feat(cua): add cross-platform runtimes

[zerob13]

Summary

• Update the bundled CUA plugin to stage pinned upstream cua-driver-rs-v0.5.5 release assets.
• Support darwin/arm64, darwin/x64, win32/x64, win32/arm64, and linux/x64 targets; keep linux/arm64 hidden and fail-closed.
• Make plugin discovery, packaging, CI/release workflows, skill docs, and tests target-aware.

Validation

• pnpm run format
• pnpm run i18n
• pnpm run lint
• pnpm run typecheck
• pnpm test -- test/main/presenter/pluginPresenter.test.ts test/main/scripts
• pnpm run plugin:bundle -- --name cua --platform win32 --arch x64
• pnpm run plugin:verify -- --name cua --platform win32 --arch x64 --plugin-root build\\bundled-plugins
• pnpm run plugin:bundle -- --name cua --platform win32 --arch arm64
• pnpm run plugin:verify -- --name cua --platform win32 --arch arm64 --plugin-root build\\bundled-plugins
• pnpm run build && pnpm exec electron-builder --win --x64 --dir --publish=never
• Embedded plugin verify under dist\\win-unpacked\\resources\\app.asar.unpacked\\plugins
• plugins\\cua\\runtime\\win32\\x64\\cua-driver.exe --version
• plugins\\cua\\runtime\\win32\\x64\\cua-driver.exe check_permissions

Summary by CodeRabbit

Release Notes

• New Features

  • Expanded CUA (Computer Use) plugin support to Windows and Linux x64 with platform/architecture-aware behavior.
  • Updated CUA driver to v0.5.5 and expanded the available tool surface accordingly.

• Bug Fixes & Improvements

  • Improved CUA runtime staging/packaging for target-specific payloads, checksum verification, and executable permissions.
  • Refined tool permissions and recording controls (start/stop) and added user-approval gating for install_ffmpeg.

• Documentation

  • Updated CUA specs, packaging guidance, and skill/tool instructions for cross-platform usage.

• UI

  • Made settings navigation adapt to runtime architecture as well as platform.

[coderabbitai]

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

• @coderabbitai resume to resume automatic reviews.
• @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

• ▶️ Resume reviews
• 🔍 Trigger review

📝 Walkthrough

Walkthrough

The CUA plugin is migrated from a macOS-only Swift fork to the upstream Rust driver v0.5.5, adding cross-platform support for darwin, win32, and linux (excluding linux/arm64). The change rewrites the runtime staging script to download, verify, and extract pinned upstream release assets; updates packaging to filter per-target runtime subtrees with executable permission preservation; extends the plugin manifest type and plugin host with arch-aware support evaluation; wires cua bundle/verify into Windows and Linux CI jobs; adds runtime arch awareness to settings navigation; and updates skill documentation for cross-platform guidance. Additional fixes address GitHub Actions build failures on Windows arm64 and Linux x64 by rewriting the ACP registry fetcher to use Node HTTPS with sequential icon downloads.

Changes

CUA cross-platform runtime expansion

Layer / File(s)	Summary
Type schema, upstream pin, and plugin manifest/policy src/shared/types/plugin.ts, plugins/cua/vendor/cua-driver/upstream.json, plugins/cua/plugin.json, plugins/cua/policies/tool-policy.json	PluginEngineManifest gains optional targets?: string[]. Upstream pin switches from Swift fork v0.2.0 to Rust upstream-release v0.5.5 with updated asset/checksum filenames and target lists (darwin arm64/x64, win32 x64/arm64, linux x64; linux arm64 unsupported). plugin.json expands engines.platforms/targets to darwin/win32/linux arch pairs, updates runtime detect paths per platform, and bumps minVersion to 0.5.5. Tool policies add get_accessibility_tree, session controls, split recording (start_recording/stop_recording), and install_ffmpeg; remove screenshot and set_recording.
Runtime staging script rewrite scripts/build-cua-plugin-runtime.mjs	Replaces Swift source compilation with a download-verify-extract-stage pipeline: fetches checksums.txt and the target archive from the pinned GitHub release, verifies SHA-256, extracts with ZIP path-safety or tar fallback, copies the correct binary into plugins/cua/runtime/<platform>/<arch>, sets executable bits, runs lipo/codesign validation on macOS, and performs host-matched smoke tests via --version (with Linux glibc loader mismatch exception).
Packaging script: target-aware filtering and permission bits scripts/package-plugin.mjs	Defaults targetPlatform from TARGET_PLATFORM env, validates engines.targets, skips runtime/<platform>/<arch> entries not matching the requested target, preserves filesystem mode in collected files, sets zip executable attributes from mode bits, rewrites validateCuaRuntime per target key, and rejects packaging when the manifest does not support the requested target.
Plugin discovery, verification, and PluginPresenter arch injection scripts/plugin.mjs, src/main/presenter/pluginPresenter/index.ts	isPluginSupported gains targetArch and evaluates platform/arch pairs when targets are declared. verifyArtifacts filters by both platform and arch. PluginPresenter accepts injected arch (defaulting to process.arch), short-circuits permission probing on non-darwin, evaluates engines.targets against alias/arch pairs in platform support checks, and uses this.arch for placeholder hydration.
Build scripts and CI/CD workflow changes package.json, .github/workflows/build.yml, .github/workflows/release.yml	package.json adds explicit --platform flags to plugin:cua:build:* scripts and replaces direct cua build invocations in platform commands with unified plugin:bundle calls. Both CI workflows add cua bundle+verify steps to Windows and Linux jobs and remove the separate macOS plugin:cua:build:mac step.
Settings navigation: arch-aware route filtering and display src/preload/index.ts, src/preload/index.d.ts, src/renderer/api/runtime.ts, src/renderer/settings/App.vue, src/renderer/settings/components/SettingsOverview.vue, src/renderer/settings/main.ts, src/main/presenter/windowPresenter/index.ts, src/shared/settingsNavigation.ts, test/main/shared/settingsNavigation.test.ts	Adds getArch() preload API and getRuntimeArch() renderer helper to retrieve system architecture. Extends SettingsNavigationItem with optional supportedTargets?: string[] for platform/arch pair gating. Settings app and components capture both runtimePlatform and runtimeArch, passing both to route/group/path resolution. The settings-plugins item is restricted to CUA-supported targets (darwin/arm64, darwin/x64, win32/x64, win32/arm64, linux/x64), hiding it for linux/arm64. Tests verify visibility gating across supported/unsupported target combinations.
Settings UI and skill documentation plugins/cua/settings/assets/index.js, plugins/cua/skills/cua-driver/*	Settings UI shows 'Not required on this platform' when helperAppPath is absent. Skill docs (SKILL.md, README.md, RECORDING.md, TESTS.md, WEB_APPS.md) replace macOS/MCP-specific wording with cross-platform DeepChat tool surface descriptions, add a Platform Notes section, rename recording tools to start_recording/stop_recording, and document supported/unsupported targets and platform-specific behavior.
Feature spec, plan, tasks, and packaging guide docs/features/cua-cross-platform-computer-use/spec.md, docs/features/cua-cross-platform-computer-use/plan.md, docs/features/cua-cross-platform-computer-use/tasks.md, docs/guides/plugin-packaging.md	New spec.md, plan.md, and tasks.md define the target matrix, staging requirements, tool surface expectations, packaging constraints, and a 14-step task plan. plugin-packaging.md is updated with the new staging commands, cross-platform build matrix, and artifact filename patterns for all supported targets.
PluginPresenter and settingsNavigation tests test/main/presenter/pluginPresenter.test.ts, test/main/shared/settingsNavigation.test.ts	Fixture building gains arch parameterization, platform-conditional runtime helper filenames, and PATH-based detect entries. New/revised CUA tests cover platform+arch matrix visibility, v0.5.5 tool policy allow/ask sets, upstream metadata assertions, policy-surface restrictions, skill-instruction alignment, and cross-platform packaging/docs/CI wiring. Settings navigation tests verify settings-plugins visibility for CUA-supported targets and confirm it is hidden for linux/arm64.

Build action platform failures remediation

Layer / File(s)	Summary
Build action fixes documentation docs/issues/build-action-platform-failures/spec.md, docs/issues/build-action-platform-failures/plan.md, docs/issues/build-action-platform-failures/tasks.md	New documentation directory introduces spec, plan, and tasks files describing the goal to restore the manual Build Application workflow, enumerating planned fixes for Windows arm64 and Linux x64 failures (ACP registry implementation, CUA smoke-check glibc branch, Windows bash execution), acceptance criteria, and a local+CI verification checklist.
ACP registry fetcher and vuedraggable typing scripts/fetch-acp-registry.mjs, src/renderer/src/types/vuedraggable.d.ts	Replaces fetch-based network logic with a custom fetchText helper using Node's https.request, implementing redirect support, timeout handling, and explicit error handling for non-2xx responses. Changes icon downloading from parallel Promise.all to sequential loop to avoid concurrent-request crashes during Windows arm64 builds. Adds a TypeScript declaration for vuedraggable to resolve macOS arm64 typing issues with Vue draggable components.

Sequence Diagram(s)

sequenceDiagram
  participant CI as CI Workflow
  participant build as build-cua-plugin-runtime.mjs
  participant gh as GitHub Releases
  participant pkg as package-plugin.mjs
  participant host as PluginPresenter
  participant nav as settingsNavigation

  CI->>build: pnpm run plugin:cua:build --platform win32 --arch x64
  build->>gh: GET checksums.txt (cua-driver-rs-v0.5.5)
  build->>gh: GET cua-driver-win32-x64.zip
  gh-->>build: archive + checksums
  build->>build: SHA-256 verify
  build->>build: extract (ZIP path-safety check)
  build->>build: stage binary → plugins/cua/runtime/win32/x64/
  build-->>CI: staged runtime path

  CI->>pkg: pnpm run plugin:bundle --name cua --platform win32 --arch x64
  pkg->>pkg: skip runtime/darwin/*, runtime/linux/*
  pkg->>pkg: collectFiles with mode bits
  pkg->>pkg: validateCuaRuntime for win32/x64
  pkg->>pkg: set zip executable attributes
  pkg-->>CI: cua-win32-x64.dcplugin

  CI->>CI: pnpm run plugin:verify --name cua --platform win32 --arch x64

  host->>host: isPluginPlatformSupported(engines.targets, platform/arch)
  host->>host: resolveRuntimeCandidate (this.arch placeholder)
  host->>host: checkRuntimePermissions (skip probe on non-darwin)

  nav->>nav: getSettingsRouteItems(platform, arch)
  nav->>nav: isSettingsNavigationItemSupported with supportedTargets
  nav-->>nav: filter settings-plugins for win32/x64

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~75 minutes

Possibly related PRs

• ThinkInAIXYZ/deepchat#1628: Both PRs modify the GitHub Actions plugin build/verify wiring in .github/workflows/{build,release}.yml and scripts/plugin.mjs to handle per-platform/arch plugin support, directly paralleling the cua cross-platform wiring added in this PR.
• ThinkInAIXYZ/deepchat#1592: Both PRs update the CUA upstream driver metadata in plugins/cua/vendor/cua-driver/upstream.json (main updates to v0.5.5 with new asset names), touching overlapping vendored driver version pinning logic.

Poem

🐇 Hop hop, the rabbit cheers today,
No more Swift-only, cross-platform hooray!
Downloads the Rust driver, checks its hash,
Stages win32 and linux in a flash.
darwin/win32/linux/x64 — all in the bundle!
(linux/arm64 stays snoozing in the tunnel.) 🏗️

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'feat(cua): add cross-platform runtimes' directly and clearly describes the main change: adding cross-platform runtime support to the CUA plugin, which is the central objective of this changeset.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch codex/cua-cross-platform-computer-use

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (2)

docs/guides/plugin-packaging.md (1)

180-190: 💤 Low value

Clarify the scope of the embedded files example.

The label "Expected embedded files (macOS example):" followed by win32 and linux plugin filenames is ambiguous. Either label this as an all-platforms example or split it into platform-specific examples so readers understand the context.

✏️ Example clarification

Option 1: Change label to reflect cross-platform scope:

-Expected embedded files (macOS example):
+Expected embedded files (example across all platforms):

Option 2: Split into platform-specific examples:

-Expected embedded files (macOS example):
+Expected embedded files by platform:
+
+macOS:

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/guides/plugin-packaging.md` around lines 180 - 190, The section labeled
"Expected embedded files (macOS example):" contains file paths for multiple
platforms (macOS, Windows, and Linux) which contradicts the "macOS example"
designation and creates ambiguity for readers. Either retitle the section to
"Expected embedded files (All platforms example):" or similar language that
accurately reflects the cross-platform scope, or alternatively split the example
into separate platform-specific subsections (one for macOS, one for Windows, one
for Linux) so readers understand which files apply to their target platform.

scripts/build-cua-plugin-runtime.mjs (1)

151-163: 💤 Low value

Consider invalidating cache on checksum failure.

If a download is interrupted, a partial file may remain in the cache. While verifyChecksum will catch this and fail, the user must manually delete the cached file to retry. Consider adding cache invalidation on checksum mismatch or removing the partial file on download failure.

♻️ Optional improvement to auto-invalidate on checksum failure

 async function verifyChecksum(checksumsPath, assetPath, assetName) {
   const checksums = parseChecksums(await fs.readFile(checksumsPath, 'utf8'))
   const expected = checksums.get(assetName)
   if (!expected) {
     throw new Error(`checksums.txt does not contain ${assetName}`)
   }
   const actual = await sha256File(assetPath)
   if (actual !== expected) {
+    await fs.rm(assetPath, { force: true })
     throw new Error(`Checksum mismatch for ${assetName}. Expected ${expected}, got ${actual}`)
   }
 }

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@scripts/build-cua-plugin-runtime.mjs` around lines 151 - 163, The
downloadFile function does not clean up partial files if a download fails or if
subsequent checksum verification fails, leaving corrupted cache entries. Wrap
the fetch and file write operations in a try-catch block within downloadFile to
delete the outputPath file if an error occurs during download, ensuring the
partial file is removed from cache. Additionally, identify where verifyChecksum
is called after downloadFile and add error handling there to also delete the
outputPath file if checksum verification fails, so the cached file is
invalidated and the user can retry the download without manual intervention.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@scripts/plugin.mjs`:
- Around line 85-91: The isPluginSupported function compares lowercased manifest
targets against potentially uppercase input values from CLI or environment
variables, causing false-negative matches with inputs like WIN32 or X64.
Normalize both targetPlatform and targetArch to lowercase at the start of the
function before using them in the aliases comparison and the target inclusion
check to ensure consistent case-insensitive matching throughout.

In `@test/main/presenter/pluginPresenter.test.ts`:
- Around line 796-813: The constants expectedAllow and expectedAsk in the test
do not follow the SCREAMING_SNAKE_CASE naming convention required by the project
coding guidelines. Rename expectedAllow to EXPECTED_ALLOW and expectedAsk to
EXPECTED_ASK, then update all references to these constants throughout the test
file to use the new names instead of the old camelCase versions.

---

Nitpick comments:
In `@docs/guides/plugin-packaging.md`:
- Around line 180-190: The section labeled "Expected embedded files (macOS
example):" contains file paths for multiple platforms (macOS, Windows, and
Linux) which contradicts the "macOS example" designation and creates ambiguity
for readers. Either retitle the section to "Expected embedded files (All
platforms example):" or similar language that accurately reflects the
cross-platform scope, or alternatively split the example into separate
platform-specific subsections (one for macOS, one for Windows, one for Linux) so
readers understand which files apply to their target platform.

In `@scripts/build-cua-plugin-runtime.mjs`:
- Around line 151-163: The downloadFile function does not clean up partial files
if a download fails or if subsequent checksum verification fails, leaving
corrupted cache entries. Wrap the fetch and file write operations in a try-catch
block within downloadFile to delete the outputPath file if an error occurs
during download, ensuring the partial file is removed from cache. Additionally,
identify where verifyChecksum is called after downloadFile and add error
handling there to also delete the outputPath file if checksum verification
fails, so the cached file is invalidated and the user can retry the download
without manual intervention.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: bd5df07b-423c-46cd-a0e7-1e9b9f739cc3

📥 Commits

Reviewing files that changed from the base of the PR and between b67332c and ede49a3.

📒 Files selected for processing (22)

• .github/workflows/build.yml
• .github/workflows/release.yml
• docs/features/cua-cross-platform-computer-use/plan.md
• docs/features/cua-cross-platform-computer-use/spec.md
• docs/features/cua-cross-platform-computer-use/tasks.md
• docs/guides/plugin-packaging.md
• package.json
• plugins/cua/plugin.json
• plugins/cua/policies/tool-policy.json
• plugins/cua/settings/assets/index.js
• plugins/cua/skills/cua-driver/README.md
• plugins/cua/skills/cua-driver/RECORDING.md
• plugins/cua/skills/cua-driver/SKILL.md
• plugins/cua/skills/cua-driver/TESTS.md
• plugins/cua/skills/cua-driver/WEB_APPS.md
• plugins/cua/vendor/cua-driver/upstream.json
• scripts/build-cua-plugin-runtime.mjs
• scripts/package-plugin.mjs
• scripts/plugin.mjs
• src/main/presenter/pluginPresenter/index.ts
• src/shared/types/plugin.ts
• test/main/presenter/pluginPresenter.test.ts

[coderabbitai]

🧹 Nitpick comments (1)

test/main/presenter/pluginPresenter.test.ts (1)

889-896: ⚡ Quick win

Harden implementation-coupled string checks to reduce false CI failures.

These assertions are currently tied to exact source text/newline indentation (toContain('- name: Build Windows\n shell: bash') and specific loop text), so harmless refactors can break tests without behavior changes. Prefer regex/structure-based checks for intent-level validation.

Suggested refactor

-    expect(source).toContain('for (const agent of iconAgents)')
+    expect(source).toMatch(/for\s*\(\s*const\s+\w+\s+of\s+iconAgents\s*\)/)

-    expect(buildWorkflow).toContain('- name: Build Windows\n        shell: bash')
+    expect(buildWorkflow).toMatch(/- name:\s*Build Windows[\s\S]*?shell:\s*bash/)

Also applies to: 1018-1018

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@test/main/presenter/pluginPresenter.test.ts` around lines 889 - 896, The test
assertions in the 'keeps ACP registry build-time fetching compatible with
Windows arm64' test case use exact string matching with toContain(), which is
brittle and can fail due to harmless formatting or indentation changes. Replace
these toContain() calls with regex-based toMatch() checks that validate the
intent of the code (such as checking for the presence of node:https imports and
the loop iteration pattern) without coupling to exact whitespace and newlines.
This applies to all similar assertion patterns in the test file that use
toContain() for source code validation, making the tests more resilient to
refactoring.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@test/main/presenter/pluginPresenter.test.ts`:
- Around line 889-896: The test assertions in the 'keeps ACP registry build-time
fetching compatible with Windows arm64' test case use exact string matching with
toContain(), which is brittle and can fail due to harmless formatting or
indentation changes. Replace these toContain() calls with regex-based toMatch()
checks that validate the intent of the code (such as checking for the presence
of node:https imports and the loop iteration pattern) without coupling to exact
whitespace and newlines. This applies to all similar assertion patterns in the
test file that use toContain() for source code validation, making the tests more
resilient to refactoring.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 29a16b4a-9cdd-418b-9dc7-c92cd41a2e0b

📥 Commits

Reviewing files that changed from the base of the PR and between 66ff44a and d3329dc.

📒 Files selected for processing (10)

• .github/workflows/build.yml
• docs/features/cua-cross-platform-computer-use/plan.md
• docs/features/cua-cross-platform-computer-use/spec.md
• docs/features/cua-cross-platform-computer-use/tasks.md
• docs/issues/build-action-platform-failures/plan.md
• docs/issues/build-action-platform-failures/spec.md
• docs/issues/build-action-platform-failures/tasks.md
• scripts/build-cua-plugin-runtime.mjs
• scripts/fetch-acp-registry.mjs
• test/main/presenter/pluginPresenter.test.ts

✅ Files skipped from review due to trivial changes (6)

• docs/issues/build-action-platform-failures/tasks.md
• docs/issues/build-action-platform-failures/plan.md
• docs/issues/build-action-platform-failures/spec.md
• docs/features/cua-cross-platform-computer-use/tasks.md
• docs/features/cua-cross-platform-computer-use/spec.md
• docs/features/cua-cross-platform-computer-use/plan.md

🚧 Files skipped from review as they are similar to previous changes (2)

• .github/workflows/build.yml
• scripts/build-cua-plugin-runtime.mjs

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/shared/settingsNavigation.ts`:
- Around line 294-297: The fail-closed target gating logic in the
settingsNavigation.ts file is inverted. When supportedTargets is defined and
either platform or arch is missing, the function currently returns true (making
the item visible), which is fail-open behavior. To implement proper fail-closed
behavior, change the return statement in the condition checking (!platform ||
!arch) within the item.supportedTargets?.length block to return false instead of
true, so that items are hidden by default when target platform information is
unavailable.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: a35b9450-bab7-48ca-9c0c-339a5154e0ac

📥 Commits

Reviewing files that changed from the base of the PR and between e7e699f and 3aa9332.

📒 Files selected for processing (10)

• docs/features/cua-cross-platform-computer-use/spec.md
• src/main/presenter/windowPresenter/index.ts
• src/preload/index.d.ts
• src/preload/index.ts
• src/renderer/api/runtime.ts
• src/renderer/settings/App.vue
• src/renderer/settings/components/SettingsOverview.vue
• src/renderer/settings/main.ts
• src/shared/settingsNavigation.ts
• test/main/shared/settingsNavigation.test.ts

✅ Files skipped from review due to trivial changes (2)

• src/preload/index.d.ts
• docs/features/cua-cross-platform-computer-use/spec.md

[coderabbitai]

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Fail-closed target gating is currently implemented as fail-open

When supportedTargets is defined, returning true for missing platform/arch makes settings-plugins visible by default. That contradicts the stated fail-closed behavior for unsupported targets.

Suggested fix

   if (item.supportedTargets?.length) {
-    if (!platform || !arch) {
-      return true
-    }
+    if (!platform || !arch) {
+      return false
+    }
     const normalizedArch = arch.trim().toLowerCase()
     const aliases = getPlatformAliases(platform)
     const targets = item.supportedTargets.map((target) => target.trim().toLowerCase())
     return [...aliases].some((platformAlias) =>
       targets.includes(`${platformAlias}/${normalizedArch}`)
     )
   }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	if (item.supportedTargets?.length) {
	if (!platform || !arch) {
	return true
	}
	if (item.supportedTargets?.length) {
	if (!platform || !arch) {
	return false
	}

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/shared/settingsNavigation.ts` around lines 294 - 297, The fail-closed
target gating logic in the settingsNavigation.ts file is inverted. When
supportedTargets is defined and either platform or arch is missing, the function
currently returns true (making the item visible), which is fail-open behavior.
To implement proper fail-closed behavior, change the return statement in the
condition checking (!platform || !arch) within the item.supportedTargets?.length
block to return false instead of true, so that items are hidden by default when
target platform information is unavailable.