Enhance Chrome extension with AI integration for job application assi…

.github/workflows/security.yml

@@ -0,0 +1,26 @@
+name: Security Scan
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+
+jobs:
+  security-scan:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Check for hardcoded secrets
+        uses: gitleaks/gitleaks-action@v2
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE }}
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Run security audit
+        run: npm audit --production 

README.md

@@ -8,12 +8,35 @@ A Chrome extension built with TypeScript that demonstrates basic extension funct
 - Content script for interacting with web pages
 - Popup UI with options and theme switching
 - TypeScript for type safety and modern JavaScript features
+- AI-powered job application form filling with ChatGPT or DeepSeek integration
+
+## AI Integration
+
+This extension uses AI to help with job applications in two ways:
+
+1. **ChatGPT (OpenAI)**: The primary AI service used for generating responses to job application questions.
+2. **DeepSeek**: An alternative AI service that can be used instead of ChatGPT.
+
+### Setting up OpenAI (ChatGPT)
+
+To use ChatGPT with this extension:
+
+1. Create an OpenAI account at [platform.openai.com](https://platform.openai.com)
+2. Generate an API key from your account dashboard
+3. Configure the extension:
+   - Open the extension popup
+   - Select "OpenAI (ChatGPT)" as the AI service
+   - Enter your API key in the field provided
+   - Click "Save API Key"
+
+If you don't provide an API key, the extension will use mock responses for testing purposes.
 
 ## Development
 
 ### Prerequisites
 
 - Node.js and npm
+- AI API key (from OpenAI or DeepSeek)
 
 ### Setup
 
@@ -22,6 +45,30 @@ A Chrome extension built with TypeScript that demonstrates basic extension funct
    ```
    npm install
    ```
+3. Set up environment variables:
+   - Copy `env.example` to `.env.local`
+   - Add your API key to `.env.local`:
+     ```
+     DEEPSEEK_API_KEY=your_api_key_here
+     ```
+     or for OpenAI:
+     ```
+     OPENAI_API_KEY=your_api_key_here
+     ```
+   - This file is gitignored and will not be committed
+
+### Setting up the AI API Key
+
+For development:
+1. Create an account at [DeepSeek](https://deepseek.com/) or [OpenAI Platform](https://platform.openai.com/)
+2. Generate an API key from their developer dashboard
+3. Add the key to your `.env.local` file as described above
+
+For users of the extension:
+1. Click on the extension icon to open the popup
+2. Enter your AI API key in the designated field
+3. Click "Save API Key"
+4. The key will be securely stored in Chrome's extension storage
 
 ### Building
 
@@ -56,10 +103,17 @@ npm run dev
   - `background.ts` - Background script
   - `content.ts` - Content script that runs on web pages
   - `popup.ts` - Script for the extension popup
+  - `services/` - Service modules
+    - `aiService.ts` - ChatGPT integration for AI-powered responses
+    - `autofillService.ts` - Form detection and filling functionality
+    - `jobFormService.ts` - Job board detection and form handling
+    - `storageService.ts` - Chrome storage management
+  - `types/` - TypeScript type definitions
 - `popup.html` - HTML for the extension popup
 - `manifest.json` - Chrome extension configuration
 - `icons/` - Extension icons
+- `env.example` - Example environment variables template
 
 ## License
 
-ISC 
+ISC

env.example

@@ -0,0 +1,13 @@
+# AI API Keys for development
+OPENAI_API_KEY=
+DEEPSEEK_API_KEY=
+
+# Instructions:
+# 1. Copy this file to .env.local 
+# 2. Add your API key to the .env.local file
+# 3. Do not commit .env.local to version control
+
+# If you don't provide an API key, the extension will use mock responses.
+
+# This example file should be committed to version control
+# to serve as a template for other developers