Patching pocketpaw.security.guardian.get_settings fails because get_settings is imported lazily inside GuardianAgent.__init__ to avoid a circular import (config → security.url_validators → security/__init__ → guardian). Patch pocketpaw.config.get_settings (the real source) instead.
Also add tests/test_logging_scrub.py to the secrets-scan exclude list alongside test_redact.py and test_pii.py — the xoxb- string is a required scrubber-test fixture, not a real credential.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Two stale reverts on dev had rolled back critical hotfixes landed
directly on main:
* ``client/src-tauri/tauri.conf.json`` was pinned back to ``0.1.3``,
which would silently downgrade the desktop client on merge (main is
at ``0.1.4``).
* ``.github/workflows/publish.yml`` lost its ``client-v*`` tag skip
guard, so the next desktop release would trigger a PyPI publish of
the Python package.
Restoring both so merging this release into main is a no-op for those
files, and bumping the package version from ``0.4.15`` to ``0.4.16`` so
the tagged release has a unique PyPI artifact. The lockfile update is
only the self-version reference.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
* fix(client): reliable first-install pipeline and production CSP
Rewrites the Tauri installer to handle fresh devices with no Python/uv.
Uses a cascading bootstrap: find Python 3.11+ -> install uv -> uv python
install -> fallback to system package manager -> prompt user. Only passes
--uv-available when uv is actually detected. Reads both stdout and stderr
from the installer subprocess so errors are visible in the UI.
Fixes production-only "Failed to load sessions" by adding localhost to CSP
connect-src (production uses tauri.localhost origin, not 127.0.0.1).
Adds Tauri logging plugin (file + stdout + webview) and a TypeScript logger
wrapper with console fallback for non-Tauri environments.
Embeds Claude Code CLI installation in the bootstrap pipeline. Updates
"CLI not found" messages across all agent backends with platform-specific
install commands and alternative backend suggestions.
* fix(lint): reformat test files flagged by ruff
Reformat tests/test_headless_permissions.py and
tests/test_integration_headless.py to satisfy ruff format.
Fix UP038 lint error: use `dict | str` instead of `(dict, str)`.
Closes#584
* fix(client): add missing Command import in context.rs
The macOS active-context detection uses std::process::Command
but the import was missing, causing a build failure on macOS.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Prakash <prakashd88@gmail.com>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Pin lint job to 3.12 and run tests across all supported Python
versions to catch compatibility issues early.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(client): use numeric version 0.1.1 for MSI bundler compatibility (#561)
MSI bundler requires numeric-only pre-release identifiers.
0.1.0-alpha.2 broke Tauri builds on all platforms.
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* fix(client): compile-time cfg for Windows process flags (#563)
* fix(client): use compile-time cfg for Windows-only process flags
cfg!(windows) is a runtime check — the compiler still tries to resolve
std::os::windows::process::CommandExt on macOS/Linux, causing 6 errors.
Split into #[cfg(windows)] / #[cfg(not(windows))] helper functions,
matching the pattern already used by _spawn_backend.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* fix(client): macOS traffic lights + non-interactive Unix installer
- Use titleBarStyle: Overlay with decorations: true to show native
macOS close/minimize/maximize buttons
- Unix installer now downloads installer.py and runs with
--non-interactive flag, matching the Windows approach. The shell
wrapper (install.sh) needs a TTY which isn't available from Tauri.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* fix(client): bump to 0.1.2, disable launcher on Python releases
- Bump desktop client version to 0.1.2
- Remove automatic release trigger from build-launcher.yml — desktop
builds now ship via publish-client.yml (Tauri). Launcher kept as
manual-dispatch-only legacy fallback.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
libappindicator3-dev conflicts with libayatana-appindicator3-dev on
Ubuntu 22.04. Only the ayatana version is needed (modern replacement).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Fix pre-release boolean coercion with fromJSON() wrapper
- Add missing Ubuntu deps: libssl-dev, libgtk-3-dev, libayatana-appindicator3-dev
- Simplify Rust target to use matrix.target directly
- Add tag input to workflow_dispatch (prevents branch name as tag)
- Scope signing keys to build step only (least-privilege)
- Set releaseDraft: true for initial rollout (review before publish)
- Use github.event.inputs.tag || github.ref_name for tag/release name
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
GitHub Actions workflow that builds macOS (arm64 + x86_64), Windows,
and Linux binaries using tauri-action. Triggers on client-v* tags.
Alpha/beta/rc tags are automatically marked as pre-release.
Supports manual dispatch with pre-release toggle. Uses Bun for
frontend deps and Rust caching for faster builds.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The quality gate was only checking for admin/maintain roles, which
closed PRs from collaborators with write permission (the default
for org members). Add write to the maintainer check.
Non-maintainers targeting main are auto-closed with instructions to
retarget to dev. Maintainers (admin/maintain permission) are allowed
through. Uses GitHub's collaborator permission API. Also adds a reopen
guard to prevent reopening bot-closed or maintainer-closed PRs.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* chore: add PR quality gates and CI pipeline
- Upgrade pr-quality-gate.yml: auto-close PRs targeting main, detect
cosmetic/doc-only PRs, add size labels (XS/S/M/L/XL), flag unrelated
bundled changes
- Add ci.yml: run tests + ruff lint on every PR (was completely missing)
- Add stale.yml: auto-close abandoned PRs after 21 days, issues after 44
- Add CODEOWNERS: auto-assign @prakashUXtech as reviewer
- Update CONTRIBUTING.md: add "What we don't accept" section
- Update PR template: add branch/issue warnings, tighten checklist
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* chore: remove CODEOWNERS — unnecessary with single maintainer
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* chore: add reopen guard to PR quality gate
PRs that were previously closed by the bot or a maintainer are
automatically re-closed if the author reopens them. Forces contributors
to open a new PR with addressed feedback instead of reopening.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
- Re-check on edited/synchronize so updates are re-evaluated
- Remove needs-work label when all checks pass
- Add conventional commit title enforcement
- Skip bot PRs (Dependabot, Renovate, github-actions)
- Idempotent comments (update existing instead of duplicating)
- Remove overly aggressive "very small changes" check
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Remove docs/public/install.sh duplicate. The deploy-docs workflow now
copies installer/install.sh and install.ps1 into the build output at
deploy time, so pocketpaw.xyz/install.sh keeps working.
Also updates installer/install.sh with local installer.py detection
(prefer bundled installer.py, fall back to GitHub download).
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Consolidate documentation from the separate pocketpaw-web repo into the
main pocketpaw repo. This keeps docs and code in sync so PRs can update
both atomically.
- Remove docs/ from .gitignore
- Remove docs' own .git (was pocketpaw/pocketpaw-web)
- Add .github/workflows/deploy-docs.yml (builds from docs/ subdirectory)
- Track all 120+ MDX pages, config, landing page, and public assets
The separate pocketpaw-web repo can now be archived.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Fix CI build path (build/ -> build-launcher/) and add icon generation (make_icons.py)
- Add macOS code signing (ad-hoc + production), DMG with Applications symlink
- Add Inno Setup script (pocketpaw.iss) with desktop/startup shortcuts and config cleanup
- Inject version from POCKETPAW_VERSION env var into binaries and Info.plist
- Add Windows PowerShell installer (install.ps1) with Python/uv detection and winget fallback
- Add auto-start module (launchd/registry/.desktop) with CLI flags and tray toggle
- Add uninstaller module with selective component removal and interactive console mode
- Enhance tray menu: version display, dynamic tooltip, View Logs, organized layout
- Add dynamic uv version resolution (GitHub API + 24h cache) and ARM64 Windows support
- Harden CI: checksum generation, artifact verification, signing certificate import
- Add TESTING.md with detailed manual test steps for macOS and Windows
- 26 new tests (15 autostart + 11 uninstall), all passing
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
