ai-hackathon-starter-kit icon indicating copy to clipboard operation
ai-hackathon-starter-kit copied to clipboard
verified publisher icon rohit-lakhanpal

Modernize dependencies: Azure AI SDKs to 2024-10-21 GA, Speech SDK 1.47.0, MUI v6

Open Copilot opened this issue 5 months ago • 1 comments

PR Summary

Updates dependencies from 2023 versions to November 2025 releases. Migrates to GA Azure AI SDKs, eliminates 18 API vulnerabilities, reduces UI vulnerabilities from 41 to 9 (dev-only).

Breaking Changes

Azure AI Language

  • @azure/ai-text-analytics@azure/ai-language-text (1.1.0)
  • Batch analysis pattern with pollers replaces direct method calls
// Before
const sentiment = await client.analyzeSentiment([text], "en");

// After
const poller = await client.beginAnalyzeBatch([{kind: "SentimentAnalysis"}], [text], "en");
const results = await poller.pollUntilDone();

Azure OpenAI

  • @azure/openai beta (1.0.0-beta.5) → GA (2.0.0)
  • API version: 2023-05-15 → 2024-10-21
  • OpenAIClientAzureOpenAI class with new method structure
// Before
const client = new OpenAIClient(endpoint, new AzureKeyCredential(key));
const completion = await client.getChatCompletions(deployment, messages);

// After
const client = new AzureOpenAI({endpoint, apiKey, apiVersion: "2024-10-21"});
const completion = await client.chat.completions.create({model: deployment, messages});

UI Dependencies

  • web-vitals: ReportHandlerMetric, getCLS()onCLS()
  • Material-UI v5 → v6 (6.3.0)
  • Speech SDK: 1.27.0 → 1.47.0

Environment Variables

Update .env files:

OPENAI_AZURE_API_VERSION_OPTIONAL="2024-10-21"
OPENAI_AZURE_MODELS_CHAT="gpt-4o_or_gpt-4_deployment_name"

Other Updates

  • Langchain: 0.0.66 → 0.3.36
  • React: 18.2.0 → 18.3.1
  • Express: 4.18.2 → 4.21.2
  • Axios: 1.4.0 → 1.7.9
  • Removed standalone openai package (via langchain)
  • Replaced rimraf with native fs.rm

Security Impact

  • API: 18 vulnerabilities → 0
  • UI Production: 0 vulnerabilities
  • UI Dev: 9 vulnerabilities (react-scripts dependencies, dev-only)
  • CodeQL: 0 alerts

Documentation

  • docs/MIGRATION.md: Step-by-step migration guide with API comparisons
  • docs/SECURITY.md: Detailed security assessment
  • Updated CHANGELOG.md, README.md, .env-sample files

PR Checklist

  • [x] PR has a meaningful title
  • [x] Summarized changes
  • [ ] Change is not breaking (has breaking changes - see MIGRATION.md)
  • [x] This PR is ready to merge and is not Work in Progress
  • Code changes
    • [x] Link to a filed issue
    • [x] Change log has been updated with change under unreleased section
Original prompt

This section details on the original issue you should resolve

<issue_title>Update dependencies and adopt latest Azure AI SDKs for the AI Hackathon Starter Kit Overview</issue_title> <issue_description>### Title

Update dependencies and adopt latest Azure AI SDKs for the AI Hackathon Starter Kit

Overview

The current AI Hackathon Starter Kit was built around mid‑2023, and many of its dependencies have since moved ahead. Updating the kit to the latest SDKs will ensure that it remains secure, maintainable and that developers can take advantage of new Azure AI features (e.g., new OpenAI API versions and newer Speech SDKs). For instance, the microsoft‑cognitiveservices‑speech‑sdk package has progressed to version 1.47.0 as of November 2025:contentReference[oaicite:0]{index=0}, while the project is currently pinned to 1.27.0. Azure OpenAI’s GA API version has also moved to 2024‑10‑21, replacing the 2024‑06‑01 API:contentReference[oaicite:1]{index=1}. These are just two examples of the many updates that have occurred over the past two years. This issue tracks the work needed to modernize the repository.

Goals

  1. Audit and update all dependencies in the API and UI packages

    • Run npm outdated or similar tools in both src/api and src/ui to generate a list of outdated packages.
    • Upgrade each package to the latest stable release, testing for breaking changes. Pay special attention to:
      • Azure Cognitive Services SDKs@azure/ai-text-analytics has been superseded by the new Azure AI Language Text SDK. Replace usages of TextAnalyticsClient with the corresponding TextAnalysisClient classes and update calls accordingly.
      • @azure/openai – move off the beta (1.0.0-beta.5) to the latest GA release. Use the GA API version (2024‑10‑21) when calling Azure OpenAI:contentReference[oaicite:2]{index=2}. Remove the separate openai package unless necessary and standardize on a single client library.
      • Speech SDK – upgrade microsoft‑cognitiveservices‑speech‑sdk to the latest version (currently 1.47.0):contentReference[oaicite:3]{index=3} and refactor the speech components to use any new APIs (for example, improved real‑time transcription and voice‑style options).
      • Langchain – update to the latest 2025 release (e.g., langchain>=0.1.x) and refactor any breaking API changes.
      • Express and Node – target the current Long Term Support (LTS) version of Node (20.x) and update express to 5.x once it exits beta. Replace rimraf with native rm -rf commands or Node 18+ fs.rm where appropriate.
      • Frontend stack – update React (to 19.x if available), Material UI (v6), TypeScript (5.x) and other UI dependencies. Consider migrating from react-scripts to a modern build tool such as Vite or Next.js to benefit from better performance and modern bundling.

  2. Replace deprecated SDKs and adjust code

    • Text Analytics → AI Language Text: The @azure/ai-text-analytics library is now retired in favour of Azure AI Language. Follow Microsoft’s migration guide to replace this package; update sentiment analysis, entity recognition and PII detection calls accordingly.
    • Azure OpenAI improvements: Adopt new features such as streaming responses, function calling and assistants. Update the API code to accept model names like gpt‑4o and gpt‑5 when available, and add configuration options for specifying the Azure OpenAI API version.
    • Speech Service enhancements: The newer Speech SDK includes features like [custom voice] and improved latency. Review API changes between 1.27.0 and 1.47.0 and refactor the transcription and text‑to‑speech code accordingly.

  3. Update configuration and environment files

    • Review .env-sample files for both API and UI and add any new environment variables required by updated SDKs (e.g., AZURE_OPENAI_API_VERSION or LANGUAGE_ENDPOINT). Remove obsolete variables.
    • Document how to configure new models (e.g., gpt‑4o, gpt‑5) and endpoints.

  4. Modernize the codebase and adopt best practices

    • Convert callback‑based SDK usage to async/await for better readability.
    • Add proper error handling and logging around all external API calls. Consider using middleware to catch errors in Express.
    • Introduce types via TypeScript in the API layer for improved maintainability.
    • Replace any deprecated React lifecycle methods with hooks (e.g., useEffect instead of componentDidMount).
    • Improve the UI’s state management (e.g., using React Context or Zustand) to handle new features like streaming responses.

  5. Expand sample use‑cases

    • Add examples demonstrating summarization, translation and content generation using new Azure AI Language capabilities.
    • Provide a sample that uses the new Azure OpenAI function‑calling interface to integrate with external APIs during chat interactions.
    • Update the README and docs/ to...
  • Fixes rohit-lakhanpal/ai-hackathon-starter-kit#26

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

Copilot avatar Nov 13 '25 04:11 Copilot

Can you validate if these instructions to setup the env make sense any more given the move to using Azure AI Foundry instead of deploying individual services

PORT=8730    
APP_NAME="YOUR_APP_NAME"
APP_DESCRIPTION="YOUR_APP_DESCRIPTION"
APP_REPOSITORY_OPTIONAL="YOUR_APP_REPOSITORY_URL (Optional. If you remove this line, it defaults to this repository's url.)"
APP_LOGO_OPTIONAL="YOUR_APP_LOGO_URL (Optional. If you can remove this line, it defaults to the Microsoft logo.)"
APP_FAVICON_OPTIONAL="YOUR_APP_FAVICON_URL (Optional. You can remove this line, it defaults to the Microsoft favicon.)"
LANGUAGE_KEY="YOUR_AZURE_LANGUAGE_KEY"
LANGUAGE_REGION="[e.g. eastus]"
LANGUAGE_ENDPOINT_URL="[e.g. https://your-deployment-name.cognitiveservices.azure.com/]"
SPEECH_KEY="YOUR_AZURE_SPEECH_KEY"
SPEECH_REGION="YOUR_AZURE_SPEECH_REGION"
SPEECH_ENDPOINT_URL_OPTIONAL="YOUR_AZURE_SPEECH_ENDPOINT_URL (Optional. You can remove this line if you don't have a custom speech endpoint url.)"
OPENAI_TYPE="Must be either openai or azure"
OPENAI_KEY="YOUR_OPENAI_KEY"
OPENAI_AZURE_KEY="YOUR_OPENAI_AZURE_KEY"
OPENAI_AZURE_BASE_URL="[e.g. https://[your-deployment-name].openai.azure.com/]"
OPENAI_AZURE_API_VERSION_OPTIONAL="2024-10-21"
OPENAI_AZURE_MODELS_TEXT="YOUR_MODEL_DEPLOYMENT_NAME_FOR_text-davinci-003_or_gpt-35-turbo-instruct"
OPENAI_AZURE_MODELS_CHAT="YOUR_MODEL_DEPLOYMENT_NAME_FOR_gpt-35-turbo_gpt-4_gpt-4o_or_GPT-4"

rohit-lakhanpal avatar Nov 13 '25 04:11 rohit-lakhanpal