The Tauri desktop app is CodeAgora's official human-facing local UI. It stays aligned with the same CLI/core/MCP session, config, provider, and review contracts used by the automation surfaces.
| Area | Release decision |
|---|---|
| Channel | Official desktop app |
| Public desktop launch | Included in release readiness |
| Signing | v0.1.2 stable ships as an unsigned preview DMG |
| Notarization | v0.1.2 stable is not notarized; macOS Gatekeeper warning is expected |
| Updater | Disabled for the v0.1.2 unsigned preview DMG; RC updater JSON remains scoped to desktop-X.Y-rc/latest-X.Y-rc.json |
| Canonical review engine | Existing CLI/core path |
| Canonical sessions | Existing .ca/sessions artifacts |
| Canonical config | Existing .ca/config.* schema and files |
Run the desktop gate before cutting an RC:
pnpm rc:desktop-gateOfficial macOS arm64 Desktop distribution also requires:
pnpm rc:desktop-distribution-gateThe distribution gate is RC-only. It requires X.Y.Z-rc.N versions, the rc
npm dist-tag, a vX.Y.Z-rc.N prerelease, signed/notarized/stapled macOS arm64
DMG evidence, updater app artifact evidence, updater .sig evidence, and a same-line latest-X.Y-rc.json
manifest. The installed app reads the line-scoped desktop-X.Y-rc updater
release for its version line; the JSON points at the versioned vX.Y.Z-rc.N
prerelease assets.
Stable Desktop distribution, stable updater channels, and npm
latest promotion are out of scope for this RC gate.
The v0.1.2 stable release attaches a macOS arm64 Desktop DMG as an unsigned preview artifact:
https://github.com/bssm-oss/CodeAgora/releases/download/v0.1.2/CodeAgora_0.1.2_aarch64.dmgThat DMG is not Developer ID signed, not notarized, and does not enable a Tauri updater channel. macOS Gatekeeper warnings are expected.
Stable Desktop release evidence must be explicit about that policy:
node packages/desktop/scripts/capture-unsigned-dmg-evidence.mjs
pnpm desktop:unsigned-dmg-gateThe required evidence files are:
.sisyphus/evidence/desktop-unsigned-dmg-evidence.json
.sisyphus/evidence/desktop-unsigned-dmg-gate.logDo not describe the v0.1.2 Desktop DMG as signed, notarized, stapled, or auto-updatable unless a later release reintroduces those gates with fresh evidence.
For RC evidence, pnpm rc:desktop-gate runs:
pnpm --filter @codeagora/desktop typecheckpnpm --filter @codeagora/desktop smokepnpm --filter @codeagora/desktop tauri:checkpnpm --filter @codeagora/desktop app:e2epnpm --filter @codeagora/desktop macos:webdriver-e2epnpm --filter @codeagora/desktop visual:qapnpm --filter @codeagora/desktop evidencepnpm --filter @codeagora/desktop bundle:smoke
The desktop evidence manifest is written to:
.sisyphus/evidence/desktop-evidence-manifest.jsonVisual QA writes desktop-visual-qa.json plus cockpit and setup screenshots in
the same evidence directory.
Release readiness requires fresh desktop evidence for the candidate commit.
The desktop smoke checks:
- built
dist/index.htmlanddist/main.js - package/Tauri version alignment
- updater configuration and updater artifact generation
- Tauri product metadata
- command bridge coverage for repository, sessions, review progress, config, providers, MCP, GitHub Action setup, release evidence, export, and command contract reporting
- generated Tauri bundle artifacts, including the macOS
.appexecutable when running on macOS
Before RC handoff, manually verify:
- the Tauri shell launches on the target platform
- a trusted git repository opens and shows branch/head/dirty/config/session state
- review progress and cancel controls work on a provider-safe path
- session detail renders findings and exports Markdown, JSON, and SARIF
- config validation blocks invalid writes
- provider status redacts secrets
- MCP and GitHub Action setup panels show current config signals
- release evidence panel detects release evidence, benchmark report, and desktop evidence manifest
Desktop must not:
- reimplement review orchestration
- create desktop-only verdict, finding, session, or config semantics
- claim signing, notarization, updater, or platform distribution behavior that has not been captured in release evidence
- expose provider keys, tokens, Authorization headers, or secret values in UI logs, exports, or evidence