Skip to content

Onboarding checklist + provider data-source explainer (SOU-157, SOU-179)#40

Merged
tsouth89 merged 4 commits into
mainfrom
tsouth2/sou-157-179-onboarding
Jul 17, 2026
Merged

Onboarding checklist + provider data-source explainer (SOU-157, SOU-179)#40
tsouth89 merged 4 commits into
mainfrom
tsouth2/sou-157-179-onboarding

Conversation

@tsouth89

@tsouth89 tsouth89 commented Jul 17, 2026

Copy link
Copy Markdown
Owner

Two v1 trust/onboarding surfaces. Both are visual and user-facing copy — needs an eyeball on Windows (dark + light) before merge.

SOU-179 — "How Ceiling gets this data" (High, security)

A new block in every provider detail pane (under the identity rows) with a short, source-verified provenance line + a precise privacy note.

  • Dedicated copy for Claude, Codex, Cursor, Copilot, Gemini, checked against the real fetch paths in rust/src/providers/*; every other provider gets a precise generic line. providerProvenance.ts maps id → locale key.
  • Review coverage (the issue asked for this): providerProvenance.test.ts asserts the five keep dedicated copy and every resolvable key exists in the locale set — a new/renamed provider can't silently drop to generic or a missing string.
  • Privacy copy follows the guardrail: no "never leaves your PC" (credentials are sent to the provider's own endpoint to fetch usage). It states data is never sent to Ceiling-operated servers, only to the provider. I also corrected the README's inaccurate "never leave your machine" line.
  • New docs/DATA_SOURCES.md maintained reference, linked from the panel (opens the doc) and the README.

SOU-157 — first-run checklist (Medium)

A dismissible 3-step checklist (enable providers → connect/confirm auth → turn on floatbar/tray) in the empty PopOut dashboard. Steps reflect real state (enabledProviders, floatbar/taskbar enabled) and deep-link into the matching Settings tab. Dismissal persists in localStorage (same pattern as the detected-accounts card); a returning user with working auth never sees it because the dashboard shows their providers instead of the empty state. Loading still shows the spinner.

Deep-linking is tab-level (existing mechanism); sub-section/provider jump would need new plumbing and is deferred.

Verification

  • pnpm test — 48 files / 235 tests (9 new)
  • pnpm run build — check-locale (16 new keys, TS↔Rust parity) + tsc + vite green
  • cargo check (shared crate) — green

Eyeball checklist (Windows, both themes)

  • Provider detail → the "How Ceiling gets this data" block reads clearly; "Learn more" opens the doc
  • Fresh profile (or clear localStorage) → empty dashboard shows the checklist; steps flip to done as you enable a provider / turn on the floatbar; dismiss sticks

Closes SOU-179. Addresses SOU-157.

Summary by CodeRabbit

  • New Features
    • Added a dismissible first-run checklist in the main overview (with saved dismissal) to guide enabling providers, completing sign-in, and activating display/floatbar steps.
    • Added a provider data-source/privacy explainer section in provider settings, including a “Learn more” link.
    • Added provider-specific provenance messaging with a generic fallback.
  • Documentation
    • Updated README download/privacy wording and added detailed local-first data-sources/privacy documentation.
  • Tests
    • Added UI tests for checklist interactions and validation coverage for provenance fallback and localization key consistency.

…57, SOU-179)

## SOU-179 — "How Ceiling gets this data"

New DataSourceSection in every provider detail pane (right under the
identity block) with a short, source-verified provenance line plus a
precise privacy note. Copy is checked against the real fetch paths:

- Dedicated copy for Claude, Codex, Cursor, Copilot, Gemini
  (providerProvenance.ts maps id -> locale key); every other provider
  gets a precise generic line. A test asserts the five keep dedicated
  copy so a new/renamed provider can't silently drop to generic.
- Privacy note follows the guardrail: no "never leaves your PC" claim
  (credentials are sent to the provider's own endpoint to fetch usage);
  it states data is never sent to Ceiling-operated servers, only to the
  provider itself.
- New docs/DATA_SOURCES.md (maintained per-provider reference), linked
  from the panel and the README. Corrected the README's inaccurate
  "never leave your machine" line to precise language.

## SOU-157 — first-run checklist

Dismissible 3-step checklist (enable providers, connect/confirm auth,
turn on the floatbar/tray) shown in the empty PopOut dashboard. Steps
reflect real state and deep-link into the matching Settings tab.
Dismissal persists in localStorage; a returning user with working auth
never sees it (the dashboard shows their providers instead of the empty
state). Loading still shows the spinner.

Verified: pnpm test (48 files / 235 tests), pnpm run build
(check-locale + tsc + vite), cargo check (shared crate). Both surfaces
are visual and need a Windows eyeball (dark + light) before merge.
@cloudflare-workers-and-pages

cloudflare-workers-and-pages Bot commented Jul 17, 2026

Copy link
Copy Markdown

Deploying with  Cloudflare Workers  Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status Name Latest Commit Preview URL Updated (UTC)
✅ Deployment successful!
View logs
ceiling 229f1a9 Commit Preview URL

Branch Preview URL
Jul 17 2026, 03:22 AM

@coderabbitai

coderabbitai Bot commented Jul 17, 2026

Copy link
Copy Markdown

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: 74bb837a-4bad-48d6-b6c8-510cda744eca

📥 Commits

Reviewing files that changed from the base of the PR and between e19d51d and 229f1a9.

📒 Files selected for processing (3)
  • apps/desktop-tauri/src/surfaces/PopOutPanel.tsx
  • docs/DATA_SOURCES.md
  • rust/src/locale/en-US.ftl
🚧 Files skipped from review as they are similar to previous changes (3)
  • rust/src/locale/en-US.ftl
  • docs/DATA_SOURCES.md
  • apps/desktop-tauri/src/surfaces/PopOutPanel.tsx

📝 Walkthrough

Walkthrough

The PR adds provider data-source explanations to provider settings and documentation, plus a persistent first-run checklist for empty provider views. It adds provenance fallback logic, localized strings, styling, persistence helpers, navigation actions, and tests.

Changes

Desktop experience

Layer / File(s) Summary
Provider provenance and privacy details
apps/desktop-tauri/src/lib/providerProvenance.ts, apps/desktop-tauri/src/surfaces/settings/providers/sections/DataSourceSection.tsx, apps/desktop-tauri/src/surfaces/settings/providers/ProviderDetailPane.tsx, apps/desktop-tauri/src/i18n/keys.ts, rust/src/locale.*, docs/DATA_SOURCES.md, README.md, apps/desktop-tauri/src/styles.css, apps/desktop-tauri/src/lib/providerProvenance.test.ts, apps/desktop-tauri/src/surfaces/settings/providers/sections/DataSourceSection.test.tsx
Provider-specific provenance text, privacy documentation, localized keys and translations, settings-pane rendering, styling, and fallback tests are added.
First-run checklist flow
apps/desktop-tauri/src/components/FirstRunChecklist.*, apps/desktop-tauri/src/surfaces/PopOutPanel.tsx, apps/desktop-tauri/src/styles.css, rust/src/locale.*
A persistent, dismissible setup checklist is shown for empty provider views, with completion states, navigation actions, localized labels, styling, and interaction tests.

Estimated code review effort: 3 (Moderate) | ~20 minutes

Sequence Diagram(s)

sequenceDiagram
  participant PopOutPanel
  participant localStorage
  participant FirstRunChecklist
  participant DisplaySettings
  PopOutPanel->>localStorage: read dismissal state
  PopOutPanel->>FirstRunChecklist: render setup status
  FirstRunChecklist->>DisplaySettings: open display action
  FirstRunChecklist->>localStorage: persist dismissal
  localStorage-->>PopOutPanel: return dismissal state
Loading
🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly summarizes the two main additions: an onboarding checklist and a provider data-source explainer.
Docstring Coverage ✅ Passed Docstring coverage is 80.00% which is sufficient. The required threshold is 80.00%.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch tsouth2/sou-157-179-onboarding

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 3

🧹 Nitpick comments (1)
apps/desktop-tauri/src/surfaces/settings/providers/sections/DataSourceSection.test.tsx (1)

6-27: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Cover the documentation-link action.

The Tauri helper is mocked, but no test clicks the button or verifies the DATA_SOURCES.md URL. Add one focused assertion for the mocked openExternalUrl call.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@apps/desktop-tauri/src/surfaces/settings/providers/sections/DataSourceSection.test.tsx`
around lines 6 - 27, Add a focused interaction test in the DataSourceSection
tests that clicks the “DataSourceLearnMore” control and asserts the mocked
openExternalUrl helper is called with the DATA_SOURCES.md URL. Reuse the
existing vi mock and provider setup, keeping the current rendering assertions
unchanged.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@apps/desktop-tauri/src/surfaces/PopOutPanel.tsx`:
- Around line 372-375: Update the FirstRunChecklist usage in PopOutPanel to
derive hasWorkingAuth from the authoritative provider/authentication state
instead of hardcoding false, so authenticated users with no usage snapshot
retain the completed authentication state. Add a regression test covering the
authenticated-but-empty-dashboard scenario.

In `@rust/src/locale/en-US.ftl`:
- Line 602: Update the DataSourceCopilot localization string to mention
device-flow sign-in alongside GitHub CLI and Git Credential Manager tokens,
while preserving its existing GitHub host communication description.
- Around line 597-604: Update DataSourcePrivacyNote and DataSourceGeneric in
rust/src/locale/en-US.ftl (lines 597-604) to state that credentials and usage
data are stored/read locally and are not sent to Ceiling-operated servers, while
requests may go to the relevant provider or the user-configured Wayfinder
gateway. Update docs/DATA_SOURCES.md (lines 3-8) with the same local-storage and
transport wording, preserving the server-boundary claim.

---

Nitpick comments:
In
`@apps/desktop-tauri/src/surfaces/settings/providers/sections/DataSourceSection.test.tsx`:
- Around line 6-27: Add a focused interaction test in the DataSourceSection
tests that clicks the “DataSourceLearnMore” control and asserts the mocked
openExternalUrl helper is called with the DATA_SOURCES.md URL. Reuse the
existing vi mock and provider setup, keeping the current rendering assertions
unchanged.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: e3f15272-7439-464c-bda8-36d9cf11d7e3

📥 Commits

Reviewing files that changed from the base of the PR and between d09b623 and 33b431b.

📒 Files selected for processing (14)
  • README.md
  • apps/desktop-tauri/src/components/FirstRunChecklist.test.tsx
  • apps/desktop-tauri/src/components/FirstRunChecklist.tsx
  • apps/desktop-tauri/src/i18n/keys.ts
  • apps/desktop-tauri/src/lib/providerProvenance.test.ts
  • apps/desktop-tauri/src/lib/providerProvenance.ts
  • apps/desktop-tauri/src/styles.css
  • apps/desktop-tauri/src/surfaces/PopOutPanel.tsx
  • apps/desktop-tauri/src/surfaces/settings/providers/ProviderDetailPane.tsx
  • apps/desktop-tauri/src/surfaces/settings/providers/sections/DataSourceSection.test.tsx
  • apps/desktop-tauri/src/surfaces/settings/providers/sections/DataSourceSection.tsx
  • docs/DATA_SOURCES.md
  • rust/src/locale.rs
  • rust/src/locale/en-US.ftl

Comment thread apps/desktop-tauri/src/surfaces/PopOutPanel.tsx
Comment thread rust/src/locale/en-US.ftl Outdated
Comment thread rust/src/locale/en-US.ftl Outdated
The shared-crate test `test_all_locale_keys_have_all_languages` requires
every LocaleKey to resolve non-empty in all six locales, not just en-US.
Add the 16 new SOU-157/SOU-179 keys to es-MX, zh-CN, zh-TW, ja-JP, and
ko-KR.

The privacy-sensitive strings (DataSourcePrivacyNote and per-provider
lines) are translated faithfully, keeping the exact claim: data stays on
this PC and is only sent to the provider, never to Ceiling-operated
servers. These new translations are AI-generated and should get a
native-speaker pass before the v1 tag.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@rust/src/locale/es-MX.ftl`:
- Line 597: Clarify the shared DataSourcePrivacyNote wording so it accurately
distinguishes locally retained credentials and usage data from data sent to the
provider, then synchronize the canonical English string and translations in
rust/src/locale/en-US.ftl:597, rust/src/locale/es-MX.ftl:597,
rust/src/locale/ja-JP.ftl:597, rust/src/locale/ko-KR.ftl:597,
rust/src/locale/zh-CN.ftl:597, and rust/src/locale/zh-TW.ftl:597.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: 41d107f9-e1cb-4ee7-9dfb-a8f8b54ace04

📥 Commits

Reviewing files that changed from the base of the PR and between 33b431b and 9ac2556.

📒 Files selected for processing (5)
  • rust/src/locale/es-MX.ftl
  • rust/src/locale/ja-JP.ftl
  • rust/src/locale/ko-KR.ftl
  • rust/src/locale/zh-CN.ftl
  • rust/src/locale/zh-TW.ftl

Comment thread rust/src/locale/es-MX.ftl Outdated
…nly)

Ceiling only supports English. The all-locales test requires each key
in all 6 .ftl files, so the new SOU-157/SOU-179 keys carry the English
text in every file rather than machine-translated copy.
- PopOutPanel: derive FirstRunChecklist `hasWorkingAuth` from real
  provider state (any enabled provider with a non-errored snapshot)
  instead of hardcoding false, so an authenticated-but-empty dashboard
  shows the auth step as done.
- Privacy copy: separate local storage from network transport and name
  the Wayfinder local-gateway exception in DataSourcePrivacyNote,
  DataSourceGeneric (en-US.ftl) and docs/DATA_SOURCES.md. The
  server-boundary claim (never sent to Ceiling-operated servers) stays.
- DataSourceCopilot: mention device-flow sign-in to match DATA_SOURCES.md.
@tsouth89
tsouth89 merged commit 5795439 into main Jul 17, 2026
6 checks passed
@tsouth89
tsouth89 deleted the tsouth2/sou-157-179-onboarding branch July 17, 2026 03:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant