User-Friendly Error Handling for Input Page

[PinJinx]

Overview

This PR implements a user-friendly error popup for the input page.
Previously, errors (like unsupported file types) were displayed directly inside the input text area, which was confusing for users.
Now, any error will be shown in a clear popup modal instead.

---

Changes Introduced

• Added a reusable ErrorPopup component.
• Removed old logic that injected errors into the input area.

---

Related Issue

Fixes #276

Screenshots

---

Summary by CodeRabbit

• New Features

  • Introduced a dedicated error popup modal for displaying error messages separately from the main text input area.

• Chores

  • Updated dependency versioning to allow automatic minor and patch updates for "react-scripts".

[coderabbitai]

Walkthrough

The changes update the error handling on the input page by introducing a dedicated errorText state and rendering errors in a modal popup overlay instead of inside the main text area. Additionally, the react-scripts dependency in package.json is changed from an exact version to a caret range to allow minor and patch updates.

Changes

File(s)	Change Summary
eduaid_web/src/pages/Text_Input.jsx	Refactored error handling: introduced errorText state, modal popup for errors, separated from input area.
eduaid_web/package.json	Updated react-scripts version from 5.0.1 to ^5.0.1 to allow minor/patch upgrades.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant TextInputPage
    participant FileHandler
    participant ErrorModal

    User->>TextInputPage: Uploads file or fetches Google Doc
    TextInputPage->>FileHandler: Process input
    FileHandler-->>TextInputPage: Returns data or error
    alt Success
        TextInputPage->>TextInputPage: Update text state
    else Error
        TextInputPage->>ErrorModal: Set errorText and display modal
        User->>ErrorModal: Clicks close
        ErrorModal->>TextInputPage: Clear errorText and hide modal
    end

Loading

Assessment against linked issues

Objective	Addressed	Explanation
Errors should not appear inside the input area; input area remains untouched (#276)	✅
Errors should be shown in a popup modal, toast, or banner (#276)	✅
Error display should clearly explain the issue (#276)	✅
User should be able to dismiss the error easily (#276)	✅

Poem

A bug hopped in, but now it’s gone,
Errors no longer where they don’t belong!
A popup appears with a gentle nudge,
Explaining the trouble, no need to judge.
The input is clear, the rabbit’s delight—
Happy users hop on, all through the night!
🐇✨

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 97d9e89 and 4bdc8c1.

⛔ Files ignored due to path filters (1)

• eduaid_web/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (2)

• eduaid_web/package.json (1 hunks)
• eduaid_web/src/pages/Text_Input.jsx (4 hunks)

🚧 Files skipped from review as they are similar to previous changes (2)

• eduaid_web/package.json
• eduaid_web/src/pages/Text_Input.jsx

✨ Finishing Touches

• 📝 Generate Docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 2

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 122eefb and fe5cf02.

⛔ Files ignored due to path filters (1)

• eduaid_web/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (2)

• eduaid_web/package.json (1 hunks)
• eduaid_web/src/pages/Text_Input.jsx (4 hunks)

🔇 Additional comments (5)

eduaid_web/src/pages/Text_Input.jsx (5)

11-11: LGTM: Clean state management for error handling.

The addition of the errorText state variable properly separates error messages from the main text content, which aligns with the PR objective of improving error display.

---

35-40: LGTM: Improved error handling logic.

The conditional logic properly handles both success and error cases from the file upload response. The error clearing on successful upload (setErrorText("")) is a good practice to ensure stale errors don't persist.

---

43-43: LGTM: Consistent error handling.

The catch block correctly uses setErrorText for network-level errors during file upload.

---

76-76: LGTM: Consistent error messaging.

The error messages are consistent and descriptive for both network errors and API failures.

Also applies to: 80-80

---

177-193: LGTM: Well-implemented error popup modal.

The error popup implementation is well-designed with:

• Proper modal overlay with backdrop blur
• Consistent styling using gradient themes
• Clear call-to-action with close functionality
• Conditional rendering based on error state

The modal follows good UX practices by providing a prominent, non-intrusive way to display errors.

[coderabbitai]

💡 Verification agent

🧩 Analysis chain

Verify that the version range change is intentional and secure.

The change from exact version "5.0.1" to caret range "^5.0.1" allows automatic updates to minor and patch versions. While this provides flexibility for bug fixes and security patches, ensure this aligns with your project's dependency management strategy.

---

🌐 Web query:

What is the latest version of react-scripts and are there any security vulnerabilities in version 5.0.1?

💡 Result:

As of July 16, 2025, the latest version of react-scripts is 5.0.1, released approximately three years ago. This version has been identified to contain several security vulnerabilities, including:

• Regular Expression Denial of Service (ReDoS): The nth-check package, a dependency of [email protected], is susceptible to ReDoS attacks. (github.com)

• Denial of Service (DoS): The nwsapi package, also a dependency, has been found vulnerable to DoS attacks. (github.com)

• Cross-Site Scripting (XSS): The serialize-javascript package, used within [email protected], has a vulnerability that can lead to XSS attacks. (github.com)

Given these vulnerabilities and the lack of recent updates to react-scripts, it's advisable to consider alternative build tools for React applications. Modern tools like Vite offer improved performance, active maintenance, and better support for current React features. (blog.logrocket.com)

If you choose to continue using [email protected], ensure that all dependencies are updated to their latest secure versions and monitor for any patches or updates that may address these vulnerabilities.

Citations:

• 1: Snyk Vulnerabilities on [email protected] facebook/create-react-app#13062
• 2: Snyk Vulnerabilities on [email protected] facebook/create-react-app#13062
• 3: react-scripts-5.0.1.tgz: 13 vulnerabilities (highest severity is: 9.3) KOSASIH/pailot-for-pi#34
• 4: https://blog.logrocket.com/react-scripts/?utm_source=openai

---

Action Required: Address Security Vulnerabilities in [email protected]

The change from "5.0.1" → "^5.0.1" does not pull in any newer, patched versions (5.0.1 is still the latest release) and that release is known to contain several security issues:

• Regular Expression DoS in nth-check
• Denial of Service in nwsapi
• Cross-Site Scripting in serialize-javascript

Even with a caret range, you’ll remain on 5.x without fixes. Please choose one of the following:

• Migrate off react-scripts to a modern, actively maintained bundler (e.g. Vite)
• Stay on CRA but manually patch or override the vulnerable transitive dependencies (e.g. via resolutions or patch-package) and monitor for upstream fixes

File: eduaid_web/package.json (line 15)

🤖 Prompt for AI Agents

In eduaid_web/package.json at line 15, the dependency react-scripts is set to
version "^5.0.1", which does not include any patched versions and contains known
security vulnerabilities. To fix this, either migrate the project away from
react-scripts to a modern bundler like Vite, or if staying with react-scripts,
add overrides or patches for the vulnerable transitive dependencies using tools
like "resolutions" or "patch-package" and keep monitoring for official fixes.