCKET_NAME || !APP_AWS_REGION) {
-  // Log the error in production environments
-  if (process.env.NODE_ENV === 'production') {
-    console.error('AWS S3 credentials or configuration missing in environment variables.');
-  } else {
-    // Throw in development for immediate feedback
-    throw new Error('AWS S3 credentials or configuration missing. Check environment variables.');
-  }
-  // Optionally, you could export a dummy/error client or null here
-  // depending on how you want consuming code to handle the missing config.
-}
+let s3ClientInstance: S3Client;
 
-// Create a single S3 client instance
-// Add null checks or assertions if the checks above don't guarantee non-null values
+const redact = (value?: string) => {
+  if (!value) return 'undefined';
+  return `${value.substring(0, 4)}****`;
+};
 
-export const s3Client = new S3Client({
-  region: APP_AWS_REGION!,
-  credentials: {
-    accessKeyId: APP_AWS_ACCESS_KEY_ID!,
-    secretAccessKey: APP_AWS_SECRET_ACCESS_KEY!,
-  },
-});
+try {
+  if (!APP_AWS_ACCESS_KEY_ID || !APP_AWS_SECRET_ACCESS_KEY || !BUCKET_NAME || !APP_AWS_REGION) {
+    throw new Error('AWS S3 credentials or configuration missing. Check environment variables.');
+  }
 
-// Ensure BUCKET_NAME is exported and non-null checked if needed elsewhere explicitly
-if (!BUCKET_NAME && process.env.NODE_ENV === 'production') {
-  console.error('AWS_BUCKET_NAME is not defined.');
+  s3ClientInstance = new S3Client({
+    region: APP_AWS_REGION,
+    credentials: {
+      accessKeyId: APP_AWS_ACCESS_KEY_ID,
+      secretAccessKey: APP_AWS_SECRET_ACCESS_KEY,
+    },
+  });
+} catch (error) {
+  console.error('!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!');
+  console.error('!!! FAILED TO INITIALIZE S3 CLIENT !!!');
+  console.error('!!! This is likely due to missing or invalid environment variables. !!!');
+  console.error('--- Provided Configuration ---');
+  console.error(`APP_AWS_REGION: ${APP_AWS_REGION}`);
+  console.error(`APP_AWS_ACCESS_KEY_ID: ${redact(APP_AWS_ACCESS_KEY_ID)}`);
+  console.error(`APP_AWS_SECRET_ACCESS_KEY: ${redact(APP_AWS_SECRET_ACCESS_KEY)}`);
+  console.error(`APP_AWS_BUCKET_NAME: ${BUCKET_NAME}`);
+  console.error('-----------------------------');
+  console.error('Error:', error);
+  console.error('!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!');
+  // Prevent the app from continuing without a valid S3 client
+  // In a real-world scenario, you might have a fallback or a dummy client.
+  // For now, we re-throw to make the crash explicit.
+  throw error;
 }
 
+export const s3Client = s3ClientInstance;
+
 /**
  * Validates if a hostname is a valid AWS S3 endpoint
  */

From f9a47358cd3a2802600ba7619bbad5868300abbc Mon Sep 17 00:00:00 2001
From: Claudio Fuentes <imclaudfuen@gmail.com>
Date: Thu, 31 Jul 2025 15:56:43 -0400
Subject: [PATCH 3/5] refactor: enhance file upload handling and error
 management

- Refactored the uploadFile action to improve session management and error handling, ensuring proper authorization checks.
- Updated TaskBody and CommentItem components to utilize the new uploadFile function, enhancing maintainability and user feedback during file uploads.
- Implemented better state management for file uploads, including loading indicators and improved error messages for failed uploads.
- Increased maximum file size limit for uploads from 5MB to 10MB, allowing for larger files to be processed.
---
 apps/app/src/actions/files/upload-file.ts     | 124 +++++++------
 .../tasks/[taskId]/components/TaskBody.tsx    | 172 ++++++++++++------
 .../src/components/comments/CommentItem.tsx   | 114 ++++++------
 3 files changed, 242 insertions(+), 168 deletions(-)

diff --git a/apps/app/src/actions/files/upload-file.ts b/apps/app/src/actions/files/upload-file.ts
index 185d81928..f3a0ecbe1 100644
--- a/apps/app/src/actions/files/upload-file.ts
+++ b/apps/app/src/actions/files/upload-file.ts
@@ -1,6 +1,7 @@
 'use server';
 
 import { BUCKET_NAME, s3Client } from '@/app/s3';
+import { auth } from '@/utils/auth';
 import { logger } from '@/utils/logger';
 
 // This log will run as soon as the module is loaded.
@@ -10,8 +11,8 @@ import { GetObjectCommand, PutObjectCommand } from '@aws-sdk/client-s3';
 import { getSignedUrl } from '@aws-sdk/s3-request-presigner';
 import { AttachmentEntityType, AttachmentType, db } from '@db';
 import { revalidatePath } from 'next/cache';
+import { headers } from 'next/headers';
 import { z } from 'zod';
-import { authActionClient } from '../safe-action';
 
 function mapFileTypeToAttachmentType(fileType: string): AttachmentType {
   const type = fileType.split('/')[0];
@@ -38,19 +39,18 @@ const uploadAttachmentSchema = z.object({
   pathToRevalidate: z.string().optional(),
 });
 
-export const uploadFile = authActionClient
-  .inputSchema(uploadAttachmentSchema)
-  .metadata({
-    name: 'uploadFile',
-    track: {
-      event: 'File Uploaded',
-      channel: 'server',
-    },
-  })
-  .action(async ({ parsedInput, ctx }) => {
-    const { fileName, fileType, fileData, entityId, entityType, pathToRevalidate } = parsedInput;
-    const { session } = ctx;
-    const organizationId = session.activeOrganizationId;
+export const uploadFile = async (input: z.infer<typeof uploadAttachmentSchema>) => {
+  logger.info(`[uploadFile] Starting upload for ${input.fileName}`);
+  try {
+    const { fileName, fileType, fileData, entityId, entityType, pathToRevalidate } =
+      uploadAttachmentSchema.parse(input);
+
+    const session = await auth.api.getSession({ headers: await headers() });
+    const organizationId = session?.session.activeOrganizationId;
+
+    if (!organizationId) {
+      throw new Error('Not authorized - no organization found');
+    }
 
     logger.info(`[uploadFile] Starting upload for ${fileName} in org ${organizationId}`);
 
@@ -66,51 +66,55 @@ export const uploadFile = authActionClient
     const sanitizedFileName = fileName.replace(/[^a-zA-Z0-9.-]/g, '_');
     const key = `${organizationId}/attachments/${entityType}/${entityId}/${timestamp}-${sanitizedFileName}`;
 
-    try {
-      logger.info(`[uploadFile] Uploading to S3 with key: ${key}`);
-      const putCommand = new PutObjectCommand({
-        Bucket: BUCKET_NAME,
-        Key: key,
-        Body: fileBuffer,
-        ContentType: fileType,
-      });
-      await s3Client.send(putCommand);
-      logger.info(`[uploadFile] S3 upload successful for key: ${key}`);
-
-      logger.info(`[uploadFile] Creating attachment record in DB for key: ${key}`);
-      const attachment = await db.attachment.create({
-        data: {
-          name: fileName,
-          url: key,
-          type: mapFileTypeToAttachmentType(fileType),
-          entityId: entityId,
-          entityType: entityType,
-          organizationId: organizationId,
-        },
-      });
-      logger.info(`[uploadFile] DB record created with id: ${attachment.id}`);
-
-      logger.info(`[uploadFile] Generating signed URL for key: ${key}`);
-      const getCommand = new GetObjectCommand({
-        Bucket: BUCKET_NAME,
-        Key: key,
-      });
-      const signedUrl = await getSignedUrl(s3Client, getCommand, {
-        expiresIn: 900,
-      });
-      logger.info(`[uploadFile] Signed URL generated for key: ${key}`);
-
-      if (pathToRevalidate) {
-        revalidatePath(pathToRevalidate);
-      }
-
-      return {
+    logger.info(`[uploadFile] Uploading to S3 with key: ${key}`);
+    const putCommand = new PutObjectCommand({
+      Bucket: BUCKET_NAME,
+      Key: key,
+      Body: fileBuffer,
+      ContentType: fileType,
+    });
+    await s3Client.send(putCommand);
+    logger.info(`[uploadFile] S3 upload successful for key: ${key}`);
+
+    logger.info(`[uploadFile] Creating attachment record in DB for key: ${key}`);
+    const attachment = await db.attachment.create({
+      data: {
+        name: fileName,
+        url: key,
+        type: mapFileTypeToAttachmentType(fileType),
+        entityId: entityId,
+        entityType: entityType,
+        organizationId: organizationId,
+      },
+    });
+    logger.info(`[uploadFile] DB record created with id: ${attachment.id}`);
+
+    logger.info(`[uploadFile] Generating signed URL for key: ${key}`);
+    const getCommand = new GetObjectCommand({
+      Bucket: BUCKET_NAME,
+      Key: key,
+    });
+    const signedUrl = await getSignedUrl(s3Client, getCommand, {
+      expiresIn: 900,
+    });
+    logger.info(`[uploadFile] Signed URL generated for key: ${key}`);
+
+    if (pathToRevalidate) {
+      revalidatePath(pathToRevalidate);
+    }
+
+    return {
+      success: true,
+      data: {
         ...attachment,
         signedUrl,
-      };
-    } catch (error) {
-      logger.error(`[uploadFile] Error during upload process for key ${key}:`, error);
-      // Re-throw the error to be handled by the safe action client
-      throw error;
-    }
-  });
+      },
+    } as const;
+  } catch (error) {
+    logger.error(`[uploadFile] Error during upload process:`, error);
+    return {
+      success: false,
+      error: error instanceof Error ? error.message : 'An unknown error occurred.',
+    } as const;
+  }
+};
diff --git a/apps/app/src/app/(app)/[orgId]/tasks/[taskId]/components/TaskBody.tsx b/apps/app/src/app/(app)/[orgId]/tasks/[taskId]/components/TaskBody.tsx
index 436b4797c..d10bed492 100644
--- a/apps/app/src/app/(app)/[orgId]/tasks/[taskId]/components/TaskBody.tsx
+++ b/apps/app/src/app/(app)/[orgId]/tasks/[taskId]/components/TaskBody.tsx
@@ -7,7 +7,6 @@ import { Textarea } from '@comp/ui/textarea';
 import type { Attachment } from '@db';
 import { AttachmentEntityType } from '@db';
 import { Loader2, Paperclip, Plus } from 'lucide-react';
-import { useAction } from 'next-safe-action/hooks';
 import { useRouter } from 'next/navigation';
 import type React from 'react';
 import { useCallback, useRef, useState } from 'react';
@@ -38,60 +37,127 @@ export function TaskBody({
   onAttachmentsChange,
 }: TaskBodyProps) {
   const fileInputRef = useRef<HTMLInputElement>(null);
+  const [isUploading, setIsUploading] = useState(false);
   const [busyAttachmentId, setBusyAttachmentId] = useState<string | null>(null);
   const router = useRouter();
-  const { execute, isExecuting } = useAction(uploadFile, {
-    onSuccess: () => {
-      onAttachmentsChange?.();
-      router.refresh();
-      toast.success('File uploaded successfully');
-    },
-    onError: ({ error }) => {
-      console.error('File upload failed:', error);
-      toast.error(error.serverError || 'Failed to upload file. Check console for details.');
-    },
-    onSettled: () => {
-      if (fileInputRef.current) {
-        fileInputRef.current.value = '';
-      }
-    },
-  });
+
+  const resetState = () => {
+    setIsUploading(false);
+    if (fileInputRef.current) {
+      fileInputRef.current.value = '';
+    }
+  };
 
   const handleFileSelect = useCallback(
     async (event: React.ChangeEvent<HTMLInputElement>) => {
       const files = event.target.files;
       if (!files || files.length === 0) return;
+      setIsUploading(true);
+      try {
+        for (const file of Array.from(files)) {
+          const MAX_FILE_SIZE_MB = 10;
+          const MAX_FILE_SIZE_BYTES = MAX_FILE_SIZE_MB * 1024 * 1024;
+          if (file.size > MAX_FILE_SIZE_BYTES) {
+            toast.error(`File "${file.name}" exceeds the ${MAX_FILE_SIZE_MB}MB limit.`);
+            continue;
+          }
 
-      for (const file of Array.from(files)) {
-        const MAX_FILE_SIZE_MB = 10;
-        const MAX_FILE_SIZE_BYTES = MAX_FILE_SIZE_MB * 1024 * 1024;
-        if (file.size > MAX_FILE_SIZE_BYTES) {
-          toast.error(`File "${file.name}" exceeds the ${MAX_FILE_SIZE_MB}MB limit.`);
-          continue;
+          const reader = new FileReader();
+          reader.onloadend = async () => {
+            const base64Data = (reader.result as string)?.split(',')[1];
+            if (!base64Data) {
+              toast.error('Failed to read file data.');
+              resetState();
+              return;
+            }
+
+            const result = await uploadFile({
+              fileName: file.name,
+              fileType: file.type,
+              fileData: base64Data,
+              entityId: taskId,
+              entityType: AttachmentEntityType.task,
+            });
+
+            if (result.success) {
+              toast.success('File uploaded successfully.');
+              onAttachmentsChange?.();
+              router.refresh();
+            } else {
+              console.error('File upload failed:', result.error);
+              toast.error(result.error || 'Failed to upload file. Check console for details.');
+            }
+          };
+          reader.onerror = () => {
+            toast.error('Error reading file.');
+            resetState();
+          };
+          reader.readAsDataURL(file);
         }
+      } finally {
+        // This finally block might run before all file readers are done.
+        // It's better to manage the loading state inside the onloadend.
+      }
+    },
+    [taskId, onAttachmentsChange, router],
+  );
+
+  // A better way to handle multiple file uploads
+  const handleFileSelectMultiple = useCallback(
+    async (event: React.ChangeEvent<HTMLInputElement>) => {
+      const files = event.target.files;
+      if (!files || files.length === 0) return;
+      setIsUploading(true);
 
-        const reader = new FileReader();
-        reader.onloadend = async () => {
-          const base64Data = (reader.result as string)?.split(',')[1];
-          if (!base64Data) {
-            toast.error('Failed to read file data.');
-            return;
+      const uploadPromises = Array.from(files).map((file) => {
+        return new Promise((resolve, reject) => {
+          const MAX_FILE_SIZE_MB = 10;
+          const MAX_FILE_SIZE_BYTES = MAX_FILE_SIZE_MB * 1024 * 1024;
+          if (file.size > MAX_FILE_SIZE_BYTES) {
+            toast.error(`File "${file.name}" exceeds the ${MAX_FILE_SIZE_MB}MB limit.`);
+            return resolve(null); // Resolve to skip this file
           }
-          execute({
-            fileName: file.name,
-            fileType: file.type,
-            fileData: base64Data,
-            entityId: taskId,
-            entityType: AttachmentEntityType.task,
-          });
-        };
-        reader.onerror = () => {
-          toast.error('Error reading file.');
-        };
-        reader.readAsDataURL(file);
-      }
+          const reader = new FileReader();
+          reader.onloadend = async () => {
+            try {
+              const base64Data = (reader.result as string)?.split(',')[1];
+              if (!base64Data) {
+                throw new Error('Failed to read file data.');
+              }
+              const result = await uploadFile({
+                fileName: file.name,
+                fileType: file.type,
+                fileData: base64Data,
+                entityId: taskId,
+                entityType: AttachmentEntityType.task,
+              });
+              if (result.success) {
+                toast.success(`File "${file.name}" uploaded successfully.`);
+                resolve(result);
+              } else {
+                throw new Error(result.error);
+              }
+            } catch (error) {
+              console.error(`Failed to upload ${file.name}:`, error);
+              toast.error(`Failed to upload ${file.name}.`);
+              resolve(null); // Resolve even if there's an error to not break Promise.all
+            }
+          };
+          reader.onerror = () => {
+            toast.error(`Error reading file "${file.name}".`);
+            resolve(null);
+          };
+          reader.readAsDataURL(file);
+        });
+      });
+
+      await Promise.all(uploadPromises);
+
+      onAttachmentsChange?.();
+      router.refresh();
+      resetState();
     },
-    [execute, taskId, onAttachmentsChange, router],
+    [taskId, onAttachmentsChange, router],
   );
 
   const triggerFileInput = () => {
@@ -136,21 +202,21 @@ export function TaskBody({
         onChange={onTitleChange}
         className="h-auto shrink-0 border-none bg-transparent p-0 md:text-lg font-semibold tracking-tight shadow-none focus-visible:ring-0"
         placeholder="Task Title"
-        disabled={disabled || isExecuting || !!busyAttachmentId}
+        disabled={disabled || isUploading || !!busyAttachmentId}
       />
       <Textarea
         value={description}
         onChange={onDescriptionChange}
         placeholder="Add description..."
         className="text-muted-foreground text-md min-h-[80px] resize-none border-none p-0 shadow-none focus-visible:ring-0"
-        disabled={disabled || isExecuting || !!busyAttachmentId}
+        disabled={disabled || isUploading || !!busyAttachmentId}
       />
       <input
         type="file"
         ref={fileInputRef}
-        onChange={handleFileSelect}
+        onChange={handleFileSelectMultiple}
         className="hidden"
-        disabled={isExecuting || !!busyAttachmentId}
+        disabled={isUploading || !!busyAttachmentId}
         multiple
       />
       <div className="space-y-3">
@@ -161,11 +227,11 @@ export function TaskBody({
               variant="ghost"
               size="icon"
               onClick={triggerFileInput}
-              disabled={isExecuting || !!busyAttachmentId}
+              disabled={isUploading || !!busyAttachmentId}
               className="text-muted-foreground hover:text-foreground flex h-7 w-7 items-center justify-center"
               aria-label="Add attachment"
             >
-              {isExecuting ? (
+              {isUploading ? (
                 <Loader2 className="h-4 w-4 animate-spin" />
               ) : (
                 <Paperclip className="h-4 w-4" />
@@ -185,13 +251,13 @@ export function TaskBody({
                   onClickFilename={handleDownloadClick}
                   onDelete={handleDeleteAttachment}
                   isBusy={isBusy}
-                  isParentBusy={isExecuting}
+                  isParentBusy={isUploading}
                 />
               );
             })}
           </div>
         ) : (
-          !isExecuting && (
+          !isUploading && (
             <p className="text-muted-foreground pt-1 text-sm italic">
               No attachments yet. Click the <Paperclip className="inline h-4 w-4" /> icon above to
               add one.
@@ -203,11 +269,11 @@ export function TaskBody({
           <Button
             variant="outline"
             onClick={triggerFileInput}
-            disabled={isExecuting || !!busyAttachmentId}
+            disabled={isUploading || !!busyAttachmentId}
             className="mt-2 w-full justify-center gap-2"
             aria-label="Add attachment"
           >
-            {isExecuting ? (
+            {isUploading ? (
               <Loader2 className="h-4 w-4 animate-spin" />
             ) : (
               <Plus className="h-4 w-4" />
diff --git a/apps/app/src/components/comments/CommentItem.tsx b/apps/app/src/components/comments/CommentItem.tsx
index 5fb1a1278..25f4d2b5d 100644
--- a/apps/app/src/components/comments/CommentItem.tsx
+++ b/apps/app/src/components/comments/CommentItem.tsx
@@ -24,7 +24,6 @@ import {
   Plus,
   Trash2,
 } from 'lucide-react';
-import { useAction } from 'next-safe-action/hooks';
 import { useRouter } from 'next/navigation';
 import type React from 'react';
 import { useCallback, useRef, useState } from 'react';
@@ -46,36 +45,11 @@ export function CommentItem({ comment }: { comment: CommentWithAuthor }) {
   const [currentAttachments, setCurrentAttachments] = useState([...comment.attachments]);
   const [attachmentsToRemove, setAttachmentsToRemove] = useState<string[]>([]);
   const [pendingAttachmentsToAdd, setPendingAttachmentsToAdd] = useState<PendingAttachment[]>([]);
+  const [isUploading, setIsUploading] = useState(false);
   const fileInputRef = useRef<HTMLInputElement>(null);
   const router = useRouter();
   const [deletingAttachmentIds, setDeletingAttachmentIds] = useState<string[]>([]);
 
-  const { execute: executeUpload, isExecuting: isUploading } = useAction(uploadFile, {
-    onSuccess: ({ data }) => {
-      if (data) {
-        setPendingAttachmentsToAdd((prev) => [
-          ...prev,
-          {
-            id: data.id,
-            name: data.name,
-            fileType: data.type,
-            signedUrl: data.signedUrl,
-          },
-        ]);
-        toast.success(`File "${data.name}" ready for attachment.`);
-      }
-    },
-    onError: ({ error }) => {
-      console.error('File upload failed:', error);
-      toast.error(error.serverError || 'Failed to upload file. Check console for details.');
-    },
-    onSettled: () => {
-      if (fileInputRef.current) {
-        fileInputRef.current.value = '';
-      }
-    },
-  });
-
   const handleEditToggle = () => {
     if (!isEditing) {
       setEditedContent(comment.content);
@@ -152,40 +126,70 @@ export function CommentItem({ comment }: { comment: CommentWithAuthor }) {
   };
 
   const handleFileSelect = useCallback(
-    (event: React.ChangeEvent<HTMLInputElement>) => {
+    async (event: React.ChangeEvent<HTMLInputElement>) => {
       const files = event.target.files;
       if (!files || files.length === 0) return;
+      setIsUploading(true);
 
-      for (const file of Array.from(files)) {
-        const MAX_FILE_SIZE_MB = 10;
-        const MAX_FILE_SIZE_BYTES = MAX_FILE_SIZE_MB * 1024 * 1024;
-        if (file.size > MAX_FILE_SIZE_BYTES) {
-          toast.error(`File "${file.name}" exceeds the ${MAX_FILE_SIZE_MB}MB limit.`);
-          continue;
-        }
-
-        const reader = new FileReader();
-        reader.onloadend = async () => {
-          const base64Data = (reader.result as string)?.split(',')[1];
-          if (!base64Data) {
-            toast.error(`Failed to read file data for ${file.name}`);
-            return;
+      const uploadPromises = Array.from(files).map((file) => {
+        return new Promise((resolve) => {
+          const MAX_FILE_SIZE_MB = 10;
+          const MAX_FILE_SIZE_BYTES = MAX_FILE_SIZE_MB * 1024 * 1024;
+          if (file.size > MAX_FILE_SIZE_BYTES) {
+            toast.error(`File "${file.name}" exceeds the ${MAX_FILE_SIZE_MB}MB limit.`);
+            return resolve(null);
           }
-          executeUpload({
-            fileName: file.name,
-            fileType: file.type,
-            fileData: base64Data,
-            entityId: comment.id,
-            entityType: AttachmentEntityType.comment,
-          });
-        };
-        reader.onerror = () => {
-          toast.error(`Error reading file: ${file.name}`);
-        };
-        reader.readAsDataURL(file);
+          const reader = new FileReader();
+          reader.onloadend = async () => {
+            try {
+              const base64Data = (reader.result as string)?.split(',')[1];
+              if (!base64Data) {
+                throw new Error('Failed to read file data.');
+              }
+              const result = await uploadFile({
+                fileName: file.name,
+                fileType: file.type,
+                fileData: base64Data,
+                entityId: comment.id,
+                entityType: AttachmentEntityType.comment,
+              });
+
+              if (result.success && result.data) {
+                setPendingAttachmentsToAdd((prev) => [
+                  ...prev,
+                  {
+                    id: result.data.id,
+                    name: result.data.name,
+                    fileType: result.data.type,
+                    signedUrl: result.data.signedUrl,
+                  },
+                ]);
+                toast.success(`File "${result.data.name}" ready for attachment.`);
+              } else {
+                throw new Error(result.error);
+              }
+              resolve(result);
+            } catch (error) {
+              console.error(`Failed to upload ${file.name}:`, error);
+              toast.error(`Failed to upload ${file.name}.`);
+              resolve(null);
+            }
+          };
+          reader.onerror = () => {
+            toast.error(`Error reading file "${file.name}".`);
+            resolve(null);
+          };
+          reader.readAsDataURL(file);
+        });
+      });
+
+      await Promise.all(uploadPromises);
+      setIsUploading(false);
+      if (fileInputRef.current) {
+        fileInputRef.current.value = '';
       }
     },
-    [executeUpload, comment.id],
+    [comment.id],
   );
 
   const [busyAttachmentId, setBusyAttachmentId] = useState<string | null>(null);

From 59db96df9c744b43c45558a7c6ae95acbc8aa05e Mon Sep 17 00:00:00 2001
From: Mariano Fuentes <marfuen98@gmail.com>
Date: Thu, 31 Jul 2025 18:05:05 -0400
Subject: [PATCH 4/5] feat: update dependencies and enhance onboarding process

- Added support for the @ai-sdk/anthropic package version 2.0.0 and updated @ai-sdk/openai to version 2.0.0.
- Upgraded the 'ai' package to version 5.0.0.
- Enhanced the onboarding process by integrating policy fetching and risk assessment comment generation using the new anthropic SDK.
- Refactored policy handling to ensure comprehensive data is used for vendor risk assessments.
---
 apps/app/package.json                         | 11 +--
 apps/app/src/app/api/chat/route.ts            | 13 ++--
 apps/app/src/components/ai/chat-text-area.tsx |  3 -
 apps/app/src/components/ai/chat.tsx           | 30 +++++---
 apps/app/src/components/ai/message.tsx        | 30 ++++----
 apps/app/src/components/ai/messages.tsx       |  4 +-
 apps/app/src/data/tools/organization.ts       |  7 +-
 apps/app/src/data/tools/policies.ts           | 17 +++--
 apps/app/src/data/tools/risks-tool.ts         | 27 ++++---
 apps/app/src/data/tools/user.ts               |  7 +-
 .../tasks/onboarding/onboard-organization.ts  | 71 +++++++++++++++++--
 .../prompts/vendor-risk-assessment.ts         | 53 ++++++++++++++
 bun.lock                                      | 43 +++++------
 package.json                                  |  2 +-
 packages/integrations/package.json            |  4 +-
 15 files changed, 223 insertions(+), 99 deletions(-)
 create mode 100644 apps/app/src/jobs/tasks/onboarding/prompts/vendor-risk-assessment.ts

diff --git a/apps/app/package.json b/apps/app/package.json
index c37fa1f52..e31619203 100644
--- a/apps/app/package.json
+++ b/apps/app/package.json
@@ -2,10 +2,11 @@
   "name": "@comp/app",
   "version": "0.1.0",
   "dependencies": {
-    "@ai-sdk/groq": "^1.2.8",
-    "@ai-sdk/openai": "^1.3.19",
-    "@ai-sdk/provider": "^1.1.3",
-    "@ai-sdk/react": "^1.2.9",
+    "@ai-sdk/anthropic": "^2.0.0",
+    "@ai-sdk/groq": "^2.0.0",
+    "@ai-sdk/openai": "^2.0.0",
+    "@ai-sdk/provider": "^2.0.0",
+    "@ai-sdk/react": "^2.0.0",
     "@aws-sdk/client-s3": "^3.806.0",
     "@aws-sdk/client-sts": "^3.808.0",
     "@aws-sdk/s3-request-presigner": "^3.832.0",
@@ -50,7 +51,7 @@
     "@uploadthing/react": "^7.3.0",
     "@upstash/ratelimit": "^2.0.5",
     "@vercel/sdk": "^1.7.1",
-    "ai": "^4.3.16",
+    "ai": "^5.0.0",
     "axios": "^1.9.0",
     "better-auth": "^1.2.8",
     "canvas-confetti": "^1.9.3",
diff --git a/apps/app/src/app/api/chat/route.ts b/apps/app/src/app/api/chat/route.ts
index aaaa25592..199ff8dbc 100644
--- a/apps/app/src/app/api/chat/route.ts
+++ b/apps/app/src/app/api/chat/route.ts
@@ -1,14 +1,13 @@
 import { tools } from '@/data/tools';
-import { model, type modelID } from '@/hooks/ai/providers';
 import { auth } from '@/utils/auth';
-import { type UIMessage, streamText } from 'ai';
+import { groq } from '@ai-sdk/groq';
+import { type UIMessage, convertToModelMessages, streamText } from 'ai';
 import { headers } from 'next/headers';
 
 export const maxDuration = 30;
 
 export async function POST(req: Request) {
-  const { messages, selectedModel }: { messages: UIMessage[]; selectedModel: modelID } =
-    await req.json();
+  const { messages }: { messages: UIMessage[] } = await req.json();
 
   const session = await auth.api.getSession({
     headers: await headers(),
@@ -31,11 +30,11 @@ export async function POST(req: Request) {
 `;
 
   const result = streamText({
-    model: model.languageModel(selectedModel),
+    model: groq('deepseek-r1-distill-llama-70b'),
     system: systemPrompt,
-    messages,
+    messages: convertToModelMessages(messages),
     tools,
   });
 
-  return result.toDataStreamResponse({ sendReasoning: true });
+  return result.toUIMessageStreamResponse();
 }
diff --git a/apps/app/src/components/ai/chat-text-area.tsx b/apps/app/src/components/ai/chat-text-area.tsx
index 3f00fb2d6..76e1c9e99 100644
--- a/apps/app/src/components/ai/chat-text-area.tsx
+++ b/apps/app/src/components/ai/chat-text-area.tsx
@@ -1,4 +1,3 @@
-import type { modelID } from '@/hooks/ai/providers';
 import { Icons } from '@comp/ui/icons';
 import { Popover, PopoverContent, PopoverTrigger } from '@comp/ui/popover';
 import { Textarea as ShadcnTextarea } from '@comp/ui/textarea';
@@ -10,8 +9,6 @@ interface InputProps {
   isLoading: boolean;
   status: string;
   stop: () => void;
-  selectedModel: modelID;
-  setSelectedModel: (model: modelID) => void;
 }
 
 export const ChatTextarea = ({ input, handleInputChange, isLoading }: InputProps) => {
diff --git a/apps/app/src/components/ai/chat.tsx b/apps/app/src/components/ai/chat.tsx
index 626343772..510e01695 100644
--- a/apps/app/src/components/ai/chat.tsx
+++ b/apps/app/src/components/ai/chat.tsx
@@ -1,9 +1,9 @@
 'use client';
 
-import type { modelID } from '@/hooks/ai/providers';
 import { useSession } from '@/utils/auth-client';
 import { useChat } from '@ai-sdk/react';
 import { ScrollArea } from '@comp/ui/scroll-area';
+import { DefaultChatTransport, lastAssistantMessageIsCompleteWithToolCalls } from 'ai';
 import { useState } from 'react';
 import { ChatEmpty } from './chat-empty';
 import { ChatTextarea } from './chat-text-area';
@@ -12,13 +12,15 @@ import { Messages } from './messages';
 export default function Chat() {
   const { data: session } = useSession();
 
-  const [selectedModel, setSelectedModel] = useState<modelID>('deepseek-r1-distill-llama-70b');
+  const [input, setInput] = useState('');
 
-  const { messages, input, handleInputChange, handleSubmit, error, status, stop } = useChat({
-    maxSteps: 5,
-    body: {
-      selectedModel,
-    },
+  const { messages, sendMessage, addToolResult, error, status, stop } = useChat({
+    transport: new DefaultChatTransport({
+      api: '/api/chat',
+    }),
+
+    // Automatically submit when all server-side tool calls are complete
+    sendAutomaticallyWhen: lastAssistantMessageIsCompleteWithToolCalls,
   });
 
   const isLoading = status === 'streaming' || status === 'submitted';
@@ -37,11 +39,17 @@ export default function Chat() {
         )}
       </ScrollArea>
 
-      <form onSubmit={handleSubmit}>
+      <form
+        onSubmit={(e) => {
+          e.preventDefault();
+          if (input.trim()) {
+            sendMessage({ text: input });
+            setInput('');
+          }
+        }}
+      >
         <ChatTextarea
-          selectedModel={selectedModel}
-          setSelectedModel={setSelectedModel}
-          handleInputChange={handleInputChange}
+          handleInputChange={(e) => setInput(e.target.value)}
           input={input}
           isLoading={isLoading}
           status={status}
diff --git a/apps/app/src/components/ai/message.tsx b/apps/app/src/components/ai/message.tsx
index cc14cd86d..4ea10571d 100644
--- a/apps/app/src/components/ai/message.tsx
+++ b/apps/app/src/components/ai/message.tsx
@@ -2,7 +2,7 @@
 
 import { useStreamableText } from '@/hooks/use-streamable-text';
 import { cn } from '@comp/ui/cn';
-import type { Message as TMessage } from 'ai';
+import type { UIMessage } from 'ai';
 import type { StreamableValue } from 'ai/rsc';
 import equal from 'fast-deep-equal';
 import { ChevronDownIcon, ChevronUpIcon } from 'lucide-react';
@@ -26,8 +26,8 @@ interface ExtendedToolInvocation extends ToolInvocation {
 
 interface ReasoningPart {
   type: 'reasoning';
-  reasoning: string;
-  details: Array<{ type: 'text'; text: string }>;
+  text: string;
+  details?: Array<{ type: 'text'; text: string }>;
 }
 
 interface ReasoningMessagePartProps {
@@ -117,13 +117,13 @@ export function ReasoningMessagePart({ part, isReasoning }: ReasoningMessagePart
             variants={variants}
             transition={{ duration: 0.2, ease: 'easeInOut' }}
           >
-            {part.details.map((detail) =>
+            {part.details?.map((detail) =>
               detail.type === 'text' ? (
                 <StreamableMarkdown key={detail.text} text={detail.text} />
               ) : (
                 '<redacted>'
               ),
-            )}
+            ) || <StreamableMarkdown text={part.text} />}
           </motion.div>
         )}
       </AnimatePresence>
@@ -159,7 +159,7 @@ const PurePreviewMessage = ({
   isLatestMessage,
   status,
 }: {
-  message: TMessage;
+  message: UIMessage;
   isLoading: boolean;
   status: 'error' | 'submitted' | 'streaming' | 'ready';
   isLatestMessage: boolean;
@@ -180,7 +180,12 @@ const PurePreviewMessage = ({
           )}
         >
           <div className="flex w-full flex-col space-y-4">
-            {message.parts?.map((part, i) => {
+            {message.parts?.map((part: any, i: number) => {
+              // Skip invalid parts
+              if (!part || !part.type) {
+                return null;
+              }
+
               switch (part.type) {
                 case 'text':
                   return message.role === 'user' ? (
@@ -196,7 +201,7 @@ const PurePreviewMessage = ({
                             message.role === 'user',
                         })}
                       >
-                        <StreamableMarkdown text={part.text} />
+                        <StreamableMarkdown text={part.text || ''} />
                       </div>
                     </motion.div>
                   ) : (
@@ -207,7 +212,7 @@ const PurePreviewMessage = ({
                       className="flex w-full flex-row items-start gap-2 pb-2"
                     >
                       <BotCard key={`message-${message.id}-part-${i}`}>
-                        <StreamableMarkdown text={part.text} />
+                        <StreamableMarkdown text={part.text || ''} />
                       </BotCard>
                     </motion.div>
                   );
@@ -216,8 +221,7 @@ const PurePreviewMessage = ({
                   return (
                     <ReasoningMessagePart
                       key={`message-${message.id}-${i}`}
-                      // @ts-expect-error part
-                      part={part}
+                      part={part as ReasoningPart}
                       isReasoning={
                         (message.parts &&
                           status === 'streaming' &&
@@ -227,7 +231,9 @@ const PurePreviewMessage = ({
                     />
                   );
                 }
+
                 default:
+                  // Skip tool parts - only show final text response
                   return null;
               }
             })}
@@ -303,8 +309,6 @@ export function UserMessage({ content }: { content: string }) {
 export const Message = memo(PurePreviewMessage, (prevProps, nextProps) => {
   if (prevProps.status !== nextProps.status) return false;
 
-  if (prevProps.message.annotations !== nextProps.message.annotations) return false;
-
   if (!equal(prevProps.message.parts, nextProps.message.parts)) return false;
 
   return true;
diff --git a/apps/app/src/components/ai/messages.tsx b/apps/app/src/components/ai/messages.tsx
index 902dfd2f8..cd0dceb4d 100644
--- a/apps/app/src/components/ai/messages.tsx
+++ b/apps/app/src/components/ai/messages.tsx
@@ -1,5 +1,5 @@
 import { useScrollToBottom } from '@/hooks/use-scroll-to-bottom';
-import type { Message as TMessage } from 'ai';
+import type { UIMessage } from 'ai';
 import { Message } from './message';
 
 export const Messages = ({
@@ -7,7 +7,7 @@ export const Messages = ({
   isLoading,
   status,
 }: {
-  messages: TMessage[];
+  messages: UIMessage[];
   isLoading: boolean;
   status: 'error' | 'submitted' | 'streaming' | 'ready';
 }) => {
diff --git a/apps/app/src/data/tools/organization.ts b/apps/app/src/data/tools/organization.ts
index 036961759..e7849ca2e 100644
--- a/apps/app/src/data/tools/organization.ts
+++ b/apps/app/src/data/tools/organization.ts
@@ -1,6 +1,5 @@
 import { auth } from '@/utils/auth';
 import { db } from '@db';
-import { tool } from 'ai';
 import { headers } from 'next/headers';
 import { z } from 'zod';
 
@@ -10,9 +9,9 @@ export function getOrganizationTools() {
   };
 }
 
-export const findOrganization = tool({
+export const findOrganization = {
   description: "Find the users organization and it's details",
-  parameters: z.object({}),
+  inputSchema: z.object({}),
   execute: async () => {
     const session = await auth.api.getSession({
       headers: await headers(),
@@ -40,4 +39,4 @@ export const findOrganization = tool({
       organization: org,
     };
   },
-});
+};
diff --git a/apps/app/src/data/tools/policies.ts b/apps/app/src/data/tools/policies.ts
index 4f9a1c219..d0b87e7f9 100644
--- a/apps/app/src/data/tools/policies.ts
+++ b/apps/app/src/data/tools/policies.ts
@@ -1,6 +1,5 @@
 import { auth } from '@/utils/auth';
 import { db } from '@db';
-import { tool } from 'ai';
 import { headers } from 'next/headers';
 import { z } from 'zod';
 
@@ -11,12 +10,12 @@ export function getPolicyTools() {
   };
 }
 
-export const getPolicies = tool({
+export const getPolicies = {
   description: 'Get all policies for the organization',
-  parameters: z.object({
+  inputSchema: z.object({
     status: z.enum(['draft', 'published']).optional(),
   }),
-  execute: async ({ status }) => {
+  execute: async ({ status }: { status?: 'draft' | 'published' }) => {
     const session = await auth.api.getSession({
       headers: await headers(),
     });
@@ -49,15 +48,15 @@ export const getPolicies = tool({
       policies,
     };
   },
-});
+};
 
-export const getPolicyContent = tool({
+export const getPolicyContent = {
   description:
     'Get the content of a specific policy by id. We can only acquire the policy id by running the getPolicies tool first.',
-  parameters: z.object({
+  inputSchema: z.object({
     id: z.string(),
   }),
-  execute: async ({ id }) => {
+  execute: async ({ id }: { id: string }) => {
     const session = await auth.api.getSession({
       headers: await headers(),
     });
@@ -84,4 +83,4 @@ export const getPolicyContent = tool({
       content: policy?.content,
     };
   },
-});
+};
diff --git a/apps/app/src/data/tools/risks-tool.ts b/apps/app/src/data/tools/risks-tool.ts
index 5046ad0f8..ee34fcf1c 100644
--- a/apps/app/src/data/tools/risks-tool.ts
+++ b/apps/app/src/data/tools/risks-tool.ts
@@ -1,6 +1,5 @@
 import { auth } from '@/utils/auth';
 import { db, Departments, RiskCategory, RiskStatus } from '@db';
-import { tool } from 'ai';
 import { headers } from 'next/headers';
 import { z } from 'zod';
 
@@ -11,15 +10,25 @@ export function getRiskTools() {
   };
 }
 
-export const getRisks = tool({
+export const getRisks = {
   description: 'Get risks for the organization',
-  parameters: z.object({
+  inputSchema: z.object({
     status: z.enum(Object.values(RiskStatus) as [RiskStatus, ...RiskStatus[]]).optional(),
     department: z.enum(Object.values(Departments) as [Departments, ...Departments[]]).optional(),
     category: z.enum(Object.values(RiskCategory) as [RiskCategory, ...RiskCategory[]]).optional(),
     owner: z.string().optional(),
   }),
-  execute: async ({ status, department, category, owner }) => {
+  execute: async ({
+    status,
+    department,
+    category,
+    owner,
+  }: {
+    status?: RiskStatus;
+    department?: Departments;
+    category?: RiskCategory;
+    owner?: string;
+  }) => {
     const session = await auth.api.getSession({
       headers: await headers(),
     });
@@ -54,14 +63,14 @@ export const getRisks = tool({
       risks,
     };
   },
-});
+};
 
-export const getRiskById = tool({
+export const getRiskById = {
   description: 'Get a risk by id',
-  parameters: z.object({
+  inputSchema: z.object({
     id: z.string(),
   }),
-  execute: async ({ id }) => {
+  execute: async ({ id }: { id: string }) => {
     const session = await auth.api.getSession({
       headers: await headers(),
     });
@@ -85,4 +94,4 @@ export const getRiskById = tool({
       risk,
     };
   },
-});
+};
diff --git a/apps/app/src/data/tools/user.ts b/apps/app/src/data/tools/user.ts
index 787af0038..38fa2ddb2 100644
--- a/apps/app/src/data/tools/user.ts
+++ b/apps/app/src/data/tools/user.ts
@@ -1,5 +1,4 @@
 import { auth } from '@/utils/auth';
-import { tool } from 'ai';
 import { headers } from 'next/headers';
 import { z } from 'zod';
 
@@ -9,9 +8,9 @@ export function getUserTools() {
   };
 }
 
-export const getUser = tool({
+export const getUser = {
   description: "Get the user's id and organization id",
-  parameters: z.object({}),
+  inputSchema: z.object({}),
   execute: async () => {
     const session = await auth.api.getSession({
       headers: await headers(),
@@ -26,4 +25,4 @@ export const getUser = tool({
       organizationId: session.session.activeOrganizationId,
     };
   },
-});
+};
diff --git a/apps/app/src/jobs/tasks/onboarding/onboard-organization.ts b/apps/app/src/jobs/tasks/onboarding/onboard-organization.ts
index ef697bc37..70ac3850d 100644
--- a/apps/app/src/jobs/tasks/onboarding/onboard-organization.ts
+++ b/apps/app/src/jobs/tasks/onboarding/onboard-organization.ts
@@ -1,5 +1,7 @@
+import { anthropic } from '@ai-sdk/anthropic';
 import { openai } from '@ai-sdk/openai';
 import {
+  CommentEntityType,
   db,
   Departments,
   Impact,
@@ -9,10 +11,11 @@ import {
   VendorCategory,
 } from '@db';
 import { logger, task, tasks } from '@trigger.dev/sdk/v3';
-import { generateObject } from 'ai';
+import { generateObject, generateText } from 'ai';
 import axios from 'axios';
 import z from 'zod';
 import type { researchVendor } from '../scrape/research';
+import { VENDOR_RISK_ASSESSMENT_PROMPT } from './prompts/vendor-risk-assessment';
 import { updatePolicies } from './update-policies';
 
 export const onboardOrganization = task({
@@ -71,6 +74,17 @@ export const onboardOrganization = task({
       answer: context.answer,
     }));
 
+    // Fetch policies early to provide context for vendor risk assessments
+    const policies = await db.policy.findMany({
+      where: {
+        organizationId: payload.organizationId,
+      },
+      select: {
+        name: true,
+        description: true,
+      },
+    });
+
     const extractVendors = await generateObject({
       model: openai('gpt-4.1-mini'),
       schema: z.object({
@@ -125,6 +139,54 @@ export const onboardOrganization = task({
         website: createdVendor.website ?? '',
       });
 
+      // Find an organization owner or admin to use as comment author
+      const commentAuthor = await db.member.findFirst({
+        where: {
+          organizationId: payload.organizationId,
+          OR: [{ role: { contains: 'owner' } }, { role: { contains: 'admin' } }],
+        },
+        orderBy: [
+          { role: 'desc' }, // Prefer owner over admin
+          { createdAt: 'asc' }, // Prefer earlier members
+        ],
+      });
+
+      if (commentAuthor) {
+        // Generate risk mitigation comment using AI
+        const policiesContext =
+          policies.length > 0
+            ? policies
+                .map((p) => `- ${p.name}: ${p.description || 'No description available'}`)
+                .join('\n')
+            : 'No specific policies available - use standard security policy guidance.';
+
+        const riskMitigationComment = await generateText({
+          model: anthropic('claude-sonnet-4-20250514'),
+          system: VENDOR_RISK_ASSESSMENT_PROMPT,
+          prompt: `Vendor: ${createdVendor.name} (${createdVendor.category}) - ${createdVendor.description}. Website: ${createdVendor.website}.
+
+Available Organization Policies:
+${policiesContext}
+
+Please perform a comprehensive vendor risk assessment for this vendor using the available policies listed above as context for your recommendations.`,
+        });
+
+        // Create the risk mitigation comment
+        await db.comment.create({
+          data: {
+            content: riskMitigationComment.text,
+            entityId: createdVendor.id,
+            entityType: CommentEntityType.vendor,
+            authorId: commentAuthor.id,
+            organizationId: payload.organizationId,
+          },
+        });
+
+        logger.info(
+          `Created risk mitigation comment for vendor: ${createdVendor.id} (${createdVendor.name})`,
+        );
+      }
+
       logger.info(
         `Created vendor: ${createdVendor.id} (${createdVendor.name}) with handle ${handle.id}`,
       );
@@ -190,15 +252,16 @@ export const onboardOrganization = task({
       logger.info(`Created risk: ${createdRisk.id} (${createdRisk.title})`);
     }
 
-    const policies = await db.policy.findMany({
+    // Re-fetch policies with full data for policy updates
+    const fullPolicies = await db.policy.findMany({
       where: {
         organizationId: payload.organizationId,
       },
     });
 
-    if (policies.length > 0) {
+    if (fullPolicies.length > 0) {
       await updatePolicies.batchTriggerAndWait(
-        policies.map((policy) => ({
+        fullPolicies.map((policy) => ({
           payload: {
             organizationId: payload.organizationId,
             policyId: policy.id,
diff --git a/apps/app/src/jobs/tasks/onboarding/prompts/vendor-risk-assessment.ts b/apps/app/src/jobs/tasks/onboarding/prompts/vendor-risk-assessment.ts
new file mode 100644
index 000000000..85f33d05d
--- /dev/null
+++ b/apps/app/src/jobs/tasks/onboarding/prompts/vendor-risk-assessment.ts
@@ -0,0 +1,53 @@
+export const VENDOR_RISK_ASSESSMENT_PROMPT = `Comprehensive Vendor Risk Assessment
+You are a risk-management assistant. Your task is to perform a comprehensive risk assessment based on a provided vendor name and your internal knowledge of a company's security policy library.
+
+IMPORTANT CONTEXT: Assume you are assessing vendors for a modern SaaS company. Consider realistic constraints:
+- The company likely uses cloud services and modern tech stack
+- Focus ONLY on controls that the COMPANY can implement, not what the vendor should do
+- Modern SaaS vendors (like Rippling, Slack, etc.) already have standard security measures (TLS, encryption, access controls) - don't suggest these
+- Focus on governance, oversight, configuration, and contractual controls the company can actually manage
+- Consider the vendor's maturity level - don't suggest basic security controls for established enterprise vendors
+
+INPUTS
+
+- Vendor: [User will insert a vendor name and description here]
+- Available Organization Policies: [User will provide a list of the organization's actual security policies with names and descriptions]
+- CONTEXTUAL KNOWLEDGE: You have access to the organization's actual security policies provided in the prompt. You must use these specific policies to inform your entire response and select the most relevant ones for the vendor being assessed.
+
+MAIN TASKS
+
+When generating your treatment plan, internally consider:
+- What the COMPANY can realistically control vs. what the VENDOR controls
+- The vendor's maturity level (enterprise SaaS vs. startup vs. niche provider)
+- Which policies from the Available Organization Policies list are most relevant
+- Focus on governance, contractual, and oversight controls rather than technical implementation
+- What data the company shares and how they can manage that relationship
+- Prioritize the most relevant and actionable controls for this specific vendor relationship
+
+1. Generate Treatment Plan:
+    - Set the treatment type.
+    - Focus ONLY on controls the COMPANY can implement:
+        * Contractual and legal controls (agreements, SLAs, terms)
+        * Governance controls (reviews, assessments, monitoring)
+        * Configuration controls (settings the company controls in the vendor's system)
+        * Access management (who in the company has access, roles, permissions)
+        * Data management (what data to share, classification, retention)
+        * Oversight controls (auditing vendor compliance, incident response)
+    - AVOID suggesting controls the vendor implements:
+        * Technical security measures (TLS, encryption, firewalls) - vendors handle this
+        * Infrastructure controls (servers, networks, backup systems) - not company's responsibility
+        * Vendor's internal processes (their access controls, their monitoring) - outside company control
+    - Consider vendor maturity: Enterprise SaaS vendors have robust security - focus on governance, not basic security
+    - EXAMPLES of GOOD controls for Rippling: "Conduct quarterly access reviews of employee accounts", "Establish data retention policies for employee records", "Require vendor to provide annual SOC 2 reports"
+    - EXAMPLES of BAD controls for Rippling: "Require TLS 1.2+ encryption", "Implement vendor firewalls", "Configure vendor backup systems"
+    - Crucially, rephrase each control in your own words. Do not copy text directly from the policy.
+2. Present Output: Provide your response in the exact plain-text structure below with no extra formatting:
+
+IMPORTANT: Do not include any reasoning, thoughts, analysis, or explanations in your response. Only provide the treatment plan in the exact format below. Do not mention which policies you selected or why - just provide the clean output.
+
+Treatment plan ([Type])
+This plan reduces the risk through [X] controls:
+- [Control description]
+- [Control description]
+- [Control description]
+- [Additional controls as needed]`;
diff --git a/bun.lock b/bun.lock
index f7885fcfa..fa0401607 100644
--- a/bun.lock
+++ b/bun.lock
@@ -26,7 +26,7 @@
         "@types/lodash": "^4.17.17",
         "@types/react": "^19.1.6",
         "@types/react-dom": "^19.1.1",
-        "ai": "^4.3.16",
+        "ai": "^5.0.0",
         "better-auth": "^1.2.8",
         "concurrently": "^9.1.2",
         "d3": "^7.9.0",
@@ -58,10 +58,11 @@
       "name": "@comp/app",
       "version": "0.1.0",
       "dependencies": {
-        "@ai-sdk/groq": "^1.2.8",
-        "@ai-sdk/openai": "^1.3.19",
-        "@ai-sdk/provider": "^1.1.3",
-        "@ai-sdk/react": "^1.2.9",
+        "@ai-sdk/anthropic": "^2.0.0",
+        "@ai-sdk/groq": "^2.0.0",
+        "@ai-sdk/openai": "^2.0.0",
+        "@ai-sdk/provider": "^2.0.0",
+        "@ai-sdk/react": "^2.0.0",
         "@aws-sdk/client-s3": "^3.806.0",
         "@aws-sdk/client-sts": "^3.808.0",
         "@aws-sdk/s3-request-presigner": "^3.832.0",
@@ -106,7 +107,7 @@
         "@uploadthing/react": "^7.3.0",
         "@upstash/ratelimit": "^2.0.5",
         "@vercel/sdk": "^1.7.1",
-        "ai": "^4.3.16",
+        "ai": "^5.0.0",
         "axios": "^1.9.0",
         "better-auth": "^1.2.8",
         "canvas-confetti": "^1.9.3",
@@ -262,13 +263,13 @@
       "name": "@trycompai/integrations",
       "version": "1.0.0",
       "dependencies": {
-        "@ai-sdk/openai": "^1.3.19",
+        "@ai-sdk/openai": "^2.0.0",
         "@aws-sdk/client-securityhub": "^3.0.0",
         "@azure/identity": "^4.10.0",
         "@comp/app": "workspace:*",
         "@slack/bolt": "^3.22.0",
         "@slack/web-api": "^7.8.0",
-        "ai": "^4.3.16",
+        "ai": "^5.0.0",
         "jsonwebtoken": "^9.0.2",
         "node-fetch": "^2.6.7",
         "sharp": "^0.34.2",
@@ -398,17 +399,19 @@
   "packages": {
     "@adobe/css-tools": ["@adobe/css-tools@4.4.3", "", {}, "sha512-VQKMkwriZbaOgVCby1UDY/LDk5fIjhQicCvVPFqfe+69fWaPWydbWJ3wRt59/YzIwda1I81loas3oCoHxnqvdA=="],
 
-    "@ai-sdk/groq": ["@ai-sdk/groq@1.2.9", "", { "dependencies": { "@ai-sdk/provider": "1.1.3", "@ai-sdk/provider-utils": "2.2.8" }, "peerDependencies": { "zod": "^3.0.0" } }, "sha512-7MoDaxm8yWtiRbD1LipYZG0kBl+Xe0sv/EeyxnHnGPZappXdlgtdOgTZVjjXkT3nWP30jjZi9A45zoVrBMb3Xg=="],
+    "@ai-sdk/anthropic": ["@ai-sdk/anthropic@2.0.0", "", { "dependencies": { "@ai-sdk/provider": "2.0.0", "@ai-sdk/provider-utils": "3.0.0" }, "peerDependencies": { "zod": "^3.25.76 || ^4" } }, "sha512-uyyaO4KhxoIKZztREqLPh+6/K3ZJx/rp72JKoUEL9/kC+vfQTThUfPnY/bUryUpcnawx8IY/tSoYNOi/8PCv7w=="],
 
-    "@ai-sdk/openai": ["@ai-sdk/openai@1.3.23", "", { "dependencies": { "@ai-sdk/provider": "1.1.3", "@ai-sdk/provider-utils": "2.2.8" }, "peerDependencies": { "zod": "^3.0.0" } }, "sha512-86U7rFp8yacUAOE/Jz8WbGcwMCqWvjK33wk5DXkfnAOEn3mx2r7tNSJdjukQFZbAK97VMXGPPHxF+aEARDXRXQ=="],
+    "@ai-sdk/gateway": ["@ai-sdk/gateway@1.0.0", "", { "dependencies": { "@ai-sdk/provider": "2.0.0", "@ai-sdk/provider-utils": "3.0.0" }, "peerDependencies": { "zod": "^3.25.76 || ^4" } }, "sha512-VEm87DyRx1yIPywbTy8ntoyh4jEDv1rJ88m+2I7zOm08jJI5BhFtAWh0OF6YzZu1Vu4NxhOWO4ssGdsqydDQ3A=="],
 
-    "@ai-sdk/provider": ["@ai-sdk/provider@1.1.3", "", { "dependencies": { "json-schema": "^0.4.0" } }, "sha512-qZMxYJ0qqX/RfnuIaab+zp8UAeJn/ygXXAffR5I4N0n1IrvA6qBsjc8hXLmBiMV2zoXlifkacF7sEFnYnjBcqg=="],
+    "@ai-sdk/groq": ["@ai-sdk/groq@2.0.0", "", { "dependencies": { "@ai-sdk/provider": "2.0.0", "@ai-sdk/provider-utils": "3.0.0" }, "peerDependencies": { "zod": "^3.25.76 || ^4" } }, "sha512-3N1Rcg6wWaT8Vugqcg6N6PrEHI2NlunFqFQKJ12f37VZSXc4BL5G29PqJfrD9mOUP9h2f84wPiArg1py8Uhmmg=="],
 
-    "@ai-sdk/provider-utils": ["@ai-sdk/provider-utils@2.2.8", "", { "dependencies": { "@ai-sdk/provider": "1.1.3", "nanoid": "^3.3.8", "secure-json-parse": "^2.7.0" }, "peerDependencies": { "zod": "^3.23.8" } }, "sha512-fqhG+4sCVv8x7nFzYnFo19ryhAa3w096Kmc3hWxMQfW/TubPOmt3A6tYZhl4mUfQWWQMsuSkLrtjlWuXBVSGQA=="],
+    "@ai-sdk/openai": ["@ai-sdk/openai@2.0.0", "", { "dependencies": { "@ai-sdk/provider": "2.0.0", "@ai-sdk/provider-utils": "3.0.0" }, "peerDependencies": { "zod": "^3.25.76 || ^4" } }, "sha512-G0WY5K81JwGpuX9HEmP2VTdt3N9m43qPnGT4fWkXcpu6Y2B05nnjs8k1r/csCJd8+TkYC6esjBABQYHxdMOejQ=="],
 
-    "@ai-sdk/react": ["@ai-sdk/react@1.2.12", "", { "dependencies": { "@ai-sdk/provider-utils": "2.2.8", "@ai-sdk/ui-utils": "1.2.11", "swr": "^2.2.5", "throttleit": "2.1.0" }, "peerDependencies": { "react": "^18 || ^19 || ^19.0.0-rc", "zod": "^3.23.8" }, "optionalPeers": ["zod"] }, "sha512-jK1IZZ22evPZoQW3vlkZ7wvjYGYF+tRBKXtrcolduIkQ/m/sOAVcVeVDUDvh1T91xCnWCdUGCPZg2avZ90mv3g=="],
+    "@ai-sdk/provider": ["@ai-sdk/provider@2.0.0", "", { "dependencies": { "json-schema": "^0.4.0" } }, "sha512-6o7Y2SeO9vFKB8lArHXehNuusnpddKPk7xqL7T2/b+OvXMRIXUO1rR4wcv1hAFUAT9avGZshty3Wlua/XA7TvA=="],
 
-    "@ai-sdk/ui-utils": ["@ai-sdk/ui-utils@1.2.11", "", { "dependencies": { "@ai-sdk/provider": "1.1.3", "@ai-sdk/provider-utils": "2.2.8", "zod-to-json-schema": "^3.24.1" }, "peerDependencies": { "zod": "^3.23.8" } }, "sha512-3zcwCc8ezzFlwp3ZD15wAPjf2Au4s3vAbKsXQVyhxODHcmu0iyPO2Eua6D/vicq/AUm/BAo60r97O6HU+EI0+w=="],
+    "@ai-sdk/provider-utils": ["@ai-sdk/provider-utils@3.0.0", "", { "dependencies": { "@ai-sdk/provider": "2.0.0", "@standard-schema/spec": "^1.0.0", "eventsource-parser": "^3.0.3", "zod-to-json-schema": "^3.24.1" }, "peerDependencies": { "zod": "^3.25.76 || ^4" } }, "sha512-BoQZtGcBxkeSH1zK+SRYNDtJPIPpacTeiMZqnG4Rv6xXjEwM0FH4MGs9c+PlhyEWmQCzjRM2HAotEydFhD4dYw=="],
+
+    "@ai-sdk/react": ["@ai-sdk/react@2.0.0", "", { "dependencies": { "@ai-sdk/provider-utils": "3.0.0", "ai": "5.0.0", "swr": "^2.2.5", "throttleit": "2.1.0" }, "peerDependencies": { "react": "^18 || ^19 || ^19.0.0-rc", "zod": "^3.25.76 || ^4" }, "optionalPeers": ["zod"] }, "sha512-am4xt+Zh+hMBNmnSOG9cEg7vlDqAg+Du4wGgFskHO6xRXYpntjJB1zP9H2ZCB1hNL5Y8vRmE2quZEWDUuNrnGA=="],
 
     "@alloc/quick-lru": ["@alloc/quick-lru@5.2.0", "", {}, "sha512-UrcABB+4bUrFABwbluTIBErXwvbsU/V7TZWfmbgJfbkwiBuziS9gxdODUyuiecfdGQ85jglMW6juS3+z5TsKLw=="],
 
@@ -1684,8 +1687,6 @@
 
     "@types/deep-eql": ["@types/deep-eql@4.0.2", "", {}, "sha512-c9h9dVVMigMPc4bwTvC5dxqtqJZwQPePsWjPlpSOnojbor6pGqdk541lfA7AqFQr5pB1BRdq0juY9db81BwyFw=="],
 
-    "@types/diff-match-patch": ["@types/diff-match-patch@1.0.36", "", {}, "sha512-xFdR6tkm0MWvBfO8xXCSsinYxHcqkQUlcHeSpMC2ukzOb6lwQAfDmW+Qt0AvlGd8HpsS28qKsB+oPeJn9I39jg=="],
-
     "@types/draco3d": ["@types/draco3d@1.4.10", "", {}, "sha512-AX22jp8Y7wwaBgAixaSvkoG4M/+PlAcm3Qs4OW8yT9DM4xUpWKeFhLueTAyZF39pviAdcDdeJoACapiAceqNcw=="],
 
     "@types/estree": ["@types/estree@1.0.8", "", {}, "sha512-dWHzHa2WqEXI/O1E9OjrocMTKJl2mSrEolh1Iomrv6U+JuNwaHXsXx9bLu5gG7BUWFIN0skIQJQ/L1rIex4X6w=="],
@@ -1906,7 +1907,7 @@
 
     "aggregate-error": ["aggregate-error@3.1.0", "", { "dependencies": { "clean-stack": "^2.0.0", "indent-string": "^4.0.0" } }, "sha512-4I7Td01quW/RpocfNayFdFVk1qSuoh0E7JrbRJ16nH01HhKFQ88INq9Sd+nd72zqRySlr9BmDA8xlEJ6vJMrYA=="],
 
-    "ai": ["ai@4.3.19", "", { "dependencies": { "@ai-sdk/provider": "1.1.3", "@ai-sdk/provider-utils": "2.2.8", "@ai-sdk/react": "1.2.12", "@ai-sdk/ui-utils": "1.2.11", "@opentelemetry/api": "1.9.0", "jsondiffpatch": "0.6.0" }, "peerDependencies": { "react": "^18 || ^19 || ^19.0.0-rc", "zod": "^3.23.8" }, "optionalPeers": ["react"] }, "sha512-dIE2bfNpqHN3r6IINp9znguYdhIOheKW2LDigAMrgt/upT3B8eBGPSCblENvaZGoq+hxaN9fSMzjWpbqloP+7Q=="],
+    "ai": ["ai@5.0.0", "", { "dependencies": { "@ai-sdk/gateway": "1.0.0", "@ai-sdk/provider": "2.0.0", "@ai-sdk/provider-utils": "3.0.0", "@opentelemetry/api": "1.9.0" }, "peerDependencies": { "zod": "^3.25.76 || ^4" } }, "sha512-F4jOhOSeiZD8lXpF4l1hRqyM1jbqoLKGVZNxAP467wmQCsWUtElMa3Ki5PrDMq6qvUNC3deUKfERDAsfj7IDlg=="],
 
     "ajv": ["ajv@6.12.6", "", { "dependencies": { "fast-deep-equal": "^3.1.1", "fast-json-stable-stringify": "^2.0.0", "json-schema-traverse": "^0.4.1", "uri-js": "^4.2.2" } }, "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g=="],
 
@@ -2368,8 +2369,6 @@
 
     "didyoumean": ["didyoumean@1.2.2", "", {}, "sha512-gxtyfqMg7GKyhQmb056K7M3xszy/myH8w+B4RT+QXBQsvAOdc3XymqDDPHx1BgPgsdAA5SIifona89YtRATDzw=="],
 
-    "diff-match-patch": ["diff-match-patch@1.0.5", "", {}, "sha512-IayShXAgj/QMXgB0IWmKx+rOPuGMhqm5w6jvFxmVenXKIzRqTAAsbBPT3kWQeGANj3jGgvcvv4yK6SxqYmikgw=="],
-
     "dir-glob": ["dir-glob@3.0.1", "", { "dependencies": { "path-type": "^4.0.0" } }, "sha512-WkrWp9GR4KXfKGYzOLmTuGVi1UWFfws377n9cc55/tb6DuqyF6pcQ5AbiHEshaDpY9v6oaSr2XCDidGmMwdzIA=="],
 
     "discord-api-types": ["discord-api-types@0.38.17", "", {}, "sha512-/fCx5jdUoR2hBFcj77Qx7Tmx1Ub8V/QpyS6uorjFvxRLcJJ348QxMFml9QW/eXh3i46eO4Ve8qGVepStpInEPg=="],
@@ -2976,8 +2975,6 @@
 
     "jsonc-parser": ["jsonc-parser@3.3.1", "", {}, "sha512-HUgH65KyejrUFPvHFPbqOY0rsFip3Bo5wb4ngvdi1EpCYWUQDC5V+Y7mZws+DLkr4M//zQJoanu1SP+87Dv1oQ=="],
 
-    "jsondiffpatch": ["jsondiffpatch@0.6.0", "", { "dependencies": { "@types/diff-match-patch": "^1.0.36", "chalk": "^5.3.0", "diff-match-patch": "^1.0.5" }, "bin": { "jsondiffpatch": "bin/jsondiffpatch.js" } }, "sha512-3QItJOXp2AP1uv7waBkao5nCvhEv+QmJAd38Ybq7wNI74Q+BBmnLn4EDKz6yI9xGAIQoUF87qHt+kc1IVxB4zQ=="],
-
     "jsonfile": ["jsonfile@6.1.0", "", { "dependencies": { "universalify": "^2.0.0" }, "optionalDependencies": { "graceful-fs": "^4.1.6" } }, "sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ=="],
 
     "jsonparse": ["jsonparse@1.3.1", "", {}, "sha512-POQXvpdL69+CluYsillJ7SUhKvytYjW9vG/GKpnf+xP8UWgYEM/RaMzHHofbALDiKbbP1W8UEYmgGl39WkPZsg=="],
@@ -3816,8 +3813,6 @@
 
     "section-matter": ["section-matter@1.0.0", "", { "dependencies": { "extend-shallow": "^2.0.1", "kind-of": "^6.0.0" } }, "sha512-vfD3pmTzGpufjScBh50YHKzEu2lxBWhVEHsNGoEXmCmn2hKGfeNLYMzCJpe8cD7gqX7TJluOVpBkAequ6dgMmA=="],
 
-    "secure-json-parse": ["secure-json-parse@2.7.0", "", {}, "sha512-6aU+Rwsezw7VR8/nyvKTx8QpWH9FrcYiXXlqC4z5d5XQBDRqtbfsRjnwGyqbi3gddNtWHuEk9OANUotL26qKUw=="],
-
     "selderee": ["selderee@0.11.0", "", { "dependencies": { "parseley": "^0.12.0" } }, "sha512-5TF+l7p4+OsnP8BCCvSyZiSPc4x4//p5uPwK8TCnVPJYRmU2aYKMpOXvw8zM5a5JvuuCGN1jmsMwuU2W02ukfA=="],
 
     "semantic-release": ["semantic-release@24.2.7", "", { "dependencies": { "@semantic-release/commit-analyzer": "^13.0.0-beta.1", "@semantic-release/error": "^4.0.0", "@semantic-release/github": "^11.0.0", "@semantic-release/npm": "^12.0.2", "@semantic-release/release-notes-generator": "^14.0.0-beta.1", "aggregate-error": "^5.0.0", "cosmiconfig": "^9.0.0", "debug": "^4.0.0", "env-ci": "^11.0.0", "execa": "^9.0.0", "figures": "^6.0.0", "find-versions": "^6.0.0", "get-stream": "^6.0.0", "git-log-parser": "^1.2.0", "hook-std": "^3.0.0", "hosted-git-info": "^8.0.0", "import-from-esm": "^2.0.0", "lodash-es": "^4.17.21", "marked": "^15.0.0", "marked-terminal": "^7.3.0", "micromatch": "^4.0.2", "p-each-series": "^3.0.0", "p-reduce": "^3.0.0", "read-package-up": "^11.0.0", "resolve-from": "^5.0.0", "semver": "^7.3.2", "semver-diff": "^4.0.0", "signale": "^1.2.1", "yargs": "^17.5.1" }, "bin": { "semantic-release": "bin/semantic-release.js" } }, "sha512-g7RssbTAbir1k/S7uSwSVZFfFXwpomUB9Oas0+xi9KStSCmeDXcA7rNhiskjLqvUe/Evhx8fVCT16OSa34eM5g=="],
@@ -4678,8 +4673,6 @@
 
     "its-fine/@types/react-reconciler": ["@types/react-reconciler@0.28.9", "", { "peerDependencies": { "@types/react": "*" } }, "sha512-HHM3nxyUZ3zAylX8ZEyrDNd2XZOnQ0D5XfunJF5FLQnZbHHYq4UWvW1QfelQNXv1ICNkwYhfxjwfnqivYB6bFg=="],
 
-    "jsondiffpatch/chalk": ["chalk@5.4.1", "", {}, "sha512-zgVZuo2WcZgfUEmsn6eO3kINexW8RAE4maiQ8QNs8CtpPCSyMiYsULR3HQYkm3w8FIA3SberyMJMSldGsW+U3w=="],
-
     "jszip/readable-stream": ["readable-stream@2.3.8", "", { "dependencies": { "core-util-is": "~1.0.0", "inherits": "~2.0.3", "isarray": "~1.0.0", "process-nextick-args": "~2.0.0", "safe-buffer": "~5.1.1", "string_decoder": "~1.1.1", "util-deprecate": "~1.0.1" } }, "sha512-8p0AUk4XODgIewSi0l8Epjs+EVnWiK7NoDIEGU0HhE7+ZyY8D1IMY7odu5lRrFXGg71L15KG8QrPmum45RTtdA=="],
 
     "jwa/safe-buffer": ["safe-buffer@5.2.1", "", {}, "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ=="],
diff --git a/package.json b/package.json
index 10a2e2fbf..d177c69ea 100644
--- a/package.json
+++ b/package.json
@@ -24,7 +24,7 @@
     "@types/lodash": "^4.17.17",
     "@types/react": "^19.1.6",
     "@types/react-dom": "^19.1.1",
-    "ai": "^4.3.16",
+    "ai": "^5.0.0",
     "better-auth": "^1.2.8",
     "concurrently": "^9.1.2",
     "d3": "^7.9.0",
diff --git a/packages/integrations/package.json b/packages/integrations/package.json
index 6d31afbd4..58220f6dc 100644
--- a/packages/integrations/package.json
+++ b/packages/integrations/package.json
@@ -2,13 +2,13 @@
   "name": "@trycompai/integrations",
   "version": "1.0.0",
   "dependencies": {
-    "@ai-sdk/openai": "^1.3.19",
+    "@ai-sdk/openai": "^2.0.0",
     "@aws-sdk/client-securityhub": "^3.0.0",
     "@azure/identity": "^4.10.0",
     "@comp/app": "workspace:*",
     "@slack/bolt": "^3.22.0",
     "@slack/web-api": "^7.8.0",
-    "ai": "^4.3.16",
+    "ai": "^5.0.0",
     "jsonwebtoken": "^9.0.2",
     "node-fetch": "^2.6.7",
     "sharp": "^0.34.2",

From 15d7d667556a71a2f8702c0ff88a5c331b0224ff Mon Sep 17 00:00:00 2001
From: Mariano Fuentes <marfuen98@gmail.com>
Date: Thu, 31 Jul 2025 18:06:52 -0400
Subject: [PATCH 5/5] feat: add @ai-sdk/rsc package and update imports

- Added the @ai-sdk/rsc package version 1.0.0 to bun.lock and package.json.
- Updated import statements in message.tsx and use-streamable-text.tsx to use the new @ai-sdk/rsc package instead of the previous 'ai/rsc' path.
---
 apps/app/package.json                      |  1 +
 apps/app/src/components/ai/message.tsx     |  3 ++-
 apps/app/src/hooks/use-streamable-text.tsx |  2 +-
 bun.lock                                   | 11 +++++++++++
 4 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/apps/app/package.json b/apps/app/package.json
index e31619203..ef031840b 100644
--- a/apps/app/package.json
+++ b/apps/app/package.json
@@ -7,6 +7,7 @@
     "@ai-sdk/openai": "^2.0.0",
     "@ai-sdk/provider": "^2.0.0",
     "@ai-sdk/react": "^2.0.0",
+    "@ai-sdk/rsc": "^1.0.0",
     "@aws-sdk/client-s3": "^3.806.0",
     "@aws-sdk/client-sts": "^3.808.0",
     "@aws-sdk/s3-request-presigner": "^3.832.0",
diff --git a/apps/app/src/components/ai/message.tsx b/apps/app/src/components/ai/message.tsx
index 4ea10571d..9bed766f2 100644
--- a/apps/app/src/components/ai/message.tsx
+++ b/apps/app/src/components/ai/message.tsx
@@ -1,9 +1,10 @@
 'use client';
 
 import { useStreamableText } from '@/hooks/use-streamable-text';
+import { type StreamableValue } from '@ai-sdk/rsc';
 import { cn } from '@comp/ui/cn';
 import type { UIMessage } from 'ai';
-import type { StreamableValue } from 'ai/rsc';
+
 import equal from 'fast-deep-equal';
 import { ChevronDownIcon, ChevronUpIcon } from 'lucide-react';
 import { AnimatePresence, motion } from 'motion/react';
diff --git a/apps/app/src/hooks/use-streamable-text.tsx b/apps/app/src/hooks/use-streamable-text.tsx
index 89c7d4dc2..32414f8d9 100644
--- a/apps/app/src/hooks/use-streamable-text.tsx
+++ b/apps/app/src/hooks/use-streamable-text.tsx
@@ -1,4 +1,4 @@
-import { type StreamableValue, readStreamableValue } from 'ai/rsc';
+import { type StreamableValue, readStreamableValue } from '@ai-sdk/rsc';
 import { useEffect, useState, useTransition } from 'react';
 
 function useDebounce<T>(value: T, delay: number): T {
diff --git a/bun.lock b/bun.lock
index fa0401607..afa0a6b43 100644
--- a/bun.lock
+++ b/bun.lock
@@ -63,6 +63,7 @@
         "@ai-sdk/openai": "^2.0.0",
         "@ai-sdk/provider": "^2.0.0",
         "@ai-sdk/react": "^2.0.0",
+        "@ai-sdk/rsc": "^1.0.0",
         "@aws-sdk/client-s3": "^3.806.0",
         "@aws-sdk/client-sts": "^3.808.0",
         "@aws-sdk/s3-request-presigner": "^3.832.0",
@@ -413,6 +414,8 @@
 
     "@ai-sdk/react": ["@ai-sdk/react@2.0.0", "", { "dependencies": { "@ai-sdk/provider-utils": "3.0.0", "ai": "5.0.0", "swr": "^2.2.5", "throttleit": "2.1.0" }, "peerDependencies": { "react": "^18 || ^19 || ^19.0.0-rc", "zod": "^3.25.76 || ^4" }, "optionalPeers": ["zod"] }, "sha512-am4xt+Zh+hMBNmnSOG9cEg7vlDqAg+Du4wGgFskHO6xRXYpntjJB1zP9H2ZCB1hNL5Y8vRmE2quZEWDUuNrnGA=="],
 
+    "@ai-sdk/rsc": ["@ai-sdk/rsc@1.0.0", "", { "dependencies": { "@ai-sdk/provider": "2.0.0", "@ai-sdk/provider-utils": "3.0.0", "ai": "5.0.0", "jsondiffpatch": "0.6.0" }, "peerDependencies": { "react": "^18 || ^19 || ^19.0.0-rc", "zod": "^3.25.76 || ^4" }, "optionalPeers": ["zod"] }, "sha512-+sxLeWHNKDtNQQO1VTYBzNPvA4C02uZAC/7RQtmf2uKqV+0bY8SKcW/4a3PZHHVWMLOsb9F1BOUFQIrba4wcTQ=="],
+
     "@alloc/quick-lru": ["@alloc/quick-lru@5.2.0", "", {}, "sha512-UrcABB+4bUrFABwbluTIBErXwvbsU/V7TZWfmbgJfbkwiBuziS9gxdODUyuiecfdGQ85jglMW6juS3+z5TsKLw=="],
 
     "@ampproject/remapping": ["@ampproject/remapping@2.3.0", "", { "dependencies": { "@jridgewell/gen-mapping": "^0.3.5", "@jridgewell/trace-mapping": "^0.3.24" } }, "sha512-30iZtAPgz+LTIYoeivqYo853f02jBYSd5uGnGpkFV0M3xOt9aN73erkgYAmZU43x4VfqcnLxW9Kpg3R5LC4YYw=="],
@@ -1687,6 +1690,8 @@
 
     "@types/deep-eql": ["@types/deep-eql@4.0.2", "", {}, "sha512-c9h9dVVMigMPc4bwTvC5dxqtqJZwQPePsWjPlpSOnojbor6pGqdk541lfA7AqFQr5pB1BRdq0juY9db81BwyFw=="],
 
+    "@types/diff-match-patch": ["@types/diff-match-patch@1.0.36", "", {}, "sha512-xFdR6tkm0MWvBfO8xXCSsinYxHcqkQUlcHeSpMC2ukzOb6lwQAfDmW+Qt0AvlGd8HpsS28qKsB+oPeJn9I39jg=="],
+
     "@types/draco3d": ["@types/draco3d@1.4.10", "", {}, "sha512-AX22jp8Y7wwaBgAixaSvkoG4M/+PlAcm3Qs4OW8yT9DM4xUpWKeFhLueTAyZF39pviAdcDdeJoACapiAceqNcw=="],
 
     "@types/estree": ["@types/estree@1.0.8", "", {}, "sha512-dWHzHa2WqEXI/O1E9OjrocMTKJl2mSrEolh1Iomrv6U+JuNwaHXsXx9bLu5gG7BUWFIN0skIQJQ/L1rIex4X6w=="],
@@ -2369,6 +2374,8 @@
 
     "didyoumean": ["didyoumean@1.2.2", "", {}, "sha512-gxtyfqMg7GKyhQmb056K7M3xszy/myH8w+B4RT+QXBQsvAOdc3XymqDDPHx1BgPgsdAA5SIifona89YtRATDzw=="],
 
+    "diff-match-patch": ["diff-match-patch@1.0.5", "", {}, "sha512-IayShXAgj/QMXgB0IWmKx+rOPuGMhqm5w6jvFxmVenXKIzRqTAAsbBPT3kWQeGANj3jGgvcvv4yK6SxqYmikgw=="],
+
     "dir-glob": ["dir-glob@3.0.1", "", { "dependencies": { "path-type": "^4.0.0" } }, "sha512-WkrWp9GR4KXfKGYzOLmTuGVi1UWFfws377n9cc55/tb6DuqyF6pcQ5AbiHEshaDpY9v6oaSr2XCDidGmMwdzIA=="],
 
     "discord-api-types": ["discord-api-types@0.38.17", "", {}, "sha512-/fCx5jdUoR2hBFcj77Qx7Tmx1Ub8V/QpyS6uorjFvxRLcJJ348QxMFml9QW/eXh3i46eO4Ve8qGVepStpInEPg=="],
@@ -2975,6 +2982,8 @@
 
     "jsonc-parser": ["jsonc-parser@3.3.1", "", {}, "sha512-HUgH65KyejrUFPvHFPbqOY0rsFip3Bo5wb4ngvdi1EpCYWUQDC5V+Y7mZws+DLkr4M//zQJoanu1SP+87Dv1oQ=="],
 
+    "jsondiffpatch": ["jsondiffpatch@0.6.0", "", { "dependencies": { "@types/diff-match-patch": "^1.0.36", "chalk": "^5.3.0", "diff-match-patch": "^1.0.5" }, "bin": { "jsondiffpatch": "bin/jsondiffpatch.js" } }, "sha512-3QItJOXp2AP1uv7waBkao5nCvhEv+QmJAd38Ybq7wNI74Q+BBmnLn4EDKz6yI9xGAIQoUF87qHt+kc1IVxB4zQ=="],
+
     "jsonfile": ["jsonfile@6.1.0", "", { "dependencies": { "universalify": "^2.0.0" }, "optionalDependencies": { "graceful-fs": "^4.1.6" } }, "sha512-5dgndWOriYSm5cnYaJNhalLNDKOqFwyDB/rr1E9ZsGciGvKPs8R2xYGCacuf3z6K1YKDz182fd+fY3cn3pMqXQ=="],
 
     "jsonparse": ["jsonparse@1.3.1", "", {}, "sha512-POQXvpdL69+CluYsillJ7SUhKvytYjW9vG/GKpnf+xP8UWgYEM/RaMzHHofbALDiKbbP1W8UEYmgGl39WkPZsg=="],
@@ -4673,6 +4682,8 @@
 
     "its-fine/@types/react-reconciler": ["@types/react-reconciler@0.28.9", "", { "peerDependencies": { "@types/react": "*" } }, "sha512-HHM3nxyUZ3zAylX8ZEyrDNd2XZOnQ0D5XfunJF5FLQnZbHHYq4UWvW1QfelQNXv1ICNkwYhfxjwfnqivYB6bFg=="],
 
+    "jsondiffpatch/chalk": ["chalk@5.4.1", "", {}, "sha512-zgVZuo2WcZgfUEmsn6eO3kINexW8RAE4maiQ8QNs8CtpPCSyMiYsULR3HQYkm3w8FIA3SberyMJMSldGsW+U3w=="],
+
     "jszip/readable-stream": ["readable-stream@2.3.8", "", { "dependencies": { "core-util-is": "~1.0.0", "inherits": "~2.0.3", "isarray": "~1.0.0", "process-nextick-args": "~2.0.0", "safe-buffer": "~5.1.1", "string_decoder": "~1.1.1", "util-deprecate": "~1.0.1" } }, "sha512-8p0AUk4XODgIewSi0l8Epjs+EVnWiK7NoDIEGU0HhE7+ZyY8D1IMY7odu5lRrFXGg71L15KG8QrPmum45RTtdA=="],
 
     "jwa/safe-buffer": ["safe-buffer@5.2.1", "", {}, "sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ=="],