Clarify unavailable login in public mode and keep auth routes reachable#29
Open
Huynhthuongg wants to merge 5 commits into
Conversation
…mux lab and tools pages
… App.tsx conflicts
|
You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard. |
|
Important Review skippedAuto reviews are disabled on base/target branches other than the default branch. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: Organization UI Review profile: ASSERTIVE Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
✨ Simplify code
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
Kilo Code Review could not run — your account is out of credits. Add credits or switch to a free model to enable reviews on this change. |
Huynhthuongg
added
bug
This was
linked to
issues
May 23, 2026
Closed
Open
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
There was a problem hiding this comment.
11 issues found across 12 files
Confidence score: 3/5
- There is meaningful regression risk in
artifacts/sandbox-ai/src/App.tsx: core auth/routing behavior changed (PublicAppWithoutAuth/PublicOnlyRouter) without accompanying tests, so auth-gated navigation could break unnoticed. - Accessibility issues are user-impacting and high confidence, especially in
artifacts/sandbox-ai/src/pages/mobile-dashboard.tsx(icon-only toggle missing accessible name) andartifacts/sandbox-ai/src/pages/chat-static.tsx(disabled input missing label/ARIA name). - Several high-confidence i18n gaps in
artifacts/sandbox-ai/src/pages/auth-portal.tsx,artifacts/sandbox-ai/src/pages/termux-lab.tsx, andartifacts/sandbox-ai/src/config/auth-mode.tsincrease localization inconsistency risk; plusauth-mode.ts/App.tsxinclude config messaging inaccuracies that can mislead users. - Pay close attention to
artifacts/sandbox-ai/src/App.tsx,artifacts/sandbox-ai/src/config/auth-mode.ts,artifacts/sandbox-ai/src/pages/mobile-dashboard.tsx, andartifacts/sandbox-ai/src/pages/auth-portal.tsx- routing/auth flow changes lack tests, config status/banner logic may misreport state, and accessibility/i18n issues are directly user-facing.
Prompt for AI agents (unresolved issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="artifacts/sandbox-ai/src/pages/chat-static.tsx">
<violation number="1" location="artifacts/sandbox-ai/src/pages/chat-static.tsx:18">
P2: Custom agent: **Enforce Accessibility Standards (WCAG...)**
Disabled `<input>` element lacks an accessible label or ARIA naming, violating WCAG screen-reader compatibility requirements.</violation>
</file>
<file name="artifacts/sandbox-ai/src/pages/termux-lab.tsx">
<violation number="1" location="artifacts/sandbox-ai/src/pages/termux-lab.tsx:3">
P2: Custom agent: **Enforce Pragmatic Test Coverage**
New interactive UI component `TermuxLab` added with no test coverage for user-visible interaction or state change.</violation>
<violation number="2" location="artifacts/sandbox-ai/src/pages/termux-lab.tsx:8">
P2: Custom agent: **Enforce i18n for User-Facing Strings**
User-facing heading text is hardcoded instead of using i18n translation functions.</violation>
<violation number="3" location="artifacts/sandbox-ai/src/pages/termux-lab.tsx:14">
P2: Custom agent: **Enforce i18n for User-Facing Strings**
User-facing button label is hardcoded instead of using i18n translation functions.</violation>
</file>
<file name="artifacts/sandbox-ai/src/config/auth-mode.ts">
<violation number="1" location="artifacts/sandbox-ai/src/config/auth-mode.ts:22">
P2: Custom agent: **Enforce i18n for User-Facing Strings**
Raw user-facing hint strings in envChecklist are not wrapped with i18n translation keys/functions.</violation>
</file>
<file name="artifacts/sandbox-ai/src/App.tsx">
<violation number="1" location="artifacts/sandbox-ai/src/App.tsx:275">
P3: PublicOnlyRouter duplicates much of Router, increasing maintenance drift risk between auth-enabled and public-mode navigation.</violation>
</file>
Reply with feedback, questions, or to request a fix.
Re-trigger cubic
| @@ -0,0 +1,18 @@ | |||
| import { useState } from "react"; | |||
There was a problem hiding this comment.
P2: Custom agent: Enforce Pragmatic Test Coverage
New interactive UI component TermuxLab added with no test coverage for user-visible interaction or state change.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At artifacts/sandbox-ai/src/pages/termux-lab.tsx, line 3:
<comment>New interactive UI component `TermuxLab` added with no test coverage for user-visible interaction or state change.</comment>
<file context>
@@ -0,0 +1,18 @@
+import { useState } from "react";
+
+export default function TermuxLab() {
+ const [cmd, setCmd] = useState("npm run build");
+ const [logs, setLogs] = useState<string[]>(["[termux] session booted", "[ai] ready to suggest commands"]);
</file context>
| </div> | ||
| <div className="flex gap-2"> | ||
| <input value={cmd} onChange={(e) => setCmd(e.target.value)} className="flex-1 bg-white/10 text-white px-3 py-2 rounded" /> | ||
| <button onClick={() => setLogs((v) => [...v, `$ ${cmd}`, "[ai] suggestion: add --verbose if fail"])} className="px-3 py-2 rounded bg-cyan-500 text-black font-bold">Run</button> |
There was a problem hiding this comment.
P2: Custom agent: Enforce i18n for User-Facing Strings
User-facing button label is hardcoded instead of using i18n translation functions.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At artifacts/sandbox-ai/src/pages/termux-lab.tsx, line 14:
<comment>User-facing button label is hardcoded instead of using i18n translation functions.</comment>
<file context>
@@ -0,0 +1,18 @@
+ </div>
+ <div className="flex gap-2">
+ <input value={cmd} onChange={(e) => setCmd(e.target.value)} className="flex-1 bg-white/10 text-white px-3 py-2 rounded" />
+ <button onClick={() => setLogs((v) => [...v, `$ ${cmd}`, "[ai] suggestion: add --verbose if fail"])} className="px-3 py-2 rounded bg-cyan-500 text-black font-bold">Run</button>
+ </div>
+ </div>
</file context>
| const [logs, setLogs] = useState<string[]>(["[termux] session booted", "[ai] ready to suggest commands"]); | ||
| return ( | ||
| <div className="min-h-screen bg-black text-green-300 p-4 font-mono"> | ||
| <h1 className="text-white font-bold mb-4">Termux nền + AI command assistant (mock)</h1> |
There was a problem hiding this comment.
P2: Custom agent: Enforce i18n for User-Facing Strings
User-facing heading text is hardcoded instead of using i18n translation functions.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At artifacts/sandbox-ai/src/pages/termux-lab.tsx, line 8:
<comment>User-facing heading text is hardcoded instead of using i18n translation functions.</comment>
<file context>
@@ -0,0 +1,18 @@
+ const [logs, setLogs] = useState<string[]>(["[termux] session booted", "[ai] ready to suggest commands"]);
+ return (
+ <div className="min-h-screen bg-black text-green-300 p-4 font-mono">
+ <h1 className="text-white font-bold mb-4">Termux nền + AI command assistant (mock)</h1>
+ <div className="rounded-xl border border-green-500/30 p-3 mb-3 bg-green-950/20">
+ {logs.map((l, i) => <div key={i}>{l}</div>)}
</file context>
| value: import.meta.env.VITE_AUTH_MODE, | ||
| required: false, | ||
| status: "info" as const, | ||
| hint: "Optional. Use 'clerk' (default) or 'public'.", |
There was a problem hiding this comment.
P2: Custom agent: Enforce i18n for User-Facing Strings
Raw user-facing hint strings in envChecklist are not wrapped with i18n translation keys/functions.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At artifacts/sandbox-ai/src/config/auth-mode.ts, line 22:
<comment>Raw user-facing hint strings in envChecklist are not wrapped with i18n translation keys/functions.</comment>
<file context>
@@ -0,0 +1,38 @@
+ value: import.meta.env.VITE_AUTH_MODE,
+ required: false,
+ status: "info" as const,
+ hint: "Optional. Use 'clerk' (default) or 'public'.",
+ },
+ {
</file context>
| } | ||
|
|
||
|
|
||
| function PublicOnlyRouter() { |
There was a problem hiding this comment.
P3: PublicOnlyRouter duplicates much of Router, increasing maintenance drift risk between auth-enabled and public-mode navigation.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At artifacts/sandbox-ai/src/App.tsx, line 275:
<comment>PublicOnlyRouter duplicates much of Router, increasing maintenance drift risk between auth-enabled and public-mode navigation.</comment>
<file context>
@@ -258,14 +271,57 @@ function ClerkProviderWithRoutes() {
}
+
+function PublicOnlyRouter() {
+ return (
+ <Switch>
</file context>
Huynhthuongg
commented
May 23, 2026
Huynhthuongg
left a comment
Huynhthuongg
left a comment
Member
Author
There was a problem hiding this comment.
@Huynhthuongg @anthropic-code-agent @openai-code-agent
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
There was a problem hiding this comment.
0 issues found across 1 file (changes from recent commits).
Requires human review: Auto-approval blocked by 6 unresolved issues from previous reviews.
Re-trigger cubic
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary by cubic
Clarified login behavior in public mode and kept auth routes reachable with a clear
AuthPortal. Added a/health-configpage for quick environment checks and a public-only router that redirects protected pages and shows a small notice.New Features
publicauth mode fallback whenVITE_AUTH_MODE=publicorVITE_CLERK_PUBLISHABLE_KEYis missing; app uses a public-only router that redirects/chat*and/pricingto/, keeps/download,/auth,/sign-in, and/sign-upreachable, and routes sign-in/up toAuthPortal./health-configto display auth mode, required envs, and readiness./mobile-dashboard,/chat-static,/termux-lab,/tools.Refactors
src/config/auth-mode.ts;App.tsxnow wraps the public fallback inWouterRouterand usesPublicAppWithoutAuthwith an on-screen notice.tsconfig.json.docs_self_healing_process.mdwith a short self-healing checklist.Written for commit 1eb40ac. Summary will update on new commits. Review in cubic