Skip to content

Cut release: Research Workspace, MCP Unified, Docker Compose, and CI refactors#1982

Merged
rmusser01 merged 4919 commits into
mainfrom
dev
Jun 30, 2026
Merged

Cut release: Research Workspace, MCP Unified, Docker Compose, and CI refactors#1982
rmusser01 merged 4919 commits into
mainfrom
dev

Conversation

@rmusser01

@rmusser01 rmusser01 commented May 23, 2026

Copy link
Copy Markdown
Owner

Summary

  • What changed:

    • Cuts the release branch that makes Research Workspace the default experience and carries the related MCP Unified, Docker/Compose, CI, onboarding, OCR, and documentation updates.
    • Merges current main into dev to clear PR merge conflicts, with dev taking precedence for overlapping conflict hunks.
    • Addresses still-valid PR review feedback for SBOM source precedence, self-hosted checkout credential persistence, Research Workspace parity workflow triggers/artifacts, design-token drift, compose quickstart key guidance, and MCP catalog connection validation.
  • Why:

    • Keeps the release PR mergeable while preserving the intended dev branch behavior over overlapping main changes.
    • Ensures CI/security workflows exercise parity-affecting changes and avoid avoidable credential/artifact gaps.
    • Prevents MCP connection tests from probing or logging secret-bearing request URLs while still rejecting private/reserved hosts before catalog lookup.

Validation

  • gh pr checks 1982 --repo rmusser01/tldw_server --json name,state,bucket,link,startedAt,completedAt,workflow checked current PR status.
  • git diff --name-only --diff-filter=U confirmed no unmerged paths.
  • rg -n "^(<<<<<<<|>>>>>>>|=======$)" confirmed no exact conflict markers.
  • git diff --check and git diff --cached --check passed.
  • .impeccable/design.json parsed with python -m json.tool.
  • Touched workflow/compose YAML parsed with PyYAML.
  • Bandit production touched scope passed; all-touched Bandit with pytest assert warnings suppressed reported zero findings.
  • Focused pytest slice passed: OCR runtime/backend tests plus MCP catalog endpoint tests (51 passed).

Risk and Rollback

  • Merge-conflict policy used for this PR: keep dev when main overlaps with the PR branch.
  • Rollback is the merge/fix commit on dev.
  • Public or multi-user deployments must use server-side login/JWT; NEXT_PUBLIC_X_API_KEY remains documented as a local-only single-user quickstart convenience.

Change Summary

This PR carries a release-scale integration from dev into main, so the conflict resolution intentionally preserves dev behavior in overlapping areas while accepting non-conflicting main updates. The follow-up fixes are narrow review-response changes: workflow triggers and artifact upload behavior were broadened for Research Workspace parity coverage, checkout credentials were hardened on a self-hosted workflow, SBOM generation now prefers project metadata, design-system samples were aligned with their documented token contract, and MCP catalog connection validation now validates the public host before catalog lookup while probing only the canonical catalog URL.

@gemini-code-assist

Copy link
Copy Markdown

Warning

You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again!

@rmusser01 rmusser01 marked this pull request as draft May 23, 2026 04:29
@coderabbitai

coderabbitai Bot commented May 23, 2026

Copy link
Copy Markdown

Review Change Stack

Important

Review skipped

This PR was authored by the user configured for CodeRabbit reviews. CodeRabbit does not review PRs authored by this user. It's recommended to use a dedicated user account to post CodeRabbit review feedback.

⚙️ Run configuration

Configuration used: Repository UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: a78e940d-d08c-434d-aa9c-f764b1dd1a16

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • ✅ Review completed - (🔄 Check again to review again)
📝 Walkthrough

Walkthrough

This PR updates CI/CD workflows and linting, adds frontend/test env wiring and new workflows (vz-linux host-gated, UI research/nightly/parity), introduces Docker Compose single/multi-user configs and loopback WebUI binding, refactors the entrypoint env/DB handling, and adds design/docs and repo metadata edits.

Changes

CI/CD Workflows & Infrastructure

Layer / File(s) Summary
Actionlint configuration & workflow linting
.github/actionlint.yaml, .github/workflows/actionlint.yml
New actionlint config specifies self-hosted runner labels; actionlint workflow now watches the config and lints additional workflows.
CI tooling, coverage, SBOM, and packaging checks
.github/workflows/ci.yml, .github/workflows/coverage-required.yml, .github/workflows/sbom.yml, .github/workflows/publish-docker.yml, .github/workflows/publish-ghcr-main.yml, .github/workflows/publish-pypi.yml, .github/workflows/pypi-package.yml
Lint job now installs pinned mypy/ruff and runs non-blocking checks; Admin module tests clear PYTEST_ADDOPTS; coverage gate raised to 5%; SBOM generation gains pyproject->requirements extraction and robust invocation fallbacks; Docker action pins and PyPI trigger/packaging checks updated, including MCP Unified artifact-gate test step.
Frontend env and UX gates
.github/workflows/frontend-e2e-tiers.yml, .github/workflows/frontend-required.yml, .github/workflows/frontend-ux-gates.yml, .github/workflows/ui-playground-quality-gates.yml
Adds SKIP_WXT_PREPARE widely; wires mock OpenAI server, smoke regression gate, logs, and cleanup steps in UX gates and playground jobs.
VZ Linux host-gated smoke test workflow
.github/workflows/vz-linux-host-gated.yml
New workflow to run host E2E smoke on self-hosted macOS ARM64 runners with runner checks, dynamic args, dependency setup, and helper log artifact upload.
UI research/nightly/parity workflows
.github/workflows/ui-research-workspace-nightly.yml, .github/workflows/ui-research-workspace-parity.yml
Adds nightly and parity research E2E jobs for WebUI and extension with backend lifecycle management and artifact uploads.

Docker Deployment Configuration

Layer / File(s) Summary
Single-user and multi-user Docker Compose configs & WebUI overlay
Dockerfiles/docker-compose.single-user.yml, Dockerfiles/docker-compose.multi-user-postgres.yml, Dockerfiles/docker-compose.webui.yml
Adds single-user and multi-user compose files (app/redis and app/postgres/redis) with healthchecks and named volumes; WebUI bind changed to 127.0.0.1:8080:3000 and NEXT_PUBLIC_X_API_KEY env added.
Docker ignore rules and README
.dockerignore, .gitignore, Dockerfiles/README.md
.dockerignore now ignores local .env variants while allowing example files; .gitignore updated for env backups and template JSON exceptions; Docker README rewritten to document single/multi-user flow and troubleshooting.
Entrypoint script environment and DB handling
Dockerfiles/entrypoints/tldw-app-first-run.sh
Refactors env loading to Python-based parsing/validation, adds JOBS_DB_URL handling and derive_postgres_database_url(), changes upsert behavior to write minimal env files, and tightens multi-user admin bootstrap/user-probe failure handling.

Repository Documentation & Configuration

Layer / File(s) Summary
Repo metadata and task guidance
AGENTS.md, CLAUDE.md, .gitignore
Removes legacy pinned requirements refs, adds Backlog.md task-tracking guidance, and adjusts gitignore entries for env backups and template fixture JSON files.
Release notes, review checklist, and design system
CHANGELOG.md, Codeslop-Vibecheck-SKILL.md, .impeccable/design.json, DESIGN.md
Adds ACP release-policy changelog entries, introduces the Codeslop Vibecheck review checklist, and adds a new design system JSON and human-readable design spec.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~65 minutes

Possibly related PRs

Suggested labels

Review effort 1/5

"I hopped through YAMLs and Docker stacks tonight,
I hid local envs from accidental light,
I parsed .env with Python-bright delight,
I started smoke hosts on ARM until first light,
CI, docs, and design—happy rabbit flight!"

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (2 warnings)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 14.29% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
Description check ⚠️ Warning The PR description provides a clear 'What changed' and 'Why' summary, explains the merge-conflict resolution strategy, documents validation steps completed, and discusses risk/rollback. However, the provided template requires a 'UX Audit Checklist' and 'Watchlists' checklists with checkboxes; none of these checklists are marked or addressed in the description. Complete the required UX Audit Checklist (v2 Stage 5) and Watchlists checklists, marking items as 'not applicable' if they don't apply, or provide evidence that sections do not apply to this release scope.
✅ Passed checks (3 passed)
Check name Status Explanation
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Title check ✅ Passed The title accurately summarizes the main changes: a release cut that updates Research Workspace, MCP Unified, Docker Compose, and CI infrastructure. It is concise, specific, and captures the primary scope.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.


Comment @coderabbitai help to get the list of available commands.

@qodo-code-review

qodo-code-review Bot commented May 23, 2026

Copy link
Copy Markdown

Review Summary by Qodo

(Agentic_describe updated until commit ced6690)

Release: Research Workspace Default, MCP Unified Stage-4K, Managed llama.cpp, Enhanced CI/Docker, and Comprehensive API Expansion

✨ Enhancement 🧪 Tests 📝 Documentation

Grey Divider

Walkthroughs

Description
• **Release Automation**: New release.py orchestration module with semantic versioning, changelog
  promotion, and metadata management (pyproject.toml, README, MkDocs, CHANGELOG) with resumable
  release states and dry-run support
• **Research Workspace**: Made default selection, replacing Playground parity/nightly workflows;
  includes deep research launches from literature artifacts, follow-up seeds, bundle imports, and
  proposal verification
• **Chat Enhancements**: /chat endpoint gated behind local cockpit OpenAI mock; extension
  handoff/model recovery stabilized; status strip shows web search progress
• **MCP Unified (Stage-4K)**: Gateway config bootstrap, file loader, CLI, preset detail CLI,
  default-profile wiring, and profile manager with API and CLI support
• **Runtime/Providers**: Managed llama.cpp config/validate/inventory with start-by-model;
  omnivoice defaults voice: "auto" with structured audio errors; new OmniVoice sidecar installer
  and smoke tests
• **API Client Expansion**: Added comprehensive type imports and methods for sandbox runtime
  diagnostics, llama.cpp profile management, audio presets, OpenWebUI hydration, and chatbook imports
  with source format support
• **Design System**: Migrated product-state alerts across Admin/Settings/Monitoring/Prompt Studio
  with comprehensive guard test suite (1547 lines)
• **CI/Docker/Compose**: Actionlint config validation, SBOMs written to repo root, coverage gate 5%,
  pinned non-blocking ruff/mypy, WebUI binds 127.0.0.1, entrypoint auto-derives
  DATABASE_URL/JOBS_DB_URL, new single/multi-user Postgres compose, PyPI publish
  workflow_dispatch-only
• **New Services**: Persona visual packs management (655 lines), media read-along session management
  with TTS integration, comprehensive route metadata system (80+ routes), watchlists with
  alerts/outputs tabs
• **Testing**: ACP certification smoke test framework with manifest orchestration, OmniVoice sidecar
  smoke tests with audio validation, Writing Playground API response type guards, watchlists E2E tests
  refactored for flexible UI layouts, product-state guard validation suite
• **Documentation**: Sync v2 contracts and pagination guide, VN platform capabilities/assets,
  Prototype Workspaces API and contract matrix, Chatbooks/OpenWebUI JSON/DB import, managed
  llama.cpp endpoints, sandbox runtime support, moderation review and rules, AuthNZ dependency API
  updates, persona visual packs, watchlists, design system tokens/docs
• **Removed**: WorkspacePlayground component and related tests/workflows (replaced by Research
  Workspace), implementation plan documents
Diagram
flowchart LR
  RW["Research Workspace<br/>Default Selection"]
  PG["Playground<br/>Deprecated"]
  RW -- "replaces" --> PG
  
  Chat["Chat Enhancements<br/>/chat gated, handoff stabilized"]
  MCP["MCP Unified Stage-4K<br/>Gateway, CLI, Profiles"]
  LlamaCpp["Managed llama.cpp<br/>Config, Validate, Inventory"]
  OmniVoice["OmniVoice Sidecar<br/>Installer & Tests"]
  
  APIClient["API Client Expansion<br/>llama.cpp, Audio, Sandbox"]
  Services["New Services<br/>Persona Visuals, Read-Along,<br/>Route Metadata, Watchlists"]
  
  Release["Release Automation<br/>Semantic Versioning,<br/>Metadata Management"]
  
  CI["CI/Docker/Compose<br/>Hardening & Validation"]
  Tests["Comprehensive Tests<br/>ACP Smoke, E2E, Guards"]
  Docs["Documentation<br/>Sync v2, VN, Workspaces,<br/>Chatbooks, Design System"]
  
  Release --> RW
  RW --> Chat
  Chat --> MCP
  MCP --> LlamaCpp
  LlamaCpp --> OmniVoice
  OmniVoice --> APIClient
  APIClient --> Services
  Services --> CI
  CI --> Tests
  Tests --> Docs

Loading

Grey Divider

File Changes

1. Helper_Scripts/Testing-related/acp_certification_smoke.py 🧪 Tests +1170/-0

ACP Certification Smoke Test Framework with Manifest Orchestration

• New comprehensive ACP certification smoke test framework with manifest-based command orchestration
• Supports both stub-smoke (in-repo mocked) and live-e2e (downstream agent) certification profiles
• Implements JSON-RPC stdio sequence execution with timeout handling and response validation
• Provides backend REST API live-E2E testing with session lifecycle management and redacted support
 views

Helper_Scripts/Testing-related/acp_certification_smoke.py


2. Helper_Scripts/release.py ✨ Enhancement +953/-0

Release Automation Orchestration with Metadata Management

• New release automation orchestration module with changelog promotion and version bumping
• Implements semantic versioning, metadata updates (pyproject.toml, README, MkDocs, CHANGELOG)
• Provides ShellReleaseRunner for git/gh command execution with dry-run support
• Supports resumable release states (fresh, local-commit-only, local-tag-only,
 remote-tag-without-release)

Helper_Scripts/release.py


3. Helper_Scripts/TTS_Installers/install_tts_omnivoice_sidecar.py ✨ Enhancement +545/-0

OmniVoice Sidecar Runtime Installation and Configuration

• New OmniVoice sidecar runtime installer with virtual environment and repository management
• Patches tts_providers_config.yaml with provider-specific configuration (paths, ports, timeouts)
• Validates YAML syntax and safely handles path resolution relative to repository root
• Supports clone, venv creation, dependency installation, and configuration patching workflows

Helper_Scripts/TTS_Installers/install_tts_omnivoice_sidecar.py


View more (113)
4. Helper_Scripts/TTS_Installers/smoke_test_omnivoice_sidecar.py 🧪 Tests +487/-0

OmniVoice Managed Sidecar Smoke Test with Audio Validation

• New OmniVoice managed sidecar smoke test that validates real audio synthesis through the adapter
• Implements WAV audio validation with RMS/peak analysis and frame count verification
• Manages sidecar supervisor lifecycle (initialization, synthesis, shutdown) with error handling
• Provides operator-facing configuration and summary reporting for smoke test results

Helper_Scripts/TTS_Installers/smoke_test_omnivoice_sidecar.py


5. Helper_Scripts/download_embedding_models.py Formatting +7/-7

Modernized Type Hints and Simplified Output Formatting

• Updated type hints to use modern Python 3.9+ syntax (list[str] instead of List[str])
• Changed imports from typing module to collections.abc.Iterable
• Simplified error handling by removing unused exception variable binding
• Updated console output formatting (removed arrow/checkmark Unicode symbols)

Helper_Scripts/download_embedding_models.py


6. apps/packages/ui/src/components/Option/WritingPlayground/__tests__/WritingPlayground.manuscript-api-shapes.guard.test.ts 🧪 Tests +20/-7

Writing Playground Manuscript API Response Type Guard Tests

• Updated test expectations to verify typed wrapper response fields instead of direct array access
• Added assertions for explicit wrapper types (ManuscriptCharacterListResponse,
 ManuscriptWorldInfoListResponse, etc.)
• Added new test case to verify single export of scene and research response types
• Refined test descriptions to reflect wrapper contract validation instead of implicit typing

apps/packages/ui/src/components/Option/WritingPlayground/tests/WritingPlayground.manuscript-api-shapes.guard.test.ts


7. apps/packages/ui/src/services/tldw/TldwApiClient.ts ✨ Enhancement +836/-63

Expanded API client with llama.cpp, audio presets, and sandbox diagnostics

• Added comprehensive type imports for llamacpp-admin, audio-presets, and
 model-provider-availability APIs
• Introduced new API methods for sandbox runtime diagnostics, llama.cpp profile management, and
 audio preset operations
• Enhanced chat completion request handling with debug metadata and abort signal support
• Extended ServerChatSummary interface with assistant/persona fields and scope tracking
• Implemented requestWithCurrentConfig method for WebUI-specific request routing and improved
 config synchronization
• Added OpenWebUI hydration endpoints and chatbook import enhancements with source format support
• Refactored domain method merging to prevent conflicts with base class methods using
 TldwDomainMethodOverride type

apps/packages/ui/src/services/tldw/TldwApiClient.ts


8. apps/packages/ui/src/design-system/__tests__/product-state-guard.test.ts 🧪 Tests +1547/-0

Comprehensive product-state guard rule validation test suite

• Added comprehensive test suite (1547 lines) for design-system product-state guard rules
• Tests cover local recovery banners, empty/loading states, status badges, and AntD component
 detection
• Includes baseline handling tests for legacy exceptions and active migration targets
• Validates guard runner behavior, file reading with concurrency, and report formatting
• Tests product area grouping and stale baseline cleanup summarization

apps/packages/ui/src/design-system/tests/product-state-guard.test.ts


9. apps/packages/ui/src/services/persona-visuals.ts ✨ Enhancement +655/-0

New persona visual packs and assets management service

• New service module for persona visual pack management with 655 lines of functionality
• Implements API methods for visual packs, starter packs, library items, and generation jobs
• Provides normalization functions for starter pack data and list responses
• Includes export/import preview and commit operations with file handling
• Custom error class PersonaVisualApiError for detailed error reporting

apps/packages/ui/src/services/persona-visuals.ts


10. apps/packages/ui/src/components/Option/Watchlists/AlertsTab/index.ts Miscellaneous +1/-0

Watchlists AlertsTab component export

• New barrel export file for AlertsTab component

apps/packages/ui/src/components/Option/Watchlists/AlertsTab/index.ts


11. apps/extension/tests/e2e/watchlists.spec.ts 🧪 Tests +580/-54

Watchlists E2E tests refactored for flexible UI layouts

• Added Locator type import from Playwright and expanded mock API handlers for watchlist endpoints
 (list, detail, alerts, content-alert-rules)
• Introduced helper functions for navigation (navigateWatchlistsDestination,
 expectWatchlistsDestination) and visibility checking (isVisibleLocator) to support flexible UI
 layout detection
• Enhanced selectRowsAndAssertCount to handle both table and constrained card-based checkbox
 layouts
• Updated test cases to use new navigation helpers and fixed assertions for failed-run notifications
 (changed from notification UI to card-based display)
• Added new test for strict demo readiness route rendering Activity and Reports without crashing on
 output errors

apps/extension/tests/e2e/watchlists.spec.ts


12. apps/packages/ui/src/routes/route-metadata.ts ✨ Enhancement +1012/-0

Comprehensive route metadata and navigation system

• New file defining comprehensive route metadata system with types for route surfaces, groups,
 availability, and smoke policies
• Exports ROUTE_METADATA array containing 80+ route definitions with canonical paths, labels,
 groups, and rationale documentation
• Provides utility functions (getRouteMetadata, getCanonicalRoutePath,
 isRouteAvailableForSurface, getRoutesForSmokeInventory, getCommandPaletteRoutes) for route
 querying and navigation
• Includes AUDITED_ROOT_ROUTE_PATHS constant listing all audited root routes for validation

apps/packages/ui/src/routes/route-metadata.ts


13. apps/packages/ui/src/components/Media/read-along/useMediaReadAlongSession.ts ✨ Enhancement +922/-0

Media read-along session management with TTS integration

• New hook implementing read-along session management with TTS provider integration and audio
 caching
• Manages segment-based playback with lookahead prefetching, browser speech synthesis fallback, and
 abort signal handling
• Provides state management for playback status, error handling, and cache control with session
 tokens for concurrent request safety
• Exports useMediaReadAlongSession hook with methods for start, pause, resume, stop,
 retry, and skip operations

apps/packages/ui/src/components/Media/read-along/useMediaReadAlongSession.ts


14. apps/packages/ui/src/hooks/chat/useChatActions.ts ✨ Enhancement +377/-92

Chat actions refactored for tracked assistant state management

• Added imports for chat scope, settings sync, effective assistant state resolution, and chat action
 utilities
• Introduced persistTrackedPersonaPlaygroundSession function to save persona session state with
 tracked metadata
• Enhanced useChatActions with effectiveAssistantState and effectiveSelectedAssistant memoized
 values for assistant selection resolution
• Added resolveTrackedCharacterForCurrentChat callback and updated chat submission logic to return
 ChatSubmitResult with proper result aggregation
• Refactored normal mode, character mode, and persona mode routing with improved send mode
 resolution and tracked assistant handling

apps/packages/ui/src/hooks/chat/useChatActions.ts


15. apps/packages/ui/src/components/Option/Playground/__tests__/Playground.responsive-parity.guard.test.ts 🧪 Tests +2/-0

Playground composition preview summary guard assertions

• Added assertions to verify presence of compositionPreviewSummary and
 buildPlaygroundCompositionPreviewSummary in Playground component source

apps/packages/ui/src/components/Option/Playground/tests/Playground.responsive-parity.guard.test.ts


16. .dockerignore Additional files +14/-0

...

.dockerignore


17. .github/actionlint.yaml Additional files +5/-0

...

.github/actionlint.yaml


18. .github/workflows/actionlint.yml Additional files +5/-2

...

.github/workflows/actionlint.yml


19. .github/workflows/ci.yml Additional files +13/-10

...

.github/workflows/ci.yml


20. .github/workflows/coverage-required.yml Additional files +1/-1

...

.github/workflows/coverage-required.yml


21. .github/workflows/frontend-e2e-tiers.yml Additional files +3/-0

...

.github/workflows/frontend-e2e-tiers.yml


22. .github/workflows/frontend-required.yml Additional files +1/-0

...

.github/workflows/frontend-required.yml


23. .github/workflows/frontend-ux-gates.yml Additional files +38/-0

...

.github/workflows/frontend-ux-gates.yml


24. .github/workflows/publish-docker.yml Additional files +2/-2

...

.github/workflows/publish-docker.yml


25. .github/workflows/publish-ghcr-main.yml Additional files +1/-1

...

.github/workflows/publish-ghcr-main.yml


26. .github/workflows/publish-pypi.yml Additional files +1/-3

...

.github/workflows/publish-pypi.yml


27. .github/workflows/sbom.yml Additional files +51/-12

...

.github/workflows/sbom.yml


28. .github/workflows/ui-playground-quality-gates.yml Additional files +2/-0

...

.github/workflows/ui-playground-quality-gates.yml


29. .github/workflows/ui-research-workspace-nightly.yml Additional files +219/-0

...

.github/workflows/ui-research-workspace-nightly.yml


30. .github/workflows/ui-research-workspace-parity.yml Additional files +142/-0

...

.github/workflows/ui-research-workspace-parity.yml


31. .github/workflows/ui-workspace-playground-nightly.yml Additional files +0/-219

...

.github/workflows/ui-workspace-playground-nightly.yml


32. .github/workflows/ui-workspace-playground-parity.yml Additional files +0/-142

...

.github/workflows/ui-workspace-playground-parity.yml


33. .github/workflows/vz-linux-host-gated.yml Additional files +115/-0

...

.github/workflows/vz-linux-host-gated.yml


34. .impeccable/design.json Additional files +198/-0

...

.impeccable/design.json


35. AGENTS.md Additional files +17/-2

...

AGENTS.md


36. CHANGELOG.md Additional files +14/-0

...

CHANGELOG.md


37. CLAUDE.md Additional files +1/-2

...

CLAUDE.md


38. Codeslop-Vibecheck-SKILL.md Additional files +114/-0

...

Codeslop-Vibecheck-SKILL.md


39. DESIGN.md Additional files +341/-0

...

DESIGN.md


40. Dockerfiles/README.md Additional files +29/-19

...

Dockerfiles/README.md


41. Dockerfiles/docker-compose.multi-user-postgres.yml Additional files +71/-0

...

Dockerfiles/docker-compose.multi-user-postgres.yml


42. Dockerfiles/docker-compose.single-user.yml Additional files +49/-0

...

Dockerfiles/docker-compose.single-user.yml


43. Dockerfiles/docker-compose.webui.yml Additional files +4/-2

...

Dockerfiles/docker-compose.webui.yml


44. Dockerfiles/entrypoints/tldw-app-first-run.sh Additional files +205/-29

...

Dockerfiles/entrypoints/tldw-app-first-run.sh


45. Docs/API-related/API_README.md Additional files +14/-0

...

Docs/API-related/API_README.md


46. Docs/API-related/API_Tags_Index.md Additional files +3/-0

...

Docs/API-related/API_Tags_Index.md


47. Docs/API-related/Audio_Transcription_API.md Additional files +7/-7

...

Docs/API-related/Audio_Transcription_API.md


48. Docs/API-related/Chat_API_Documentation.md Additional files +11/-0

...

Docs/API-related/Chat_API_Documentation.md


49. Docs/API-related/Chatbook_API_Documentation.md Additional files +292/-30

...

Docs/API-related/Chatbook_API_Documentation.md


50. Docs/API-related/Prototype_Workspaces_API.md Additional files +499/-0

...

Docs/API-related/Prototype_Workspaces_API.md


51. Docs/API-related/Prototype_Workspaces_Contract_Matrix.md Additional files +125/-0

...

Docs/API-related/Prototype_Workspaces_Contract_Matrix.md


52. Docs/API-related/RAG-API-Guide.md Additional files +183/-1202

...

Docs/API-related/RAG-API-Guide.md


53. Docs/API-related/RAG_API_Documentation.md Additional files +148/-281

...

Docs/API-related/RAG_API_Documentation.md


54. Docs/API-related/Sandbox_API.md Additional files +241/-10

...

Docs/API-related/Sandbox_API.md


55. Docs/API-related/TTS_API.md Additional files +7/-0

...

Docs/API-related/TTS_API.md


56. Docs/API-related/VN_ASSET_PACKS_API.md Additional files +376/-0

...

Docs/API-related/VN_ASSET_PACKS_API.md


57. Docs/API-related/VN_PLATFORM_API.md Additional files +295/-0

...

Docs/API-related/VN_PLATFORM_API.md


58. Docs/API-related/VN_PLAY_API.md Additional files +525/-0

...

Docs/API-related/VN_PLAY_API.md


59. Docs/API-related/Virtual_Keys.md Additional files +2/-2

...

Docs/API-related/Virtual_Keys.md


60. Docs/API-related/Watchlists_API.md Additional files +308/-2

...

Docs/API-related/Watchlists_API.md


61. Docs/API-related/chatbook_openapi.yaml Additional files +437/-7

...

Docs/API-related/chatbook_openapi.yaml


62. Docs/API-related/llamacpp_integration_modes.md Additional files +80/-5

...

Docs/API-related/llamacpp_integration_modes.md


63. Docs/API/Pagination.md Additional files +151/-0

...

Docs/API/Pagination.md


64. Docs/API/Sync_V2_M1.md Additional files +1070/-0

...

Docs/API/Sync_V2_M1.md


65. Docs/API/Sync_V2_M2.md Additional files +176/-0

...

Docs/API/Sync_V2_M2.md


66. Docs/API/Sync_V2_M3.md Additional files +608/-0

...

Docs/API/Sync_V2_M3.md


67. Docs/API/VN.md Additional files +363/-0

...

Docs/API/VN.md


68. Docs/API/api-versioning-strategy.md Additional files +57/-0

...

Docs/API/api-versioning-strategy.md


69. Docs/API/sync-v2.md Additional files +135/-0

...

Docs/API/sync-v2.md


70. Docs/Audit/README.md Additional files +10/-0

...

Docs/Audit/README.md


71. Docs/AuthNZ/AUTHNZ_PERMISSION_MATRIX.md Additional files +5/-5

...

Docs/AuthNZ/AUTHNZ_PERMISSION_MATRIX.md


72. Docs/AuthNZ/AUTHNZ_USAGE_EXAMPLES.md Additional files +5/-5

...

Docs/AuthNZ/AUTHNZ_USAGE_EXAMPLES.md


73. Docs/Code_Documentation/Guides/Audit_Module_Code_Guide.md Additional files +1/-1

...

Docs/Code_Documentation/Guides/Audit_Module_Code_Guide.md


74. Docs/Code_Documentation/Guides/AuthNZ_Code_Guide.md Additional files +33/-33

...

Docs/Code_Documentation/Guides/AuthNZ_Code_Guide.md


75. Docs/Code_Documentation/Guides/Evaluations_Code_Guide.md Additional files +1/-1

...

Docs/Code_Documentation/Guides/Evaluations_Code_Guide.md


76. Docs/Code_Documentation/Ingestion_Pipeline_Audio.md Additional files +1/-1

...

Docs/Code_Documentation/Ingestion_Pipeline_Audio.md


77. Docs/Code_Documentation/Moderation-Guardrails.md Additional files +26/-5

...

Docs/Code_Documentation/Moderation-Guardrails.md


78. Docs/Code_Documentation/Persona_Visual_Packs.md Additional files +755/-0

...

Docs/Code_Documentation/Persona_Visual_Packs.md


79. Docs/Code_Documentation/RAG-Developer-Guide.md Additional files +150/-915

...

Docs/Code_Documentation/RAG-Developer-Guide.md


80. Docs/Code_Documentation/RAG-Functional-Pipeline-Guide.md Additional files +16/-745

...

Docs/Code_Documentation/RAG-Functional-Pipeline-Guide.md


81. Docs/Code_Documentation/Services_Module.md Additional files +9/-7

...

Docs/Code_Documentation/Services_Module.md


82. Docs/Code_Documentation/Setup_UI_Developer_Guide.md Additional files +20/-0

...

Docs/Code_Documentation/Setup_UI_Developer_Guide.md


83. Docs/Code_Documentation/Tutorial_System_Developer_Guide.md Additional files +2/-2

...

Docs/Code_Documentation/Tutorial_System_Developer_Guide.md


84. Docs/Code_Documentation/index.md Additional files +1/-0

...

Docs/Code_Documentation/index.md


85. Docs/Deployment/Operations/MCP_Rate_Limits_Tuning.md Additional files +1/-1

...

Docs/Deployment/Operations/MCP_Rate_Limits_Tuning.md


86. Docs/Deployment/setup-wizard-guide.md Additional files +44/-4

...

Docs/Deployment/setup-wizard-guide.md


87. Docs/Design/2026-04-27-vz-linux-operator-image-store-design.md Additional files +110/-0

...

Docs/Design/2026-04-27-vz-linux-operator-image-store-design.md


88. Docs/Design/2026-05-01-vz-linux-host-gated-ci-design.md Additional files +56/-0

...

Docs/Design/2026-05-01-vz-linux-host-gated-ci-design.md


89. Docs/Design/2026-05-02-apple-containerization-evaluation.md Additional files +174/-0

...

Docs/Design/2026-05-02-apple-containerization-evaluation.md


90. Docs/Design/2026-05-10-persona-visual-renderer-provider-adapter-evaluation.md Additional files +419/-0

...

Docs/Design/2026-05-10-persona-visual-renderer-provider-adapter-evaluation.md


91. Docs/Design/2026-05-13-persona-visual-external-mcp-provider-contract.md Additional files +433/-0

...

Docs/Design/2026-05-13-persona-visual-external-mcp-provider-contract.md


92. Docs/Design/2026-05-13-persona-visual-manifest-v2-contract.md Additional files +443/-0

...

Docs/Design/2026-05-13-persona-visual-manifest-v2-contract.md


93. Docs/Design/2026-05-17-quick-launch-scripts.md Additional files +30/-0

...

Docs/Design/2026-05-17-quick-launch-scripts.md


94. Docs/Design/2026-05-23-chatbook-sync-v2-roadmap-prd-design.md Additional files +14/-0

...

Docs/Design/2026-05-23-chatbook-sync-v2-roadmap-prd-design.md


95. Docs/Design/ACP_Workspace_Integration_Decision_2026_05.md Additional files +366/-0

...

Docs/Design/ACP_Workspace_Integration_Decision_2026_05.md


96. Docs/Design/Agents.md Additional files +67/-1

...

Docs/Design/Agents.md


97. Docs/Design/Audio_Presets_Ownership_2026_05.md Additional files +301/-0

...

Docs/Design/Audio_Presets_Ownership_2026_05.md


98. Docs/Design/Evals.md Additional files +4/-0

...

Docs/Design/Evals.md


99. Docs/Design/Inference_Engines.md Additional files +2/-1

...

Docs/Design/Inference_Engines.md


100. Docs/Design/Pagination_Completion_Matrix.md Additional files +578/-0

...

Docs/Design/Pagination_Completion_Matrix.md


101. Docs/Design/Pagination_Contract_Exemptions.md Additional files +222/-0

...

Docs/Design/Pagination_Contract_Exemptions.md


102. Docs/Design/Personas.md Additional files +19/-0

...

Docs/Design/Personas.md


103. Docs/Design/Quick_Chat_Docs_Assistant.md Additional files +1/-1

...

Docs/Design/Quick_Chat_Docs_Assistant.md


104. Docs/Design/RSS_Ranking.md Additional files +1/-0

...

Docs/Design/RSS_Ranking.md


105. Docs/Design/Research_Workspace_Legacy_Storage_Inventory.md Additional files +93/-0

...

Docs/Design/Research_Workspace_Legacy_Storage_Inventory.md


106. Docs/Design/Research_Workspace_Migration_Protocol_API.md Additional files +74/-0

...

Docs/Design/Research_Workspace_Migration_Protocol_API.md


107. Docs/Design/Research_Workspace_Shared_Workspace_Model_Contract_2026_05.md Additional files +77/-0

...

Docs/Design/Research_Workspace_Shared_Workspace_Model_Contract_2026_05.md


108. Docs/Design/Sandbox.md Additional files +1/-1

...

Docs/Design/Sandbox.md


109. Docs/Design/Security.md Additional files +40/-0

...

Docs/Design/Security.md


110. Docs/Design/Security2.md Additional files +0/-58

...

Docs/Design/Security2.md


111. Docs/Design/Storytelling_and_Creation.md Additional files +4/-0

...

Docs/Design/Storytelling_and_Creation.md


112. Docs/Design/Sync-Engine.md Additional files +116/-2

...

Docs/Design/Sync-Engine.md


113. Docs/Design/Sync_V2_M1_Implementation_Decisions.md Additional files +179/-0

...

Docs/Design/Sync_V2_M1_Implementation_Decisions.md


114. Docs/Design/Sync_V2_M2_Restore_Completeness_and_Blobs.md Additional files +299/-0

...

Docs/Design/Sync_V2_M2_Restore_Completeness_and_Blobs.md


115. Docs/Design/Sync_V2_M3_Polished_Multi_Device.md Additional files +360/-0

...

Docs/Design/Sync_V2_M3_Polished_Multi_Device.md


116. Additional files not shown Additional files +0/-0

...

Additional files not shown


Grey Divider

Qodo Logo

@qodo-code-review

Copy link
Copy Markdown

Code Review by Qodo

Grey Divider

Looking for bugs?

Check back in a few minutes. An AI review agent is analyzing this pull request.

Grey Divider

Qodo Logo

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/sbom.yml:
- Around line 125-133: Reorder the dependency-source selection so pyproject.toml
is tried first: call gen_requirements_from_pyproject on
"$repo_root/pyproject.toml" before checking for requirements files, and only if
that step is absent or fails, fall back to gen_from_requirements for
"$repo_root/requirements.txt" and "$repo_root/tldw_Server_API/requirements.txt";
update the conditional logic surrounding gen_requirements_from_pyproject and
gen_from_requirements to reflect this new precedence so SBOM generation prefers
pyproject metadata.

In @.github/workflows/vz-linux-host-gated.yml:
- Around line 47-48: The Checkout step currently uses
actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd and is missing the
persist-credentials: false setting, which leaves the runner with persisted
GitHub token credentials; update the Checkout step (name: "Checkout", uses:
"actions/checkout@de0fac2e...") to include persist-credentials: false under its
configuration to disable persisting credentials on the self-hosted host.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 7d7252e7-dbc6-45a4-a662-ac413bbc053d

📥 Commits

Reviewing files that changed from the base of the PR and between 7f1339c and 1538a55.

⛔ Files ignored due to path filters (276)
  • Docs/A Young Lady's Illustrated Primer 2.png is excluded by !**/*.png, !docs/**
  • Docs/API-related/API_README.md is excluded by !docs/**
  • Docs/API-related/API_Tags_Index.md is excluded by !docs/**
  • Docs/API-related/Audio_Transcription_API.md is excluded by !docs/**
  • Docs/API-related/Chat_API_Documentation.md is excluded by !docs/**
  • Docs/API-related/Chatbook_API_Documentation.md is excluded by !docs/**
  • Docs/API-related/Prototype_Workspaces_API.md is excluded by !docs/**
  • Docs/API-related/Prototype_Workspaces_Contract_Matrix.md is excluded by !docs/**
  • Docs/API-related/RAG-API-Guide.md is excluded by !docs/**
  • Docs/API-related/RAG_API_Documentation.md is excluded by !docs/**
  • Docs/API-related/Sandbox_API.md is excluded by !docs/**
  • Docs/API-related/TTS_API.md is excluded by !docs/**
  • Docs/API-related/VN_ASSET_PACKS_API.md is excluded by !docs/**
  • Docs/API-related/VN_PLATFORM_API.md is excluded by !docs/**
  • Docs/API-related/VN_PLAY_API.md is excluded by !docs/**
  • Docs/API-related/Virtual_Keys.md is excluded by !docs/**
  • Docs/API-related/Watchlists_API.md is excluded by !docs/**
  • Docs/API-related/chatbook_openapi.yaml is excluded by !docs/**
  • Docs/API-related/llamacpp_integration_modes.md is excluded by !docs/**
  • Docs/API/Pagination.md is excluded by !docs/**
  • Docs/API/VN.md is excluded by !docs/**
  • Docs/API/api-versioning-strategy.md is excluded by !docs/**
  • Docs/API/sync-v2.md is excluded by !docs/**
  • Docs/Audit/README.md is excluded by !docs/**
  • Docs/AuthNZ/AUTHNZ_PERMISSION_MATRIX.md is excluded by !docs/**
  • Docs/AuthNZ/AUTHNZ_USAGE_EXAMPLES.md is excluded by !docs/**
  • Docs/Code_Documentation/Guides/Audit_Module_Code_Guide.md is excluded by !docs/**
  • Docs/Code_Documentation/Guides/AuthNZ_Code_Guide.md is excluded by !docs/**
  • Docs/Code_Documentation/Guides/Evaluations_Code_Guide.md is excluded by !docs/**
  • Docs/Code_Documentation/Ingestion_Pipeline_Audio.md is excluded by !docs/**
  • Docs/Code_Documentation/Moderation-Guardrails.md is excluded by !docs/**
  • Docs/Code_Documentation/Persona_Visual_Packs.md is excluded by !docs/**
  • Docs/Code_Documentation/RAG-Developer-Guide.md is excluded by !docs/**
  • Docs/Code_Documentation/RAG-Functional-Pipeline-Guide.md is excluded by !docs/**
  • Docs/Code_Documentation/Services_Module.md is excluded by !docs/**
  • Docs/Code_Documentation/Setup_UI_Developer_Guide.md is excluded by !docs/**
  • Docs/Code_Documentation/Tutorial_System_Developer_Guide.md is excluded by !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/archive-cube-basic/frames-v1/00_neutral_anchor.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/archive-cube-basic/frames-v1/01_idle_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/archive-cube-basic/frames-v1/02_idle_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/archive-cube-basic/frames-v1/03_listening_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/archive-cube-basic/frames-v1/04_listening_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/archive-cube-basic/frames-v1/05_thinking_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/archive-cube-basic/frames-v1/06_thinking_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/archive-cube-basic/frames-v1/07_speaking_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/archive-cube-basic/frames-v1/08_speaking_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/archive-cube-basic/frames-v1/09_success.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/archive-cube-basic/frames-v1/10_error_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/archive-cube-basic/frames-v1/11_error_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/archive-cube-basic/review/archive-cube-basic-3x4-processed-review-v1.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/archive-cube-basic/source/archive-cube-basic-3x4-source.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/archive-cube-basic/source/archive-cube-basic-3x4-transparent.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/index-card-basic/frames-v2/00_neutral_anchor.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/index-card-basic/frames-v2/01_idle_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/index-card-basic/frames-v2/02_idle_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/index-card-basic/frames-v2/03_listening_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/index-card-basic/frames-v2/04_listening_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/index-card-basic/frames-v2/05_thinking_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/index-card-basic/frames-v2/06_thinking_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/index-card-basic/frames-v2/07_speaking_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/index-card-basic/frames-v2/08_speaking_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/index-card-basic/frames-v2/09_success.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/index-card-basic/frames-v2/10_error_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/index-card-basic/frames-v2/11_error_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/index-card-basic/review/index-card-basic-3x4-processed-review-v2.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/index-card-basic/source/index-card-basic-3x4-source.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/index-card-basic/source/index-card-basic-3x4-transparent.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/migu-marker-basic/frames-v1/00_neutral_anchor.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/migu-marker-basic/frames-v1/01_idle_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/migu-marker-basic/frames-v1/02_idle_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/migu-marker-basic/frames-v1/03_listening_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/migu-marker-basic/frames-v1/04_listening_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/migu-marker-basic/frames-v1/05_thinking_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/migu-marker-basic/frames-v1/06_thinking_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/migu-marker-basic/frames-v1/07_speaking_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/migu-marker-basic/frames-v1/08_speaking_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/migu-marker-basic/frames-v1/09_success.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/migu-marker-basic/frames-v1/10_error_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/migu-marker-basic/frames-v1/11_error_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/migu-marker-basic/review/migu-marker-basic-3x4-processed-review-v1.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/migu-marker-basic/source/migu-marker-basic-3x4-source-v1.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/migu-marker-basic/source/migu-marker-basic-3x4-transparent-v1.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/migu-marker-basic/source/migu-marker-basic-neutral-source-v1.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/migu-marker-basic/source/migu-marker-basic-neutral-transparent-v1.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/paperclip-basic/frames-v1/00_neutral_anchor.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/paperclip-basic/frames-v1/01_idle_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/paperclip-basic/frames-v1/02_idle_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/paperclip-basic/frames-v1/03_listening_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/paperclip-basic/frames-v1/04_listening_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/paperclip-basic/frames-v1/05_thinking_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/paperclip-basic/frames-v1/06_thinking_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/paperclip-basic/frames-v1/07_speaking_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/paperclip-basic/frames-v1/08_speaking_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/paperclip-basic/frames-v1/09_success.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/paperclip-basic/frames-v1/10_error_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/paperclip-basic/frames-v1/11_error_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/paperclip-basic/review/paperclip-basic-3x4-processed-review-v1.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/paperclip-basic/source/paperclip-basic-3x4-source.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/paperclip-basic/source/paperclip-basic-3x4-transparent.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/search-lens-basic/frames-v2/00_neutral_anchor.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/search-lens-basic/frames-v2/01_idle_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/search-lens-basic/frames-v2/02_idle_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/search-lens-basic/frames-v2/03_listening_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/search-lens-basic/frames-v2/04_listening_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/search-lens-basic/frames-v2/05_thinking_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/search-lens-basic/frames-v2/06_thinking_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/search-lens-basic/frames-v2/07_speaking_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/search-lens-basic/frames-v2/08_speaking_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/search-lens-basic/frames-v2/09_success.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/search-lens-basic/frames-v2/10_error_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/search-lens-basic/frames-v2/11_error_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/search-lens-basic/review/search-lens-basic-3x4-processed-review-v2.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/search-lens-basic/source/search-lens-basic-3x4-source.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/search-lens-basic/source/search-lens-basic-3x4-transparent.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/terminal-tile-basic/frames-v1/00_neutral_anchor.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/terminal-tile-basic/frames-v1/01_idle_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/terminal-tile-basic/frames-v1/02_idle_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/terminal-tile-basic/frames-v1/03_listening_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/terminal-tile-basic/frames-v1/04_listening_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/terminal-tile-basic/frames-v1/05_thinking_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/terminal-tile-basic/frames-v1/06_thinking_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/terminal-tile-basic/frames-v1/07_speaking_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/terminal-tile-basic/frames-v1/08_speaking_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/terminal-tile-basic/frames-v1/09_success.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/terminal-tile-basic/frames-v1/10_error_a.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/terminal-tile-basic/frames-v1/11_error_b.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/terminal-tile-basic/review/terminal-tile-basic-3x4-processed-review-v1.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/terminal-tile-basic/source/terminal-tile-basic-3x4-source-v1.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/terminal-tile-basic/source/terminal-tile-basic-3x4-transparent-v1.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/terminal-tile-basic/source/terminal-tile-basic-neutral-source-v1.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/buddy-defaults/terminal-tile-basic/source/terminal-tile-basic-neutral-transparent-v1.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/assets/persona-basic-buddy-defaults-review.png is excluded by !**/*.png, !docs/**
  • Docs/Code_Documentation/index.md is excluded by !docs/**
  • Docs/Deployment/Operations/MCP_Rate_Limits_Tuning.md is excluded by !docs/**
  • Docs/Deployment/setup-wizard-guide.md is excluded by !docs/**
  • Docs/Design/2026-04-27-vz-linux-operator-image-store-design.md is excluded by !docs/**
  • Docs/Design/2026-05-01-vz-linux-host-gated-ci-design.md is excluded by !docs/**
  • Docs/Design/2026-05-02-apple-containerization-evaluation.md is excluded by !docs/**
  • Docs/Design/2026-05-10-persona-visual-renderer-provider-adapter-evaluation.md is excluded by !docs/**
  • Docs/Design/2026-05-13-persona-visual-external-mcp-provider-contract.md is excluded by !docs/**
  • Docs/Design/2026-05-13-persona-visual-manifest-v2-contract.md is excluded by !docs/**
  • Docs/Design/2026-05-17-quick-launch-scripts.md is excluded by !docs/**
  • Docs/Design/ACP_Workspace_Integration_Decision_2026_05.md is excluded by !docs/**
  • Docs/Design/Agents.md is excluded by !docs/**
  • Docs/Design/Audio_Presets_Ownership_2026_05.md is excluded by !docs/**
  • Docs/Design/Evals.md is excluded by !docs/**
  • Docs/Design/Inference_Engines.md is excluded by !docs/**
  • Docs/Design/Pagination_Completion_Matrix.md is excluded by !docs/**
  • Docs/Design/Pagination_Contract_Exemptions.md is excluded by !docs/**
  • Docs/Design/Personas.md is excluded by !docs/**
  • Docs/Design/Quick_Chat_Docs_Assistant.md is excluded by !docs/**
  • Docs/Design/RSS_Ranking.md is excluded by !docs/**
  • Docs/Design/Sandbox.md is excluded by !docs/**
  • Docs/Design/Security.md is excluded by !docs/**
  • Docs/Design/Security2.md is excluded by !docs/**
  • Docs/Design/Storytelling_and_Creation.md is excluded by !docs/**
  • Docs/Design/Sync-Engine.md is excluded by !docs/**
  • Docs/Design/Tutorial_Per_Page_Coverage.md is excluded by !docs/**
  • Docs/Design/UX.md is excluded by !docs/**
  • Docs/Design/WebUI_Dependency_Audit.md is excluded by !docs/**
  • Docs/Design/Workspace_Canonical_Model_Decision_2026_05.md is excluded by !docs/**
  • Docs/Design/Workspace_Persistence_Architecture.md is excluded by !docs/**
  • Docs/Design/tldw_web_design_system_baseline_reporting.md is excluded by !docs/**
  • Docs/Design/tldw_web_design_system_contract.md is excluded by !docs/**
  • Docs/Design/tldw_web_design_system_inventory.md is excluded by !docs/**
  • Docs/Development/ACP_Artifact_Release_Verification_2026_05_15.md is excluded by !docs/**
  • Docs/Development/ACP_Certification_Checklist.md is excluded by !docs/**
  • Docs/Development/ACP_Commercial_CLI_Certification_2026_05_11.md is excluded by !docs/**
  • Docs/Development/ACP_Compatibility_Matrix.md is excluded by !docs/**
  • Docs/Development/ACP_Governance_Audit.md is excluded by !docs/**
  • Docs/Development/ACP_OSS_Custom_Certification_2026_05_11.md is excluded by !docs/**
  • Docs/Development/ACP_Production_Readiness.md is excluded by !docs/**
  • Docs/Development/Agent_Client_Protocol.md is excluded by !docs/**
  • Docs/Development/Character_Chat_Real_Backend_E2E.md is excluded by !docs/**
  • Docs/Development/Container_Image_Lifecycle.md is excluded by !docs/**
  • Docs/Development/PyPI_Publishing.md is excluded by !docs/**
  • Docs/Development/Release_Process.md is excluded by !docs/**
  • Docs/Development/Running_Chat_Tests.md is excluded by !docs/**
  • Docs/Getting_Started/First_Time_Audio_Setup_CPU.md is excluded by !docs/**
  • Docs/Getting_Started/First_Time_Audio_Setup_GPU_Accelerated.md is excluded by !docs/**
  • Docs/Getting_Started/Getting-Started-with-HA-Guide.md is excluded by !docs/**
  • Docs/Getting_Started/Profile_Docker_Multi_User_Postgres.md is excluded by !docs/**
  • Docs/Getting_Started/Profile_Docker_Single_User.md is excluded by !docs/**
  • Docs/Getting_Started/Profile_Local_Single_User.md is excluded by !docs/**
  • Docs/Getting_Started/QUICKSTART.md is excluded by !docs/**
  • Docs/Getting_Started/README.md is excluded by !docs/**
  • Docs/Getting_Started/TROUBLESHOOTING.md is excluded by !docs/**
  • Docs/MCP/Unified/CodeGraph.md is excluded by !docs/**
  • Docs/MCP/Unified/README.md is excluded by !docs/**
  • Docs/MCP/Unified/User_Guide.md is excluded by !docs/**
  • Docs/MCP/mcp_hub_management.md is excluded by !docs/**
  • Docs/Operations/ChaChaNotes_DB_Corruption_Recovery_Runbook_2026_05_09.md is excluded by !docs/**
  • Docs/Operations/ChaChaNotes_DB_Recovery.md is excluded by !docs/**
  • Docs/Operations/Env_Vars.md is excluded by !docs/**
  • Docs/Operations/Prototype_Workspaces_Release_Readiness.md is excluded by !docs/**
  • Docs/Operations/Prototype_Workspaces_Runbook.md is excluded by !docs/**
  • Docs/Operations/Research_Studio_Trust_Status_Telemetry_Runbook.md is excluded by !docs/**
  • Docs/Operations/Workflows_Runbook.md is excluded by !docs/**
  • Docs/Plans/2026-03-06-stt-playground-comparison-first-implementation.md is excluded by !docs/**
  • Docs/Plans/2026-03-10-vz-linux-first-party-helper-mvp-design.md is excluded by !docs/**
  • Docs/Plans/2026-03-10-vz-linux-first-party-helper-mvp-implementation-plan.md is excluded by !docs/**
  • Docs/Plans/2026-03-10-vz-linux-helper-stability-design.md is excluded by !docs/**
  • Docs/Plans/2026-03-10-vz-linux-helper-stability-implementation-plan.md is excluded by !docs/**
  • Docs/Plans/2026-03-10-vz-linux-image-bundle-boot-driver-design.md is excluded by !docs/**
  • Docs/Plans/2026-03-10-vz-linux-image-bundle-boot-driver-implementation-plan.md is excluded by !docs/**
  • Docs/Plans/2026-03-10-vz-linux-real-execution-design.md is excluded by !docs/**
  • Docs/Plans/2026-03-10-vz-linux-real-execution-implementation-plan.md is excluded by !docs/**
  • Docs/Plans/2026-03-10-vz-linux-real-host-e2e-design.md is excluded by !docs/**
  • Docs/Plans/2026-03-10-vz-linux-real-host-e2e-implementation-plan.md is excluded by !docs/**
  • Docs/Plans/2026-03-11-sandbox-architecture-doctrine-design.md is excluded by !docs/**
  • Docs/Plans/2026-03-11-sandbox-architecture-doctrine-implementation-plan.md is excluded by !docs/**
  • Docs/Plans/2026-03-11-vz-linux-debian-builder-design.md is excluded by !docs/**
  • Docs/Plans/2026-03-11-vz-linux-debian-builder-implementation-plan.md is excluded by !docs/**
  • Docs/Plans/2026-03-11-vz-linux-vsock-transport-design.md is excluded by !docs/**
  • Docs/Plans/2026-03-11-vz-linux-vsock-transport-implementation-plan.md is excluded by !docs/**
  • Docs/Plans/2026-04-09-world-books-ux-progressive-disclosure-implementation-plan.md is excluded by !docs/**
  • Docs/Plans/2026-04-27-vz-linux-operator-image-store-implementation-plan.md is excluded by !docs/**
  • Docs/Plans/2026-05-02-vz-guest-capability-readiness-plan.md is excluded by !docs/**
  • Docs/Plans/2026-05-03-issue-987-import-export-tab-split.md is excluded by !docs/**
  • Docs/Plans/IMPLEMENTATION_PLAN_acp_docs_refresh_1480.md is excluded by !docs/**
  • Docs/Plans/IMPLEMENTATION_PLAN_acp_frontend_ux_1473.md is excluded by !docs/**
  • Docs/Plans/IMPLEMENTATION_PLAN_acp_governance_audit_1476.md is excluded by !docs/**
  • Docs/Plans/IMPLEMENTATION_PLAN_acp_readiness_closeout_1472.md is excluded by !docs/**
  • Docs/Plans/IMPLEMENTATION_PLAN_acp_run_history_1475.md is excluded by !docs/**
  • Docs/Plans/IMPLEMENTATION_PLAN_acp_schedules_triggers_1474.md is excluded by !docs/**
  • Docs/Plans/IMPLEMENTATION_PLAN_acp_workspace_sandbox_1477.md is excluded by !docs/**
  • Docs/Plans/IMPLEMENTATION_PLAN_windows_bundle_export_ci_portability_2026_04_26.md is excluded by !docs/**
  • Docs/Product/ACP_Agent_Orchestration_PRD.md is excluded by !docs/**
  • Docs/Product/Completed/Topic_Monitoring_Watchlists.md is excluded by !docs/**
  • Docs/Product/Graphing-Notes-PRD.md is excluded by !docs/**
  • Docs/Product/Persona_Agent_Design.md is excluded by !docs/**
  • Docs/Product/Persona_Backed_Chat_Startup_PRD.md is excluded by !docs/**
  • Docs/Product/Persona_Collaboration_Multi_Agent_Workflows_PRD.md is excluded by !docs/**
  • Docs/Product/Persona_Expressive_Avatar_Runtime_PRD.md is excluded by !docs/**
  • Docs/Product/Persona_Scheduled_Work_PRD.md is excluded by !docs/**
  • Docs/Product/Persona_Tool_Administration_PRD.md is excluded by !docs/**
  • Docs/Product/Personalization_Memory_Layer_PRD.md is excluded by !docs/**
  • Docs/Product/Sandbox/Code_Interpreter_Sandbox_PRD.md is excluded by !docs/**
  • Docs/Product/Traceable_Work_Product_Artifact_Contract.md is excluded by !docs/**
  • Docs/Product/WebUI/Character_Chat_Roleplay_First_Class_PRD_2026_05_18.md is excluded by !docs/**
  • Docs/Product/WebUI/Character_Chat_Terminology_Taxonomy_2026_05_09.md is excluded by !docs/**
  • Docs/Product/WebUI/Persona_Live_Visual_Packs_PRD.md is excluded by !docs/**
  • Docs/Product/WebUI/Workspace_Playground_Redesign.md is excluded by !docs/**
  • Docs/Product/Workspace_Persona_Defaults_PRD.md is excluded by !docs/**
  • Docs/Prompts/Teaching-Studying/Study_Mode.md is excluded by !docs/**
  • Docs/Published/API-related/API_README.md is excluded by !docs/**
  • Docs/Published/API-related/API_Tags_Index.md is excluded by !docs/**
  • Docs/Published/API-related/Audio_Transcription_API.md is excluded by !docs/**
  • Docs/Published/API-related/Chatbook_API_Documentation.md is excluded by !docs/**
  • Docs/Published/API-related/RAG-API-Guide.md is excluded by !docs/**
  • Docs/Published/API-related/RAG_API_Documentation.md is excluded by !docs/**
  • Docs/Published/API-related/Sandbox_API.md is excluded by !docs/**
  • Docs/Published/API-related/Virtual_Keys.md is excluded by !docs/**
  • Docs/Published/API-related/Watchlists_API.md is excluded by !docs/**
  • Docs/Published/API-related/chatbook_openapi.yaml is excluded by !docs/**
  • Docs/Published/API-related/llamacpp_integration_modes.md is excluded by !docs/**
  • Docs/Published/Code_Documentation/Guides/Audit_Module_Code_Guide.md is excluded by !docs/**
  • Docs/Published/Code_Documentation/Guides/AuthNZ_Code_Guide.md is excluded by !docs/**
  • Docs/Published/Code_Documentation/Guides/Evaluations_Code_Guide.md is excluded by !docs/**
  • Docs/Published/Code_Documentation/Ingestion_Pipeline_Audio.md is excluded by !docs/**
  • Docs/Published/Code_Documentation/RAG-Developer-Guide.md is excluded by !docs/**
  • Docs/Published/Code_Documentation/RAG-Functional-Pipeline-Guide.md is excluded by !docs/**
  • Docs/Published/Code_Documentation/Services_Module.md is excluded by !docs/**
  • Docs/Published/Code_Documentation/Tutorial_System_Developer_Guide.md is excluded by !docs/**
  • Docs/Published/Deployment/Operations/MCP_Rate_Limits_Tuning.md is excluded by !docs/**
  • Docs/Published/Getting_Started/First_Time_Audio_Setup_CPU.md is excluded by !docs/**
  • Docs/Published/Getting_Started/First_Time_Audio_Setup_GPU_Accelerated.md is excluded by !docs/**
  • Docs/Published/Getting_Started/Profile_Docker_Multi_User_Postgres.md is excluded by !docs/**
  • Docs/Published/Getting_Started/Profile_Docker_Single_User.md is excluded by !docs/**
  • Docs/Published/Getting_Started/Profile_Local_Single_User.md is excluded by !docs/**
  • Docs/Published/Getting_Started/README.md is excluded by !docs/**
  • Docs/Published/Overview/Feature_Status.md is excluded by !docs/**
  • Docs/Published/RELEASE_NOTES.md is excluded by !docs/**
  • Docs/Published/User_Guides/Server/Usage_Module.md is excluded by !docs/**
  • Docs/Published/User_Guides/WebUI_Extension/Chatbook_User_Guide.md is excluded by !docs/**
  • Docs/Published/User_Guides/WebUI_Extension/Getting-Started-STT_and_TTS.md is excluded by !docs/**
📒 Files selected for processing (24)
  • .dockerignore
  • .github/actionlint.yaml
  • .github/workflows/actionlint.yml
  • .github/workflows/ci.yml
  • .github/workflows/coverage-required.yml
  • .github/workflows/frontend-e2e-tiers.yml
  • .github/workflows/frontend-required.yml
  • .github/workflows/frontend-ux-gates.yml
  • .github/workflows/publish-docker.yml
  • .github/workflows/publish-ghcr-main.yml
  • .github/workflows/publish-pypi.yml
  • .github/workflows/sbom.yml
  • .github/workflows/ui-playground-quality-gates.yml
  • .github/workflows/vz-linux-host-gated.yml
  • .gitignore
  • AGENTS.md
  • CHANGELOG.md
  • CLAUDE.md
  • Codeslop-Vibecheck-SKILL.md
  • Dockerfiles/README.md
  • Dockerfiles/docker-compose.multi-user-postgres.yml
  • Dockerfiles/docker-compose.single-user.yml
  • Dockerfiles/docker-compose.webui.yml
  • Dockerfiles/entrypoints/tldw-app-first-run.sh

Comment thread .github/workflows/sbom.yml
Comment thread .github/workflows/vz-linux-host-gated.yml
@coderabbitai

coderabbitai Bot commented May 23, 2026

Copy link
Copy Markdown

Review Change Stack

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Repository UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: e6740147-485e-47ee-b688-0f7a4c82e6df

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • ✅ Review completed - (🔄 Check again to review again)
📝 Walkthrough

Walkthrough

This PR introduces GitHub Actions workflow infrastructure enhancements (actionlint configuration and CI tooling setup), adds Docker Compose configurations for single-user and multi-user deployments, refactors the entrypoint script for environment and database URL handling, and updates repository documentation including workflow requirements, release notes, and code review guidelines.

Changes

CI/CD Workflows & Infrastructure

Layer / File(s) Summary
Actionlint configuration & workflow linting setup
.github/actionlint.yaml, .github/workflows/actionlint.yml
New actionlint config specifies self-hosted runner labels (macOS, ARM64, vz-linux); workflow triggers updated to watch config file and lint additional workflows including the new vz-linux-host-gated.yml.
CI tooling installation and test execution adjustments
.github/workflows/ci.yml
Lint job refactored to explicitly install pinned mypy and ruff versions; Admin module tests now clear PYTEST_ADDOPTS to override inherited parallelization in both full-suite-linux and full-suite-os jobs.
Frontend build environment variable standardization
.github/workflows/frontend-e2e-tiers.yml, .github/workflows/frontend-required.yml, .github/workflows/frontend-ux-gates.yml, .github/workflows/ui-playground-quality-gates.yml
SKIP_WXT_PREPARE environment variable added to workflow/job environments to standardize frontend build preparation behavior across multiple test workflows.
Artifact publishing and distribution workflow updates
.github/workflows/coverage-required.yml, .github/workflows/publish-docker.yml, .github/workflows/publish-ghcr-main.yml, .github/workflows/publish-pypi.yml, .github/workflows/sbom.yml
Coverage threshold increased from 4% to 5%; docker/login-action pinned to newer commit for Docker Hub and GHCR; PyPI publish narrowed to manual dispatch only; SBOM generation enhanced to support pyproject.toml dependency extraction via tomllib with fallback chain for multiple cyclonedx-py invocation forms.
VZ Linux host-gated smoke test workflow
.github/workflows/vz-linux-host-gated.yml
New workflow triggers via dispatch or nightly cron for self-hosted Apple Silicon runners; includes runner verification (Darwin arm64, swift availability), dynamic script argument construction, Python 3.12 dependency setup via composite action, and unconditional helper log artifact upload.

Docker Deployment Configuration

Layer / File(s) Summary
Single-user and multi-user Docker Compose configurations
Dockerfiles/docker-compose.single-user.yml, Dockerfiles/docker-compose.multi-user-postgres.yml
New single-user compose defines app + redis services with 127.0.0.1:8000 binding, SQLite database, and healthchecks; multi-user compose adds postgres 18 service with Postgres/Redis connection details, multi-user auth mode, and persistent named volumes for app-data, postgres_data, and redis_data.
Docker environment/ignore and documentation
.dockerignore, Dockerfiles/README.md, Dockerfiles/docker-compose.webui.yml
.dockerignore updated to exclude local .env files while preserving example variants; WebUI port restricted to 127.0.0.1 loopback; README revised to document single-user and multi-user startup flows (make setup/start/verify commands), persistence under app-data including marker files and vector stores, and .env override variables for database URLs.
Entrypoint script environment and database handling refactoring
Dockerfiles/entrypoints/tldw-app-first-run.sh
Script refactored to add JOBS_DB_URL handling alongside DATABASE_URL; introduces load_env_file() with Python-based parsing and validation (rejecting CR, newlines, invalid keys); implements derive_postgres_database_url() helper for multi-user mode; changes upsert_env() to create minimal env files on first run; tightens multi-user admin bootstrap error handling with active user probing and explicit failure messages when no bootstrap credentials are provided.

Repository Documentation & Configuration

Layer / File(s) Summary
Repository structure and git configuration
AGENTS.md, CLAUDE.md, .gitignore
AGENTS.md and CLAUDE.md updated to remove references to legacy requirements.txt; AGENTS.md adds new "Backlog.md Task Tracking" section with workflow requirements for task creation/updates before edits; .gitignore expanded to handle .env.\.bak backup files, .setup-venv, and template fixtures (tools/macos-vz-helper/Tests/TemplateFixtures/\\/\.json).
Release notes and development guidelines
CHANGELOG.md, Codeslop-Vibecheck-SKILL.md
CHANGELOG.md adds three ACP release policy updates: expanded signoff evidence for permission/reconnect/recovery paths, downstream-agent support constraints (protocol/runner validation only), and retention/transcript redaction posture clarification; new Codeslop-Vibecheck-SKILL.md file defines code quality review checklist covering duplication, encapsulation, and sequential coupling with explicit flag/do-not-flag criteria and severity guidance.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~65 minutes

The PR spans 22 files with heterogeneous changes across CI/CD workflows, Docker deployment configuration, and entrypoint script refactoring. While individual changes follow consistent patterns (environment variables, workflow triggers, config pins), the density of logic in the entrypoint script refactoring (environment validation, database URL derivation, multi-user admin bootstrap), combined with the breadth of workflow updates and the interconnected Docker Compose configurations, requires careful review of both high-level intent and low-level correctness.

Possibly related PRs

  • rmusser01/tldw_server#1958: Overlaps on .dockerignore updates, CI workflow changes (PYTEST_ADDOPTS clearing), and entrypoint env-file handling.
  • rmusser01/tldw_server#1177: Introduces the vz-linux-host-gated.yml workflow that this PR updates and lints via actionlint configuration.
  • rmusser01/tldw_server#916: Both PRs update docker/login-action pinned uses: references in publish-docker.yml.

Suggested labels

Review effort 4/5

Poem

🐰 Docker stacks spin up in single and multi,
Workflows lint sharp and environment prep's guilty,
New helpers sign bundles on Silicon shines,
Admin bootstrap now draws the firm lines,
A rabbit hops through each deployment design! 🚀

🚥 Pre-merge checks | ✅ 2 | ❌ 3

❌ Failed checks (2 warnings, 1 inconclusive)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
Description check ⚠️ Warning The pull request description's Summary section is incomplete: both 'What changed:' and 'Why:' fields are empty, providing no substantive content for those critical sections. Fill in the Summary section with concise, substantive descriptions of what changed and why. The auto-generated cubic summary provides context but does not replace the required manual Summary fields.
Title check ❓ Inconclusive The title 'Cut a Relase' contains a typo ('Relase' instead of 'Release') and is vague; it does not clearly summarize the specific scope of changes in this broad release PR. Correct the typo and make the title more specific to the release scope (e.g., 'Release: add vz-linux workflow, Docker Compose stacks, and CI hardening').
✅ Passed checks (2 passed)
Check name Status Explanation
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch dev

Comment @coderabbitai help to get the list of available commands and usage tips.

Comment thread apps/tldw-frontend/e2e/smoke/chat-sticky-composer.spec.ts Fixed
Comment thread apps/tldw-frontend/e2e/smoke/smoke.setup.ts Fixed
Comment thread apps/tldw-frontend/e2e/smoke/smoke.setup.ts Fixed
Comment thread apps/tldw-frontend/e2e/workflows/chat-cockpit.real-server.spec.ts Fixed
Comment thread apps/tldw-frontend/e2e/workflows/chat-cockpit.real-server.spec.ts Fixed
@rmusser01 rmusser01 marked this pull request as ready for review June 1, 2026 02:30
@gemini-code-assist

Copy link
Copy Markdown

Warning

You have reached your daily quota limit. Please wait up to 24 hours and I will start processing your requests again!

@cubic-dev-ai cubic-dev-ai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Review completed

Note: This PR contains a large number of files. cubic only reviews up to 100 files per PR, so some files may not have been reviewed. cubic prioritizes the most important files to review.
On a pro plan you can use ultrareview for larger PRs.

Re-trigger cubic

@qodo-code-review

Copy link
Copy Markdown

Code Review by Qodo

Grey Divider

Looking for bugs?

Check back in a few minutes. An AI review agent is analyzing this pull request.

Grey Divider

Qodo Logo

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.impeccable/design.json:
- Around line 166-172: The sample CSS for the "Status Badge" component uses
success tint/text values but must match the declared token contract for
badge-status (neutral surface background + muted text). Update the
.ds-badge-status styles and its inner span styling to use the badge-status token
values instead of success colors: set the background to the neutral surface
token and the text color to the muted text token, and ensure the dot (inner
span) uses the appropriate token (e.g., muted text or an accent token per the
contract) so the example aligns with the badge-status token definition.

In `@DESIGN.md`:
- Line 264: Update the phrasing in the component guidance string that currently
reads "Rounded pills by default, medium weight text, 10px to 12px label sizes."
to use the hyphenated form "medium-weight text" so it reads "Rounded pills by
default, medium-weight text, 10px to 12px label sizes."; locate and replace the
exact phrase in DESIGN.md (the line containing "Rounded pills by default, medium
weight text, 10px to 12px label sizes.") to ensure consistent grammar and style
documentation.

In `@Dockerfiles/docker-compose.webui.yml`:
- Around line 36-38: The compose file currently exposes NEXT_PUBLIC_X_API_KEY as
a public-by-design build/runtime env for the single-user quickstart; preserve
that behavior but update the comment and usage guidance: keep
NEXT_PUBLIC_X_API_KEY in Dockerfiles/docker-compose.webui.yml and the
Dockerfiles/Dockerfile.webui ARG/ENV wiring, but change the comment to
explicitly state this is a low-privilege single-user/quickstart key only (do not
reuse production credentials), and add a note that multi-user/public deployments
must use the server-side login/JWT flow and should not rely on
NEXT_PUBLIC_X_API_KEY—also remind operators that the compose file binds to
127.0.0.1 for local-only access. Ensure references to NEXT_PUBLIC_X_API_KEY and
Dockerfile.webui/Dockerfiles/docker-compose.webui.yml are maintained.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 70535fd2-4e2a-4e97-b22c-6ec9b142c574

📥 Commits

Reviewing files that changed from the base of the PR and between 1538a55 and ced6690.

⛔ Files ignored due to path filters (34)
  • Docs/API/Sync_V2_M1.md is excluded by !docs/**
  • Docs/API/Sync_V2_M2.md is excluded by !docs/**
  • Docs/API/Sync_V2_M3.md is excluded by !docs/**
  • Docs/Design/2026-05-23-chatbook-sync-v2-roadmap-prd-design.md is excluded by !docs/**
  • Docs/Design/ACP_Workspace_Integration_Decision_2026_05.md is excluded by !docs/**
  • Docs/Design/Quick_Chat_Docs_Assistant.md is excluded by !docs/**
  • Docs/Design/Research_Workspace_Legacy_Storage_Inventory.md is excluded by !docs/**
  • Docs/Design/Research_Workspace_Migration_Protocol_API.md is excluded by !docs/**
  • Docs/Design/Research_Workspace_Shared_Workspace_Model_Contract_2026_05.md is excluded by !docs/**
  • Docs/Design/Sync_V2_M1_Implementation_Decisions.md is excluded by !docs/**
  • Docs/Design/Sync_V2_M2_Restore_Completeness_and_Blobs.md is excluded by !docs/**
  • Docs/Design/Sync_V2_M3_Polished_Multi_Device.md is excluded by !docs/**
  • Docs/Design/Tutorial_Per_Page_Coverage.md is excluded by !docs/**
  • Docs/Design/WebUI_Dependency_Audit.md is excluded by !docs/**
  • Docs/Design/Workspace_Canonical_Model_Decision_2026_05.md is excluded by !docs/**
  • Docs/Design/Workspace_Persistence_Architecture.md is excluded by !docs/**
  • Docs/Design/tldw_web_design_system_baseline_reporting.md is excluded by !docs/**
  • Docs/Design/tldw_web_design_system_contract.md is excluded by !docs/**
  • Docs/Design/tldw_web_design_system_visual_qa_checklist.md is excluded by !docs/**
  • Docs/Development/ACP_Certification_Checklist.md is excluded by !docs/**
  • Docs/Development/ACP_Compatibility_Matrix.md is excluded by !docs/**
  • Docs/Development/Agent_Client_Protocol.md is excluded by !docs/**
  • Docs/Getting_Started/Profile_Docker_Multi_User_Postgres.md is excluded by !docs/**
  • Docs/Getting_Started/Profile_Docker_Single_User.md is excluded by !docs/**
  • Docs/Getting_Started/Profile_Local_Single_User.md is excluded by !docs/**
  • Docs/Getting_Started/README.md is excluded by !docs/**
  • Docs/Getting_Started/onboarding_manifest.yaml is excluded by !docs/**
  • Docs/MCP/mcp_unified_module_ownership_inventory.md is excluded by !docs/**
  • Docs/Operations/Prototype_Workspaces_Release_Readiness.md is excluded by !docs/**
  • Docs/Operations/Research_Workspace_Trust_Status_Telemetry_Runbook.md is excluded by !docs/**
  • Docs/Plans/IMPLEMENTATION_PLAN_acp_opencode_aider_llamacpp.md is excluded by !docs/**
  • Docs/Plans/IMPLEMENTATION_PLAN_acp_pr2038_review_fixes.md is excluded by !docs/**
  • Docs/Product/Research_Workspace_Literature_Workproducts_PRD.md is excluded by !docs/**
  • Docs/Prompts/UX_RESEARCH_WORKSPACE_REVIEW_PROMPT.md is excluded by !docs/**
📒 Files selected for processing (7)
  • .github/workflows/frontend-ux-gates.yml
  • .github/workflows/ui-research-workspace-nightly.yml
  • .github/workflows/ui-research-workspace-parity.yml
  • .gitignore
  • .impeccable/design.json
  • DESIGN.md
  • Dockerfiles/docker-compose.webui.yml

Comment thread .impeccable/design.json
Comment thread DESIGN.md
Comment thread Dockerfiles/docker-compose.webui.yml Outdated

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)
.github/workflows/ui-research-workspace-parity.yml (2)

8-21: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Widen the trigger paths so parity runs for parity-affecting app changes.

These filters only watch the specs, a few shared workspace files, and package/config files. Changes in the actual WebUI or extension implementation can still alter parity behavior without touching any of these globs, which means this workflow will be skipped and the regression will not be exercised before merge.

Based on learnings: Every commit must compile successfully, pass all existing tests, and include tests for new functionality.

Also applies to: 25-38

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/ui-research-workspace-parity.yml around lines 8 - 21, The
workflow's paths filter (the "paths" array in the ui-research-workspace-parity
workflow) is too narrow and only watches specs and a few shared files; widen it
so parity runs when implementation code changes by expanding the globs to
include the WebUI and extension source trees (add recursive src/**/* style globs
for frontend and extension and broader ui package globs), and mirror the same
expansion for the other paths block mentioned in the comment so any
parity-affecting app changes trigger the workflow.

140-147: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Enable hidden-file upload for the parity JSON report.

apps/extension/.workspace-parity-e2e-report.json is a dotfile, and actions/upload-artifact skips hidden files by default unless include-hidden-files: true is set—so the report can be silently omitted even when present.

Suggested fix
       - name: Upload extension parity artifacts
         if: always()
         uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
         with:
           name: research-workspace-extension-parity-artifacts
+          include-hidden-files: true
           if-no-files-found: ignore
           path: |
             apps/extension/.workspace-parity-e2e-report.json
             apps/extension/test-results/**
             apps/extension/playwright-report/**
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/ui-research-workspace-parity.yml around lines 140 - 147,
The upload step "Upload extension parity artifacts" currently omits dotfiles
because actions/upload-artifact skips hidden files by default; update the step
that uses actions/upload-artifact (the "Upload extension parity artifacts" step)
to include the input include-hidden-files: true in the with block alongside
name, if-no-files-found and path so
apps/extension/.workspace-parity-e2e-report.json is uploaded when present.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Outside diff comments:
In @.github/workflows/ui-research-workspace-parity.yml:
- Around line 8-21: The workflow's paths filter (the "paths" array in the
ui-research-workspace-parity workflow) is too narrow and only watches specs and
a few shared files; widen it so parity runs when implementation code changes by
expanding the globs to include the WebUI and extension source trees (add
recursive src/**/* style globs for frontend and extension and broader ui package
globs), and mirror the same expansion for the other paths block mentioned in the
comment so any parity-affecting app changes trigger the workflow.
- Around line 140-147: The upload step "Upload extension parity artifacts"
currently omits dotfiles because actions/upload-artifact skips hidden files by
default; update the step that uses actions/upload-artifact (the "Upload
extension parity artifacts" step) to include the input include-hidden-files:
true in the with block alongside name, if-no-files-found and path so
apps/extension/.workspace-parity-e2e-report.json is uploaded when present.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 3a2b208f-7562-45bd-9db5-0d0958c13361

📥 Commits

Reviewing files that changed from the base of the PR and between ced6690 and 4b9ba14.

⛔ Files ignored due to path filters (3)
  • Docs/Architecture.md is excluded by !docs/**
  • Docs/Code_Documentation/Code_Map.md is excluded by !docs/**
  • Docs/Code_Documentation/Data_Flow_Atlas.md is excluded by !docs/**
📒 Files selected for processing (1)
  • .github/workflows/ui-research-workspace-parity.yml

@rmusser01 rmusser01 changed the title Cut a Relase Cut release: Research Workspace, MCP Unified, Docker Compose, and CI refactors Jun 3, 2026
@rmusser01 rmusser01 marked this pull request as draft June 4, 2026 03:33
Comment thread apps/packages/ui/src/components/Notes/task-markdown.ts Fixed
Comment thread apps/packages/ui/src/components/Notes/task-markdown.ts Fixed
@rmusser01 rmusser01 self-assigned this Jun 26, 2026
@rmusser01 rmusser01 marked this pull request as ready for review June 26, 2026 06:56
@qodo-code-review

Copy link
Copy Markdown

Looking for bugs?

Check back in a few minutes. Qodo's review agents are on it.

rmusser01 added 27 commits June 29, 2026 20:06
…x-design

chore: finalize MCP residual UX design task
…docs

docs(mcp): explain standalone profile discovery
Migrate TTS product-state alerts to design-system Alert
@rmusser01 rmusser01 merged commit 06d0198 into main Jun 30, 2026
41 checks passed
@rmusser01 rmusser01 mentioned this pull request Jun 30, 2026
10 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants