Skip to content

Merge dev to main#40

Merged
leeroybrun merged 64 commits into
mainfrom
dev
Feb 19, 2026
Merged

Merge dev to main#40
leeroybrun merged 64 commits into
mainfrom
dev

Conversation

@leeroybrun

Copy link
Copy Markdown
Collaborator

No description provided.

caseyjkey and others added 30 commits February 17, 2026 22:51
## Summary

When users scan QR codes that are already-used or expired, they now get helpful error messages instead of a generic success message.

### Changes
- Check `authApprove` return value for different states:
  - `approved` - Successfully connected
  - `already_authorized` - Connection was already used by another device
  - `not_found` - Connection request expired

### Error Messages
- Already used: "Connection Already Used" with explanation
- Expired: "Connection Expired" with instructions to try again

### UX Improvement
- After clicking OK on the error message, users land back at the landing page
- This is clearer than navigating through menus to discover the issue

### Security Note
Having users authenticated by default (even without machines) could pose a security risk as they have API access. This change improves UX by preventing confusion when scanning already-used codes.
Introduce a centralized pipeline implementation and related CI changes.

- Add scripts/pipeline/* to consolidate build/release/release-helper logic and move many release scripts into a pipeline namespace
- Add dagger/ files and .daggerignore for dagger-based pipeline tooling
- Update GitHub workflows to call new pipeline scripts (build-tauri, build-ui-mobile-local, deploy, etc.) and replace inline logic with reusable scripts
- Tauri: validate updater pubkey via script, materialize signing key in runner when provided, and enable updater artifact generation when signing key exists; rename desktop artifact tags/paths to include "desktop"
- Mobile: gate EAS jobs on EXPO_TOKEN, validate token for manual runs, delegate local EAS/native build and submit steps to pipeline runner, and add publish_apk_release option
- Deploy workflow: require workflow_call/workflow_dispatch semantics, simplify concurrency/environment resolution, enforce explicit confirmation, and switch to inputs-driven deploy flow
- Add numerous contract and integration tests and npm-e2e smoke artifacts to exercise the new pipeline paths

These changes centralize CI behavior, make signing and secret handling explicit and safer in CI, and prepare workflows for reuse by other automation.
Add machine-readable --json output across auth, server and session control commands and tests. Introduce wantsJson/printJsonEnvelope helpers and wire JSON handling into server and session subcommands (including error mapping via controlErrorMapping), session delegate resolution, and auth status. Add many JSON contract/integration tests and baselines, session run stream helpers, and small utilities (default webapp URL handling, session fetch integration in resume). This enables automation-friendly CLI output and improves error reporting for JSON consumers.
Disable creation of updater artifacts by default in apps/ui/src-tauri/tauri.conf.json so contributors can build the desktop app locally without updater signing keys. Update UPDATES.md to document that local builds have bundle.createUpdaterArtifacts disabled and that CI will enable/publish updater artifacts when TAURI_SIGNING_PRIVATE_KEY is present. Also refresh the macOS icon (apps/ui/src-tauri/icons/icon.icns).
Add offline-friendly auth copy-from behavior and runtime-port preference, plus daemon dist-launch improvements.

- auth: make getInternalServerUrlCompat async and prefer stack.runtime.json port when appropriate; add --offline-ok and --no-secret handling to copy-from so credentials can be copied without a running source stack or without overwriting master secret. Source runtime liveness is now checked and copy-from fails closed unless --offline-ok is provided. Usage/help text updated to include --force and --offline-ok.
- auth: validate bearer tokens against the server when reseeding/copying and surface clear errors for unreachable/invalid tokens.
- daemon: prefer launching via the CLI dist entrypoint (dist/index.mjs) by building a node-args prefix and use it for spawn/run invocations; add expectedPid guard when stopping to avoid races. Adjust daemon start/stop/status invocations to use the node args prefix.
- tests: add/adjust multiple integration and unit tests (auth copy-from offline behavior, login respects pinned/runtime ports, auth force flag util, daemon dist guard, invalid-auth reseed flow, and more) to cover new behaviors.
- docs: document HAPPIER_STACK_TAURI_CREATE_UPDATER_ARTIFACTS env var in tauri.md.

This change improves local dev UX by preferring recorded runtime ports, enabling offline credential copy scenarios, hardening daemon lifecycle handling, and adding validation and tests to prevent regressions.
feat(ui): Add better error messages for QR code authentication
A couple of fixes across the agent backend and UI streaming reducer:

- cli(acp): when deciding to complete a response, check the subprocess exitCode and signalCode and fail the pending response wait if the subprocess exited with a non-zero code or a signal. Also clear postPromptCompletionIdleTimeout when clearing timeouts to avoid leaking timers.

- ui(sync): add a provider-agnostic fallback for streaming merge keys in runUserAndTextPhase. If happierStreamKey is missing but the transport reuses the same message id for incremental chunks (single-content messages), use `id:<messageId>` as a stable stream key so consecutive chunks can be merged. Rename variable to streamKeyFromMeta and wire the fallback logic.

- tests: add a unit test to verify that consecutive root agent text chunks with a reused message id are merged when happierStreamKey is absent.

These changes prevent silent completion when a subprocess has already exited and improve streaming robustness across transports that don't provide a dedicated stream key.
Introduce a repo-local wrapper that defaults to an isolated per-checkout stack to avoid collisions with the main stack. Generates stable repo-scoped stack names (persisted in git metadata when possible), writes a minimal env file and CLI home dir, maps `stop` to the generated repo stack, and scrubs main-stack env to avoid leaking credentials/state. Add tests covering wrapper dry-run behavior and stop mapping, and several integration tests for stop/sweep behavior.

Add resolve_stack_server_port utility and use it in dev and run flows so server port resolution can prefer runtime/persisted ports for repo-local stacks. Enhance TUI: formatted box lines, improved arg handling, stackless summary rendering, daemon auth notices and autostart heuristics, stdin handoff helpers, and related tests. Several new helper modules and tests added to support these features.
Add android.track entries to apps/ui/eas.json for preview (internal) and production (production), and add a contract test to verify those tracks are configured without requiring a local service account key. Files changed:
- apps/ui/eas.json: set submit.preview.android.track -> "internal" and submit.production.android.track -> "production"
- scripts/release/eas_submit_android_tracks_configured.contract.test.mjs: new tests asserting presence of submit.preview.android.track and submit.production.android.track and absence of serviceAccountKeyPath

These changes ensure EAS submit is configured to target the correct Google Play tracks and guard against regressions that would require a local Android service account key.
Add a new npm script `stop` that runs `node ./apps/stack/scripts/repo_local.mjs stop`. This provides a convenient way to stop the local stack process via yarn/npm scripts alongside the existing dev/start/build/tui commands.
Add UI and runtime support for ACP (agent mode) preflight workflows.

- AgentInput: add an inline refresh control and styles to the Mode overlay so users can trigger re-probing of ACP modes; include accessibilityLabel and tests to exercise the refresh flow.
- useNewSessionPreflightSessionModesState: detect agents that support ACP modes, provide a stable "default" placeholder option while probing, and only run probes for supported agents. Adjusted memo dependencies and mode options logic.
- useCreateNewSession: add optional acpSessionModeId param and publish an acpSessionModeOverride to session metadata before sending the initial message (non-blocking on failure).
- sessionModeOptions: rename helper to getSessionModeOptionsForPreflightModeList and return normalized options; update callers.
- Add tests that cover the loading placeholder behavior and ACP mode seeding on session creation.

BREAKING CHANGE: renamed exported helper getSessionModeOptionsForPreflightModelList -> getSessionModeOptionsForPreflightModeList
@coderabbitai

coderabbitai Bot commented Feb 19, 2026

Copy link
Copy Markdown

Important

Review skipped

Too many files!

This PR contains 300 files, which is 150 over the limit of 150.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch dev

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@greptile-apps

greptile-apps Bot commented Feb 19, 2026

Copy link
Copy Markdown
Contributor

Too many files changed for review. (874 files found, 100 file limit)

@leeroybrun leeroybrun merged commit 1991fce into main Feb 19, 2026
35 of 49 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant