First commit

.gitattributes

@@ -0,0 +1,5 @@
+# Auto-detect text files, ensure they use LF.
+* text=auto eol=lf working-tree-encoding=UTF-8
+
+# Bash scripts
+*.sh text eol=lf

.gitignore

@@ -0,0 +1,23 @@
+# Private settings
+**/certs/*.pem
+**/certs/config.json
+**/certs/mkcert
+.env
+*.local
+*__local__*
+.data/
+
+# Dependencies and build cache
+node_modules
+poetry.lock
+__pycache__
+.pytest_cache
+.cache
+
+# Logs
+*.log
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+pnpm-debug.log*
+lerna-debug.log*

CODE_OF_CONDUCT.md

@@ -0,0 +1,9 @@
+# Microsoft Open Source Code of Conduct
+
+This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
+
+Resources:
+
+- [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/)
+- [Microsoft Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)
+- Contact [[email protected]](mailto:[email protected]) with questions or concerns

LICENSE

@@ -0,0 +1,21 @@
+    MIT License
+
+    Copyright (c) Microsoft Corporation.
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy
+    of this software and associated documentation files (the "Software"), to deal
+    in the Software without restriction, including without limitation the rights
+    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+    copies of the Software, and to permit persons to whom the Software is
+    furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in all
+    copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+    SOFTWARE

Makefile

@@ -0,0 +1,36 @@
+# Runs make in all subdirectories with a Makefile, passing the make target to each.
+# Directories are make'ed in top down order.
+# ex: make (runs DEFAULT_GOAL)
+# ex: make clean (runs clean)
+# ex: make install (runs install)
+
+.DEFAULT_GOAL := install
+
+# You can pass in a list of files or directories to retain when running `clean/git-clean`
+# ex: make clean GIT_CLEAN_RETAIN=".env .data"
+# As always with make, you can also set this as an environment variable
+GIT_CLEAN_RETAIN ?= .env
+GIT_CLEAN_EXCLUDE = $(foreach v,$(GIT_CLEAN_RETAIN),--exclude !$(v))
+
+.PHONY: git-clean
+git-clean:
+	git clean -dffX . $(GIT_CLEAN_EXCLUDE)
+
+include ./build-tools/makefiles/shell.mk
+
+FILTER_OUT = $(foreach v,$(2),$(if $(findstring $(1),$(v)),,$(v)))
+MAKE_FILES = $(shell find . -name Makefile -mindepth 2)
+ALL_MAKE_DIRS = $(filter-out ./,$(dir $(MAKE_FILES)))
+ifeq ($(suffix $(SHELL)),.exe)
+MAKE_FILES = $(shell dir Makefile /b /s)
+ALL_MAKE_DIRS = $(filter-out $(subst /,\,$(abspath ./)),$(patsubst %\,%,$(dir $(MAKE_FILES))))
+endif
+
+MAKE_DIRS := $(call FILTER_OUT,site-packages,$(call FILTER_OUT,node_modules,$(sort $(ALL_MAKE_DIRS))))
+
+.PHONY: clean install test format lint $(MAKE_DIRS)
+clean: git-clean
+clean install test format lint: $(MAKE_DIRS)
+
+$(MAKE_DIRS):
+	$(MAKE) -C $@ $(MAKECMDGOALS) || $(true_expression)

README.md

@@ -0,0 +1,97 @@
+# Semantic Workbench
+
+Semantic Workbench is a versatile tool designed to help prototype intelligent assistants quickly. It supports the creation of new assistants or the integration of existing ones, all within a cohesive interface. The workbench provides a user-friendly UI for creating conversations with one or more assistants, configuring settings, and exposing various behaviors.
+
+The Semantic Workbench is composed of three main components:
+
+1.	[Workbench Service](semantic-workbench/v1/service/README.md) (Python): The backend service that handles core functionalities.
+2.	[Workbench App](semantic-workbench/v1/app/README.md) (React/Typescript): The frontend web user interface for interacting with workbench and assistants.
+3.	Assistant Services: any number of assistant services that implement the service protocols/APIs, developed using any framework and programming language of your choice.
+
+Designed to be agnostic of any agent framework, language, or platform, the Semantic Workbench facilitates experimentation, development, testing, and measurement of agent behaviors and workflows. Agents integrate with the workbench via a RESTful API, allowing for flexibility and broad applicability in various development environments.
+
+# Quick start
+
+* Start the backend service, see [here for instructions](semantic-workbench/v1/service/README.md).
+* Start the frontend app, see [here for instructions](semantic-workbench/v1/app/README.md).
+* Start the canonical assistant, see [here for instructions](semantic-workbench/v1/service/semantic-workbench-assistant/README.md).
+
+![image](https://raw.githubusercontent.com/microsoft/semanticworkbench/main/docs/readme1.png)
+
+![image](https://raw.githubusercontent.com/microsoft/semanticworkbench/main/docs/readme2.png)
+
+![image](https://raw.githubusercontent.com/microsoft/semanticworkbench/main/docs/readme3.png)
+
+# Connecting your agents
+
+To develop new agents and connect existing ones, see the [Assistant Development Guide](docs/ASSISTANT_DEVELOPMENT_GUIDE.md)
+
+The repository contains a [Canonical assistant](semantic-workbench/v1/service/semantic-workbench-assistant/semantic_workbench_assistant/canonical.py) without any AI feature, that can be used as starting point to create custom agents.
+
+# Workbench setup
+
+1. Follow the [Service Setup Guide](semantic-workbench/v1/service/README.md)
+2. Follow the [App Setup Guide](semantic-workbench/v1/app/README.md)
+
+## Windows setup
+
+Enable long file paths on Windows.
+
+   1. Run `regedit`.
+   2. Navigate to `HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem`.
+   3. Find the `LongPathsEnabled` key. If it doesn’t exist, right-click on the `FileSystem` key, select `New > DWORD (32-bit) Value`, and name it `LongPathsEnabled`.
+   4. Double-click on `LongPathsEnabled`, set its value to `1`, and click OK.
+
+## Open the Workbench and create an assistant instance
+
+Open the app in your browser at [`https://localhost:4000`](https://localhost:4000):
+
+1. Click `Sign in`
+1. Add and Assistant:
+   1. Click +Add Assistant Button
+   1. Click Instance of Assistant
+1. Give it a name.
+1. Enter the assistant service URL in the combobox, e.g. `http://127.0.0.1:3010`.
+1. Click Chat box icon.
+1. Type a message and hit send.
+1. If you see "Please set the OpenAI API key in the config."
+   1. Click Edit icon in upper right.
+   1. Paste in your OpenAI Key.
+   1. Paste in your OrgID.
+   1. Click Save.
+   1. Hit Back button in UI.
+1. Type another message and hit send.
+
+Expected: You get a response from your assistant!
+
+## Refreshing Dev Environment
+
+- [v1\service\.data](service.data) delete this directory or specific files if you know which one.
+- From repo root, run `make clean install`.
+  - This will perform a `git clean` and run installs in all sub-directories
+- Or a faster option if you just want to install semantic workbench related stuff:
+  - From repo root, run `make clean`
+  - From `~/semantic-workbench/v1/app`, run `make install`
+  - From `~/semantic-workbench/v1/service`, run `make install`
+
+# Contributing
+
+This project welcomes contributions and suggestions. Most contributions require you to agree to a
+Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us
+the rights to use your contribution. For details, visit <https://cla.opensource.microsoft.com>.
+
+When you submit a pull request, a CLA bot will automatically determine whether you need to provide
+a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions
+provided by the bot. You will only need to do this once across all repos using our CLA.
+
+This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
+For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or
+contact [[email protected]](mailto:[email protected]) with any additional questions or comments.
+
+# Trademarks
+
+This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft
+trademarks or logos is subject to and must follow
+[Microsoft's Trademark & Brand Guidelines](https://www.microsoft.com/en-us/legal/intellectualproperty/trademarks/usage/general).
+Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship.
+Any use of third-party trademarks or logos are subject to those third-party's policies.

RESPONSIBLE_AI_FAQ.md

@@ -0,0 +1,56 @@
+# Semantic Workbench's Responsible AI FAQ
+
+## What is Semantic Workbench?
+
+- Semantic Workbench is a web application intended to help prototyping assistants during the development phase.
+- Semantic Workbench provides a user interface for creating conversations with one or more assistants, including a configuration user interface, and a service to connect custom assistants.
+
+## What is/are Semantic Workbench’s intended use(s)?
+
+- Semantic Workbench is designed for prototyping assistants, running conversations and testing assistants behavior.
+
+## How was Semantic Workbench evaluated? What metrics are used to measure performance?
+
+Semantic Workbench has been built from the ground up specifically for the experimentation use-case. Other user interfaces and tools have been evaluated, but none allowed to prototype assistants decoupled from a specific underlying technology stack such as AI models or frameworks.
+
+Semantic Workbench does not mandate any specific technology or framework. 
+
+Developers can use any of preferred technology and connect their bots to Semantic Workbench to benefit from its user interface, including configuration, debugging and visualization tools.
+
+## What are the limitations of Semantic Workbench? How can users minimize the impact of Semantic Workbench’s limitations when using the system?
+
+- Semantic Workbench is not an assistant in itself, it only allows to connect and test existing assistants.
+
+- Intelligent assistants must be developed with usual IDEs and development tools like Semantic Kernel, Langchain, Autogen, following the best practices there recommended, for instance [Responsible AI and Semantic Kernel](https://learn.microsoft.com/semantic-kernel/when-to-use-ai/responsible-ai) and [LangSmith](https://www.langchain.com/langsmith).
+
+- The workbench is unable to automatically discover agents: once the code for an agent is ready, some extra code needs to be added in order to connect the assistant to Semantic Workbench.
+
+- Developers connecting their agents to Semantic Workbench are responsible for implementing security and safety into their agents, using, for example, [Azure AI Content Safety](https://azure.microsoft.com/eproducts/ai-services/ai-content-safety) and [Microsoft Purview](https://www.microsoft.com/security/business/microsoft-purview), and leveraging tools like [Responsible AI Toolbox](https://github.com/microsoft/responsible-ai-toolbox).
+
+- When using Semantic Workbench to test an assistant, developers should carefully observe the bot’s behavior and use the debugging tools to investigate any unexpected outcomes. Although Semantic Workbench does not automatically detect harmful, inaccurate, or biased content, it enables developers to run and debug conversations, which helps identify and fix issues, improve the bot’s behavior, and edit prompts and code as necessary.
+
+- Developers using Semantic Workbench can adopt a user-centric approach in designing applications, ensuring that users are well-informed and have the ability to approve any actions taken by the AI. Semantic Workbench exposes all the information provided by the connected assistants, so it's important that developers code these assistants to expose their rationale, prompts, and state.
+
+- Additionally, intelligent assistants developers should implement mechanisms to monitor and filter any automatically generated information, if deemed necessary.
+
+- By addressing responsible AI issues in this manner, developers can create assistants that are not only efficient and useful but also adhere to ethical guidelines and prioritize user trust and safety.
+
+## What operational factors and settings allow for effective and responsible use of Semantic Workbench?
+
+- First and foremost, developers using Semantic Workbench can precisely define user interactions and how user data is managed in the source code of their intelligent assistants.
+
+- If a prototype assistant runs a sequence of components, additional risks/failures may arise when using non-deterministic behavior. To mitigate this, developers can:
+
+  - Implement safety measures and bounds on each component to prevent undesired outcomes.
+  - Add output to the user to maintain control and awareness of the system's state.
+  - In multi-agent scenarios, build in places that prompt the user for a response, ensuring user involvement and reducing the likelihood of undesired results due to multi-agent looping.
+
+- When working with AI, the developer can enable content moderation in the AI platforms used, and has complete control on the prompts being used, including the ability to define responsible boundaries and guidelines. For instance:
+
+  - When using Azure OpenAI, by default the service includes a content filtering system that works alongside core models. This system works by running both the prompt and completion through an ensemble of classification models aimed at detecting and preventing the output of harmful content. In addition to the content filtering system, the Azure OpenAI Service performs monitoring to detect content and/or behaviors that suggest use of the service in a manner that might violate applicable product terms. The filter configuration can be adjusted, for example to block also "low severity level" content. See [here](https://learn.microsoft.com/azure/ai-services/openai/concepts/content-filter) for more information.
+
+  - The developer can integrate Azure AI Content Safety to detect harmful user-generated and AI-generated content, including text and images. The service includes an interactive Studio online tool with templates and customized workflows. See [here](https://learn.microsoft.com/azure/ai-services/content-safety) for more information.
+
+  - When using OpenAI the developer can integrate OpenAI Moderation to identify problematic content and take action, for instance by filtering it. See [here](https://platform.openai.com/docs/guides/moderation) for more information.
+
+  - Other AI providers provide content moderation and moderation APIs, which developers can integrate with Node Engine.

SECURITY.md

@@ -0,0 +1,37 @@
+## Security
+
+Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet) and [Xamarin](https://github.com/xamarin).
+
+If you believe you have found a security vulnerability in any Microsoft-owned repository that meets [Microsoft's definition of a security vulnerability](https://aka.ms/security.md/definition), please report it to us as described below.
+
+## Reporting Security Issues
+
+**Please do not report security vulnerabilities through public GitHub issues.**
+
+Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://aka.ms/security.md/msrc/create-report).
+
+If you prefer to submit without logging in, send email to [[email protected]](mailto:[email protected]).  If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://aka.ms/security.md/msrc/pgp).
+
+You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://www.microsoft.com/msrc). 
+
+Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
+
+  * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
+  * Full paths of source file(s) related to the manifestation of the issue
+  * The location of the affected source code (tag/branch/commit or direct URL)
+  * Any special configuration required to reproduce the issue
+  * Step-by-step instructions to reproduce the issue
+  * Proof-of-concept or exploit code (if possible)
+  * Impact of the issue, including how an attacker might exploit the issue
+
+This information will help us triage your report more quickly.
+
+If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Please visit our [Microsoft Bug Bounty Program](https://aka.ms/security.md/msrc/bounty) page for more details about our active programs.
+
+## Preferred Languages
+
+We prefer all communications to be in English.
+
+## Policy
+
+Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://aka.ms/security.md/cvd).

SUPPORT.md

@@ -0,0 +1,13 @@
+# Support
+
+## How to file issues and get help  
+
+This project uses GitHub Issues to track bugs and feature requests. Please search the existing 
+issues before filing new issues to avoid duplicates.  For new issues, file your bug or 
+feature request as a new Issue.
+
+For help and questions about using this project, please create a new GitHub Issue with your request.
+
+## Microsoft Support Policy  
+
+Support for this project is limited to the resources listed above.