cookbook icon indicating copy to clipboard operation
cookbook copied to clipboard
verified publisher icon google-gemini

Enhance Error Handling in callGemini and other Functions

Open amanmogal opened this issue 10 months ago • 2 comments

Description of the bug:

The function callGemini and other functions in the utils.gs file does not handle potential errors from network requests effectively, and there is a risk of API key exposure. Here are the main concerns:

  1. Error Handling: The function does not handle possible errors like network failures or invalid responses from the API. Steps to Reproduce the Issue:

  2. Run the callGemini function with an invalid API endpoint or network conditions that cause a failure.

  3. Observe that there is no error handling mechanism to catch and address the failure.

Actual vs expected behavior:

  • Error Handling:

  • Actual: No error handling for network failures or invalid API responses.

  • Expected: Proper error handling to log errors and return meaningful messages.

Any other information you'd like to share?

No response

amanmogal avatar Mar 15 '25 08:03 amanmogal

I'd like to work on this issue. My plan is to:

  1. Implement try/catch blocks for all API calls
  2. Move the API key to auth headers instead of URL parameters
  3. Add input validation for all functions
  4. Add proper error logging

Let me know if you'd like me to proceed with these changes.

Bhavesh2k4 avatar Mar 15 '25 08:03 Bhavesh2k4

I've been working on this issue and here are some ideas I've come up with:

for Error Handling, you can wrap network requests in a try/catch block so that if something goes wrong, the script can catch the error and handle it gracefully instead of crashing. You can also set muteHttpExceptions: true to inspect response codes and decide how to proceed when you don't get a 200 status. for API Key Security= Rather than hardcoding my API key in the code, it's better to move it to a secure storage solution. I'm using the Properties Service for now, but I recommend considering Google Cloud Secret Manager for even tighter security. This helps prevent accidental exposure of the key. Also, you can implement a retry mechanism with delays to handle intermittent failures. Plus, adding logging or notifications will alert you if repeated attempts fail, so you can jump in and troubleshoot before it becomes a bigger problem.

Let me know if you need updated codes for this.

SaurabMishra12 avatar Mar 31 '25 12:03 SaurabMishra12