assistant-ui: surface GitHub App install + permission links per repo#591
Merged
Conversation
Managing the personal-stack-agents GitHub App — installing it on a repo's owner, and periodically widening the token's permissions and approving that on each installation — meant leaving the UI to hunt for GitHub URLs. The repositories feature now surfaces those links directly. A pure helper (features/repositories/services/githubAppLinks.ts) parses the owner from a repository URL (scp-style SSH, ssh://, http(s)://, rejecting non-GitHub and malformed values) and builds the install URL from a slug read from VITE_GITHUB_APP_SLUG (default personal-stack-agents). A per-repository GitHubAppPanel shows the detected owner with install, user- and org-installation configure, and owner-side permissions links; a repo-agnostic GitHubAppReference on the repositories overview carries the operator-side permissions and installations links plus the per-installation approval note. The assistant-ui Dockerfile gains a VITE_GITHUB_APP_SLUG build arg. Frontend-only by design: no assistant-api or OpenAPI change, so the links are built client-side and the committed contract is untouched.
The repo-wide `pnpm format:check` (`prettier --check .`) only runs in the "Lint Frontend" job, which is path-gated to frontend changes — so the agent-kit prompt/template/skill/manifest files and private design notes have been edited for a while without prettier ever checking them, leaving them in a non-prettier style. The first PR to touch a frontend path surfaces that as 21 "code style" failures unrelated to the change. These are authored/generated text — prompt wording, rendered skills, the manifest whose sha256s are pinned by the agent-kit renderer, and private design docs — not JS sources, and prettier reformatting them either churns prompt text or fights the renderer. Exclude them from prettier, matching how the ignore file already excludes generated artefacts (openapi.json, generated.ts, generated-jooq).
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Managing the
personal-stack-agentsGitHub App — installing it on a repo's owner, and periodically widening the token's permissions and approving that on each installation — meant leaving the UI and hunting for GitHub URLs. The repositories feature now surfaces those links directly, so it can be done from the frontend without searching the repo.githubAppLinks.ts— pure helper: parses the owner from a repository URL (scp-style SSH,ssh://,http(s)://; rejects non-GitHub hosts, malformed values, bad owners) and builds the install URL from a slug read fromVITE_GITHUB_APP_SLUG(defaultpersonal-stack-agents).GitHubAppPanel.vue(per repository, inRepositoryView) — shows the detected owner with install, user-installation configure, org-installation configure, and owner-side permissions links, plus the requested-permissions summary (contents/pull_requests/actions: write).GitHubAppReference.vue(repositories overview) — repo-agnostic operator panel with the public App, install, owner permissions, and owner installations links and the "approve the change on each installation" note — the periodic permission-bump path.VITE_GITHUB_APP_SLUGbuild arg so images can override the slug.Frontend-only by design
No assistant-api / OpenAPI change: every link is built client-side from the repo owner + configurable slug, so
services/assistant-api/openapi.jsonandservices/assistant-ui/src/api/generated.tsare untouched (the contract job stays green). All links open in a new tab withrel="noopener noreferrer".How it was built
Planned and implemented through the council orchestrator with codex (
gpt-5.5) as planner-B, consolidator, worker, and verifier (claude as planner-A for the cross-model critique). 5-task DAG fanned out across codex workers in isolated worktrees.Verification
npm run typecheck(vue-tsc) — clean.npm run lint(eslint . --max-warnings 0) — clean.target=_blank/rel=noopener noreferrer).git diffonopenapi.json/generated.ts— clean.