Fix floating auth tab strip for transparent-DCR OAuth connect modal

[RhysSullivan]

Problem

In the add-connection modal, the auth-method tab strip and its body live in a Tabs -> TabsList -> TabsContent group. The TabsContent card was wrapped in {dcrActive ? null : (...)}, so whenever an OAuth integration used transparent dynamic client registration (the MCP OAuth case) the card was suppressed.

The tab strip itself still renders whenever a custom-method + is available. The result: the OAuth tab plus the + floated with no card beneath it, and the tab strip's border looked detached (it jumped straight to "Connection saved to").

That same wrapper had a second symptom: the in-card "No app to choose" DCR explainer was written inside a dcrActive ? branch within the gated TabsContent, which the outer dcrActive ? null made permanently unreachable dead code.

Fix

Always render the TabsContent card and let the inner dcrActive / cimdActive branches show their explainer. The tab strip gets its body back, and the DCR/CIMD explainer is now live instead of dead. The change is purely the removal of the {dcrActive ? null : (...)} gate; the rest of the diff is the block de-indenting by two spaces.

Before / after

• Before: OAuth tab and + floating, no card, modal jumps to "Connection saved to".
• After: the OAuth tab sits on its "No app to choose / supports automatic setup" card.

Verification

New selfhost browser scenario e2e/selfhost/connection-modal-dcr-card.test.ts: registers a remote MCP integration declaring an oauth2 method (which makes it DCR-capable), opens the add-connection modal, and asserts the OAuth tab's body card renders under the tab strip. It passes on this branch and fails on the pre-fix code (the asserted copy was unreachable), so it guards the regression. Per-step screenshots and video are captured as run artifacts.

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Preview URL	Updated (UTC)
✅ Deployment successful! View logs	executor-marketing	429a026	Commit Preview URL Branch Preview URL	Jun 29 2026, 02:12 AM

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Updated (UTC)
✅ Deployment successful! View logs	executor-cloud	429a026	Jun 29 2026, 02:12 AM

[greptile-apps]

Greptile Summary

Removes the {dcrActive ? null : (...)} outer gate that was suppressing the TabsContent card whenever a transparent-DCR OAuth integration was active, causing the tab strip to render without a body and making the inner DCR explainer unreachable dead code. The fix is purely structural: always render TabsContent and let the existing inner cimdActive/dcrActive/oauthLoading branches handle each state as intended.

• add-account-modal.tsx: drops the outer DCR gate; the diff is entirely de-indentation plus the removed wrapper, with no logic changes to the inner branches.
• e2e/selfhost/connection-modal-dcr-card.test.ts: new selfhost browser scenario that registers a remote MCP oauth2 integration, opens the add-connection modal, and asserts the "No app to choose" DCR explainer card is visible under the tab strip.

Confidence Score: 4/5

Safe to merge: the change is a single-gate removal with no logic rewritten, all previously-working non-DCR paths are unaffected, and the new e2e test guards the regression.

The modal fix is minimal and low-risk: removing an outer conditional that was suppressing a block whose inner branches already handle every case correctly. The only findings are a pre-existing em-dash in a touched string and a missing needs capability declaration in the new test, neither of which affects runtime behavior.

No files require special attention; both changed files are straightforward and self-contained.

Important Files Changed

Filename	Overview
packages/react/src/components/add-account-modal.tsx	Removes the outer {dcrActive ? null : (...)} gate around TabsContent, allowing the tab body card to always render; inner cimdActive/dcrActive/oauthLoading branches are unchanged and handle each state correctly. One pre-existing em-dash in the touched string violates the AGENTS.md style rule.
e2e/selfhost/connection-modal-dcr-card.test.ts	New selfhost browser scenario that registers a remote MCP OAuth integration and asserts the DCR explainer card is visible under the tab strip. Well-structured with proper cleanup via Effect.ensuring; missing a needs capability declaration for the Browser service.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[Tabs renders tab strip] --> B{dcrActive?}
    B -- "Before fix: true" --> C[null: TabsContent suppressed, tab strip floats with no body]
    B -- "Before fix: false" --> D[TabsContent rendered]
    D --> E{isOAuth and method?}
    E -- cimdActive --> F[No app registration card]
    E -- dcrActive --> G[No app to choose card - dead code, outer gate blocked this]
    E -- oauthLoading --> H[Loading OAuth apps]
    E -- else --> I[OAuth app picker / register CTA]

    B2[After fix: always render TabsContent] --> E2{isOAuth and method?}
    E2 -- cimdActive --> F2[No app registration card]
    E2 -- dcrActive --> G2[No app to choose card - now reachable]
    E2 -- oauthLoading --> H2[Loading OAuth apps]
    E2 -- else --> I2[OAuth app picker / register CTA]

Loading

%%{init: {'theme': 'base', 'themeVariables': {"darkMode": true, "background": "#0d1117", "primaryColor": "#21262d", "primaryTextColor": "#e6edf3", "primaryBorderColor": "#8b949e", "lineColor": "#8b949e", "textColor": "#e6edf3", "edgeLabelBackground": "#161b22", "actorBkg": "#21262d", "actorBorder": "#8b949e", "actorTextColor": "#e6edf3", "actorLineColor": "#8b949e", "signalColor": "#8b949e", "signalTextColor": "#e6edf3", "noteBkgColor": "#373320", "noteBorderColor": "#d4a72c", "noteTextColor": "#f0e6c0", "labelBoxBkgColor": "#21262d", "labelBoxBorderColor": "#8b949e", "labelTextColor": "#e6edf3", "loopTextColor": "#e6edf3", "activationBkgColor": "#30363d", "activationBorderColor": "#8b949e"}}}%%
flowchart TD
    A[Tabs renders tab strip] --> B{dcrActive?}
    B -- "Before fix: true" --> C[null: TabsContent suppressed, tab strip floats with no body]
    B -- "Before fix: false" --> D[TabsContent rendered]
    D --> E{isOAuth and method?}
    E -- cimdActive --> F[No app registration card]
    E -- dcrActive --> G[No app to choose card - dead code, outer gate blocked this]
    E -- oauthLoading --> H[Loading OAuth apps]
    E -- else --> I[OAuth app picker / register CTA]

    B2[After fix: always render TabsContent] --> E2{isOAuth and method?}
    E2 -- cimdActive --> F2[No app registration card]
    E2 -- dcrActive --> G2[No app to choose card - now reachable]
    E2 -- oauthLoading --> H2[Loading OAuth apps]
    E2 -- else --> I2[OAuth app picker / register CTA]

Loading

_{Reviews (1): Last reviewed commit: "Fix floating auth tab strip for transpar..." | Re-trigger Greptile}

[greptile-apps]

Em-dash in user-facing string

The string sign you in — no client ID or app to pick. contains an em-dash (—). The AGENTS.md style rule bans em-dashes everywhere, including code. Since this line is touched by the diff (it was de-indented), it's a good opportunity to replace the em-dash with a comma, colon, or parenthesis.

Context Used: AGENTS.md (source)

Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!

[greptile-apps]

No needs capability declared for browser dependency

The scenario options are {} but the test yields Browser and drives a full browser session. The e2e/AGENTS.md anatomy examples declare required capabilities via needs (e.g. { needs: ["api"] }). If the runner gates service provisioning on that field, the test could silently skip or error on an environment that doesn't wire up Browser by default. Consider adding needs: ["browser"] (or the equivalent selfhost capability key) to make the dependency explicit and self-documenting.

Context Used: e2e/AGENTS.md (source)

[github-actions]

Cloudflare preview

Torn down — the PR is closed.

[pkg-pr-new]

Open in StackBlitz

@executor-js/cli

npm i https://pkg.pr.new/@executor-js/cli@1202

@executor-js/config

npm i https://pkg.pr.new/@executor-js/config@1202

@executor-js/execution

npm i https://pkg.pr.new/@executor-js/execution@1202

@executor-js/sdk

npm i https://pkg.pr.new/@executor-js/sdk@1202

@executor-js/codemode-core

npm i https://pkg.pr.new/@executor-js/codemode-core@1202

@executor-js/runtime-quickjs

npm i https://pkg.pr.new/@executor-js/runtime-quickjs@1202

@executor-js/plugin-file-secrets

npm i https://pkg.pr.new/@executor-js/plugin-file-secrets@1202

@executor-js/plugin-graphql

npm i https://pkg.pr.new/@executor-js/plugin-graphql@1202

@executor-js/plugin-keychain

npm i https://pkg.pr.new/@executor-js/plugin-keychain@1202

@executor-js/plugin-mcp

npm i https://pkg.pr.new/@executor-js/plugin-mcp@1202

@executor-js/plugin-onepassword

npm i https://pkg.pr.new/@executor-js/plugin-onepassword@1202

@executor-js/plugin-openapi

npm i https://pkg.pr.new/@executor-js/plugin-openapi@1202

executor

npm i https://pkg.pr.new/executor@1202

commit: 429a026

[RhysSullivan]

Before / after

Captured live from the selfhost app by the new e2e scenario (e2e/selfhost/connection-modal-dcr-card.test.ts), a remote MCP integration declaring an oauth2 method (transparent DCR).

Before — the OAuth tab and + float with no card beneath; the modal jumps straight to "Connection saved to":

After — the OAuth tab sits on its "No app to choose / supports automatic setup" card: