fix(desktop): improve AppImage icons and remote environment#2538
fix(desktop): improve AppImage icons and remote environment#2538mwolson wants to merge 25 commits into
Conversation
|
Important Review skippedAuto reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: Repository UI Review profile: CHILL Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
github-actions
Bot
added
vouch:unvouched
mwolson
changed the title
ApprovabilityVerdict: Needs human review This PR introduces significant new Linux platform behavior including password store detection, DBus session bus address resolution, new IPC methods, and schema changes affecting DateTime serialization. An unresolved comment also questions whether Electron scheme privilege registration timing was affected by the layer restructuring. You can customize Macroscope's approvability policy. Learn more. |
mwolson
force-pushed
the
fix/linux-secret-store-backend
branch
from
dba46b4 to
bfc4a7c
Compare
Before (missing icon)Missing icon (works in shelly, doesn't work when appimage is launched directly, or with AppImageLauncher): 
Before (secret manager)Error when trying to add environment: 
|
After (icons fix)Launched appimage directly after chmod +x on it: 
After (secrets-manager fix)
|
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
|
can you resolve conflcits here? |
…ore-backend # Conflicts: # apps/desktop/src/desktopSettings.test.ts # apps/desktop/src/desktopSettings.ts # apps/desktop/src/main.ts
|
icon looks like this for me on ubuntu? |
mwolson
changed the title
mwolson
changed the title
github-actions
Bot
added
size:XL
mwolson
changed the title
|
@juliusmarminge fixed the issues you mentioned and re-smoked it on my end. If you don't want the AGENTS.md changes around Effect (or want different content there) let me know. |
|
I can look at it in a bit, but there's nothing that says that just cause it should run before electron it must run synchronously at module scope? The layer graph before was setup so that the protocol was the first thing that executed before the main effect program? Was there an issue with that? We create the electron app inside the effect program ye? |
Good points; I moved this back into the Effect startup graph as an explicit first layer with |
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 8863f9e. Configure here.
|
@juliusmarminge I've addressed the earlier feedback, merged latest main, and went through several rounds of bugbot feedback, so it's ready for another look as time allows. |
|
@juliusmarminge I've merged main again to update the branch; if you'd rather have me split out the appimage work (which from our conversation ~1 month ago seemed to be tested on Ubuntu and went well), let me know, either way. |
2 participants
Summary
ready, including--password-store, Wayland/X11 app class, and desktop scheme privileges.DBUS_SESSION_BUS_ADDRESS, so GNOME Keyring/libsecret is reachable when launching outside GNOME.Closes #2331.
Fixes #2539.
Diagnosis
The icon issue came from Linux AppImage builds staging only a single large
icon.png. This PR stages a directory of standard icon sizes (16,22,24,32,48,64,128,256, and512) and points electron-builder at that directory. CI installs ImageMagick for Linux release builds so those sizes can be generated reliably.The credential-store failure came from Electron selecting a non-encrypting Linux
safeStoragebackend when running under desktop environments it does not recognize, such as Niri. The app was also relying on shell/session environment values that may not be present when launched from an AppImage or desktop entry.This PR moves the Linux Electron setup into the synchronous process bootstrap path so it happens before Electron emits
ready, which is required for--password-storeand privileged protocol registration to take effect. It also imports enough login/session environment to reach the user's DBus session bus and falls back to/run/user/$UID/buswhen appropriate.While testing the remote flow, two separate persistence issues showed up:
DateTime.Utcvalues.Scope
This is intentionally focused on Linux desktop/AppImage remote environment reliability. It does not change remote server behavior, and SSH process cleanup after removal remains fire-and-forget so the Settings UI does not hang if disconnect stalls.
Test plan
bun fmtbun lintbun typecheckbun run testbun run --filter @t3tools/desktop test -- DesktopEarlyElectronStartup DesktopEnvironment ElectronProtocol DesktopShellEnvironment linuxSecretStoragebun run --filter @t3tools/desktop test -- DesktopSavedEnvironmentsbun run --filter @t3tools/web test -- localApi service.addSavedEnvironment catalogbun run dist:desktop:linux16,22,24,32,48,64,128,256, and512.T3CODE_HOMEisolated.passwordStore: gnome-libsecret,backend: gnome_libsecret, andencryptionAvailable: true.remote-game, and ran a trivial task on it.remote-game, reinstalled/restarted, and confirmed the saved environment did not come back.Note
Medium Risk
Touches Linux Electron startup, encrypted credential persistence, and shared auth schema decoding; saved-environment removal ordering changed but covered by tests.
Overview
Improves Linux AppImage packaging and remote saved-environment reliability on non-GNOME desktops (e.g. Niri).
Linux desktop bootstrap now applies Electron options before
ready: persistedlinuxPasswordStore,--password-storeheuristics for unrecognized sessions, WM class, synchronoust3scheme privileges, and optionalDBUS_SESSION_BUS_ADDRESSfrom/run/user/$UID/bus. Login-shell hydration also pulls more XDG/desktop vars. Secret save failures return Keyring/KWallet guidance viaselectedStorageBackend.Saved environments: new
removeSavedEnvironmentIPC/persistence removes registry + encrypted token in one write; the web layer deletes persisted state first and runs SSH disconnect in the background. Bearer-token persistence uses clearer rollback (preserves primary errors) and replaces stale SSH records via atomic remove.Remote auth over SSH HTTP decodes
expiresAtfrom ISO strings (DateTimeUtcFromStringin contracts).Release/build: Linux CI installs ImageMagick; desktop Linux artifacts stage hicolor-sized icons (
icons/dir) instead of a single PNG.Reviewed by Cursor Bugbot for commit 2273d3e. Bugbot is set up for automated code reviews on this repo. Configure here.
Note
Improve Linux AppImage icons and remote environment credential management
resources/iconsdirectory; electron-builder is updated to point at this directory instead of a singleicon.pngremoveSavedEnvironmentmethod end-to-end: IPC channel, preload bridge,DesktopSavedEnvironmentsservice,LocalApipersistence, and web-side catalog/store updatelinuxSecretStorage.tswith helpers to normalize password-store preferences, resolve the Electron--password-storeswitch, and generate platform-appropriate remediation messages when secret storage is unavailableapp.ready, and logs the safe storage backend after readyDesktopShellEnvironmenthydrates additional XDG/Wayland/DBus environment variables from the login shell and auto-discoversDBUS_SESSION_BUS_ADDRESSvia the XDG runtime dir socketexpiresAtfields in auth contract schemas (AuthBootstrapResult,AuthBearerBootstrapResult,AuthWebSocketTokenResult,AuthSessionState) are changed fromDateTimeUtctoDateTimeUtcFromStringfor correct JSON decodingMacroscope summarized 2273d3e.