Migration logistic-sentry to Tinyfish SDK

[KrishnaAgarwal7531]

Migrates Logistics Sentry from raw TinyFish HTTP calls to the official SDK across all three API routes. The app uses both the Search API (to discover official port and carrier URLs when they're not in the knowledge base) and the Agent API (to navigate those pages and extract structured risk signals).
Fixes the leaked .env.local — key has been rotated by @simantak-dabhade. .gitignore added so this can't happen again. env.example renamed to .env.example with the get-your-key URL comment. Package name corrected from inventory-risk-agent to logistics-sentry. README completed — the previous version ended mid-sentence at step 2 of setup.

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 6c596348-d213-479c-bc1e-c23f86c33dd2

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[simantak-dabhade]

Review: Migration logistics-sentry to TinyFish SDK

Security check: PASS — no secrets at HEAD. The leaked key from the earlier attempt is only in branch history and will not survive squash merge.

---

Blocker: Build fails without API key

npm run build crashes during page data collection because the TinyFish SDK client is instantiated at module level in two files:

• src/lib/tinyfish.js:5 — const client = new TinyFish({ apiKey: process.env.TINYFISH_API_KEY });
• src/lib/pricing-intelligence.js:5 — same pattern

The SDK throws SDKError: Missing API key when TINYFISH_API_KEY isn't set (which is always the case at build time).

Fix: Move client creation inside each exported function (like you already do correctly in src/lib/logistics/agent.js:63), or use a lazy getter:

let _client;
function getClient() {
  if (!_client) _client = new TinyFish({ apiKey: process.env.TINYFISH_API_KEY });
  return _client;
}

---

Non-blocking feedback

1. 8 unused component files — ActionPanel.js, ActivityFeed.js, DecisionReasoning.js, InventoryAlert.js, InventoryInput.js, LiveStream.js, MetricCard.js, RiskAssessment.js are never imported. Consider removing them.

2. Duplicate line in src/lib/decision-engine.js:9-10 — the ESCALATE check appears twice.

3. Dev notes in code — src/app/competitive-pricing/page.js:163-171 has a stream-of-consciousness comment block that reads like work notes. Please clean up or remove.

4. README inaccuracy — Constraint checklist says Promise.allSettled but the code uses Promise.all (agent.js:436).

---

What looks good ✓

• SDK usage is solid: client.agent.stream(), client.search.query(), proper EventType/RunStatus handling
• .env.example correct with canonical sign-up URL
• .gitignore properly covers .env variants
• No Groq dependency, no Mino refs, no hardcoded secrets
• 45MB demo video correctly deleted

Please fix the build blocker and I'll re-review. Thanks!