Onboarding checklist + provider data-source explainer (SOU-157, SOU-179)#40
Conversation
…57, SOU-179) ## SOU-179 — "How Ceiling gets this data" New DataSourceSection in every provider detail pane (right under the identity block) with a short, source-verified provenance line plus a precise privacy note. Copy is checked against the real fetch paths: - Dedicated copy for Claude, Codex, Cursor, Copilot, Gemini (providerProvenance.ts maps id -> locale key); every other provider gets a precise generic line. A test asserts the five keep dedicated copy so a new/renamed provider can't silently drop to generic. - Privacy note follows the guardrail: no "never leaves your PC" claim (credentials are sent to the provider's own endpoint to fetch usage); it states data is never sent to Ceiling-operated servers, only to the provider itself. - New docs/DATA_SOURCES.md (maintained per-provider reference), linked from the panel and the README. Corrected the README's inaccurate "never leave your machine" line to precise language. ## SOU-157 — first-run checklist Dismissible 3-step checklist (enable providers, connect/confirm auth, turn on the floatbar/tray) shown in the empty PopOut dashboard. Steps reflect real state and deep-link into the matching Settings tab. Dismissal persists in localStorage; a returning user with working auth never sees it (the dashboard shows their providers instead of the empty state). Loading still shows the spinner. Verified: pnpm test (48 files / 235 tests), pnpm run build (check-locale + tsc + vite), cargo check (shared crate). Both surfaces are visual and need a Windows eyeball (dark + light) before merge.
Deploying with
|
| Status | Name | Latest Commit | Preview URL | Updated (UTC) |
|---|---|---|---|---|
| ✅ Deployment successful! View logs |
ceiling | 229f1a9 | Commit Preview URL Branch Preview URL |
Jul 17 2026, 03:22 AM |
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Organization UI Review profile: CHILL Plan: Pro Plus Run ID: 📒 Files selected for processing (3)
🚧 Files skipped from review as they are similar to previous changes (3)
📝 WalkthroughWalkthroughThe PR adds provider data-source explanations to provider settings and documentation, plus a persistent first-run checklist for empty provider views. It adds provenance fallback logic, localized strings, styling, persistence helpers, navigation actions, and tests. ChangesDesktop experience
Estimated code review effort: 3 (Moderate) | ~20 minutes Sequence Diagram(s)sequenceDiagram
participant PopOutPanel
participant localStorage
participant FirstRunChecklist
participant DisplaySettings
PopOutPanel->>localStorage: read dismissal state
PopOutPanel->>FirstRunChecklist: render setup status
FirstRunChecklist->>DisplaySettings: open display action
FirstRunChecklist->>localStorage: persist dismissal
localStorage-->>PopOutPanel: return dismissal state
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Comment |
There was a problem hiding this comment.
Actionable comments posted: 3
🧹 Nitpick comments (1)
apps/desktop-tauri/src/surfaces/settings/providers/sections/DataSourceSection.test.tsx (1)
6-27: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick winCover the documentation-link action.
The Tauri helper is mocked, but no test clicks the button or verifies the
DATA_SOURCES.mdURL. Add one focused assertion for the mockedopenExternalUrlcall.🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@apps/desktop-tauri/src/surfaces/settings/providers/sections/DataSourceSection.test.tsx` around lines 6 - 27, Add a focused interaction test in the DataSourceSection tests that clicks the “DataSourceLearnMore” control and asserts the mocked openExternalUrl helper is called with the DATA_SOURCES.md URL. Reuse the existing vi mock and provider setup, keeping the current rendering assertions unchanged.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@apps/desktop-tauri/src/surfaces/PopOutPanel.tsx`:
- Around line 372-375: Update the FirstRunChecklist usage in PopOutPanel to
derive hasWorkingAuth from the authoritative provider/authentication state
instead of hardcoding false, so authenticated users with no usage snapshot
retain the completed authentication state. Add a regression test covering the
authenticated-but-empty-dashboard scenario.
In `@rust/src/locale/en-US.ftl`:
- Line 602: Update the DataSourceCopilot localization string to mention
device-flow sign-in alongside GitHub CLI and Git Credential Manager tokens,
while preserving its existing GitHub host communication description.
- Around line 597-604: Update DataSourcePrivacyNote and DataSourceGeneric in
rust/src/locale/en-US.ftl (lines 597-604) to state that credentials and usage
data are stored/read locally and are not sent to Ceiling-operated servers, while
requests may go to the relevant provider or the user-configured Wayfinder
gateway. Update docs/DATA_SOURCES.md (lines 3-8) with the same local-storage and
transport wording, preserving the server-boundary claim.
---
Nitpick comments:
In
`@apps/desktop-tauri/src/surfaces/settings/providers/sections/DataSourceSection.test.tsx`:
- Around line 6-27: Add a focused interaction test in the DataSourceSection
tests that clicks the “DataSourceLearnMore” control and asserts the mocked
openExternalUrl helper is called with the DATA_SOURCES.md URL. Reuse the
existing vi mock and provider setup, keeping the current rendering assertions
unchanged.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro Plus
Run ID: e3f15272-7439-464c-bda8-36d9cf11d7e3
📒 Files selected for processing (14)
README.mdapps/desktop-tauri/src/components/FirstRunChecklist.test.tsxapps/desktop-tauri/src/components/FirstRunChecklist.tsxapps/desktop-tauri/src/i18n/keys.tsapps/desktop-tauri/src/lib/providerProvenance.test.tsapps/desktop-tauri/src/lib/providerProvenance.tsapps/desktop-tauri/src/styles.cssapps/desktop-tauri/src/surfaces/PopOutPanel.tsxapps/desktop-tauri/src/surfaces/settings/providers/ProviderDetailPane.tsxapps/desktop-tauri/src/surfaces/settings/providers/sections/DataSourceSection.test.tsxapps/desktop-tauri/src/surfaces/settings/providers/sections/DataSourceSection.tsxdocs/DATA_SOURCES.mdrust/src/locale.rsrust/src/locale/en-US.ftl
The shared-crate test `test_all_locale_keys_have_all_languages` requires every LocaleKey to resolve non-empty in all six locales, not just en-US. Add the 16 new SOU-157/SOU-179 keys to es-MX, zh-CN, zh-TW, ja-JP, and ko-KR. The privacy-sensitive strings (DataSourcePrivacyNote and per-provider lines) are translated faithfully, keeping the exact claim: data stays on this PC and is only sent to the provider, never to Ceiling-operated servers. These new translations are AI-generated and should get a native-speaker pass before the v1 tag.
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@rust/src/locale/es-MX.ftl`:
- Line 597: Clarify the shared DataSourcePrivacyNote wording so it accurately
distinguishes locally retained credentials and usage data from data sent to the
provider, then synchronize the canonical English string and translations in
rust/src/locale/en-US.ftl:597, rust/src/locale/es-MX.ftl:597,
rust/src/locale/ja-JP.ftl:597, rust/src/locale/ko-KR.ftl:597,
rust/src/locale/zh-CN.ftl:597, and rust/src/locale/zh-TW.ftl:597.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro Plus
Run ID: 41d107f9-e1cb-4ee7-9dfb-a8f8b54ace04
📒 Files selected for processing (5)
rust/src/locale/es-MX.ftlrust/src/locale/ja-JP.ftlrust/src/locale/ko-KR.ftlrust/src/locale/zh-CN.ftlrust/src/locale/zh-TW.ftl
…nly) Ceiling only supports English. The all-locales test requires each key in all 6 .ftl files, so the new SOU-157/SOU-179 keys carry the English text in every file rather than machine-translated copy.
- PopOutPanel: derive FirstRunChecklist `hasWorkingAuth` from real provider state (any enabled provider with a non-errored snapshot) instead of hardcoding false, so an authenticated-but-empty dashboard shows the auth step as done. - Privacy copy: separate local storage from network transport and name the Wayfinder local-gateway exception in DataSourcePrivacyNote, DataSourceGeneric (en-US.ftl) and docs/DATA_SOURCES.md. The server-boundary claim (never sent to Ceiling-operated servers) stays. - DataSourceCopilot: mention device-flow sign-in to match DATA_SOURCES.md.
Two v1 trust/onboarding surfaces. Both are visual and user-facing copy — needs an eyeball on Windows (dark + light) before merge.
SOU-179 — "How Ceiling gets this data" (High, security)
A new block in every provider detail pane (under the identity rows) with a short, source-verified provenance line + a precise privacy note.
rust/src/providers/*; every other provider gets a precise generic line.providerProvenance.tsmaps id → locale key.providerProvenance.test.tsasserts the five keep dedicated copy and every resolvable key exists in the locale set — a new/renamed provider can't silently drop to generic or a missing string.docs/DATA_SOURCES.mdmaintained reference, linked from the panel (opens the doc) and the README.SOU-157 — first-run checklist (Medium)
A dismissible 3-step checklist (enable providers → connect/confirm auth → turn on floatbar/tray) in the empty PopOut dashboard. Steps reflect real state (
enabledProviders, floatbar/taskbar enabled) and deep-link into the matching Settings tab. Dismissal persists inlocalStorage(same pattern as the detected-accounts card); a returning user with working auth never sees it because the dashboard shows their providers instead of the empty state. Loading still shows the spinner.Deep-linking is tab-level (existing mechanism); sub-section/provider jump would need new plumbing and is deferred.
Verification
pnpm test— 48 files / 235 tests (9 new)pnpm run build— check-locale (16 new keys, TS↔Rust parity) + tsc + vite greencargo check(shared crate) — greenEyeball checklist (Windows, both themes)
localStorage) → empty dashboard shows the checklist; steps flip to done as you enable a provider / turn on the floatbar; dismiss sticksCloses SOU-179. Addresses SOU-157.
Summary by CodeRabbit