Release: dev to master (Image Studio, Game Studio, DeepSeek, store popularity, app redesigns)#938
Conversation
…le (Safari blank windows) WebKit drops/staleifies backdrop-filter compositing layers while a tab is hidden and does not rebuild them when it is shown again, so switching back into taOS leaves frosted-glass surfaces (windows, dock, top bar, the agent chat panel) blank until something forces a re-composite. The existing theme-switch repaint (#867) never fires here because rAF is paused while the tab is hidden. Extend the same proven nudge to run on visibilitychange (->visible), pageshow (bfcache restore), and focus. installWebkitRepaintGuards() is idempotent and wired into both the desktop shell (App.tsx) and the standalone chat PWA (chat-main.tsx). Adds tests. Fixes the blank taOS Agent window Jay hit after switching back to the taOS Safari tab.
…x in flight, 3060 backend progress
…che (bot review) - Only Safari/WebKit drops backdrop-filter layers on tab-hide, so gate installWebkitRepaintGuards() to isWebKit() (AppleWebKit, not Chrome/Edge). Chromium/Gecko no longer pay a needless repaint on visibility/focus. - Drop the blanket focus listener; pageshow now repaints only on bfcache restore (persisted=true), not on every normal load. - Tests: deterministic Safari UA, isWebKit matrix, pageshow persisted vs not, order-independent idempotency check. Refs #891
…-book PDF
The storybook demo's final deliverable is a PDF; no project export existed.
- tinyagentos/projects/storybook.py: pure-Pillow renderer (no new deps) that
composes a cover + per-page illustration with a caption band into a multi-page
PDF. System-font probe (DejaVu/macOS) with graceful fallback; cover-fit art,
word-wrap, placeholder for missing illustrations.
- export_storybook agent tool (project_tools): ownership-checked, resolves page
image_refs from the workspace generated dir, slug-guards the path, saves to the
project's files/exports/<slug>.pdf and returns a download url under the existing
/api/projects/{slug}/files route. Registered in skill_exec + seeded in skills.py.
- agent manual: document export_storybook as the final step of the storybook flow
(trimmed the image-prompting section to stay under the compiled-manual cap).
- tests: renderer (valid PDF, missing art/empty text, cover default, wrap, fit)
+ the agent tool (renders pdf, requires pages, rejects other users' project).
Refs #37
…; storybook PDF export #895; next = demo drive
Several load-time surfaces hardcoded the old indigo brand colour (#1a1b2e and the #1a1b2e->#252848 gradient) from before the graphite rebrand, so they flashed indigo/purple before the theme applied, and didn't follow the active theme afterwards. - ChatStandalone (chat-pwa root), OnboardingScreen, LoginGate: hardcoded indigo bg/gradient -> var(--color-shell-bg), so they match whatever theme is active (base token is graphite, so no purple pre-theme; follows indigo/light once applied). - TerminalApp ANSI black + cursorAccent (xterm needs literal hex): indigo -> graphite #141415/#1c1c1f. - index.html theme-color meta (mobile chrome): #1a1b2e -> #141415. The indigo THEME keeps its colours (builtin-themes / wallpaper defs untouched).
…n) + terminal tracks the theme at runtime The mobile-PWA purple was in the BACKEND, not the SPA: - static/manifest-desktop.json + manifest-chat.json: background_color + theme_color were indigo (#1a1b2e / #1a1a2e). That is the native PWA splash on launch, which no in-app CSS can touch. -> graphite #141415 (dark default). (Already-installed PWAs may keep the old splash until reinstalled.) - routes/auth.py server-rendered login page: indigo gradient + #151625 input + purple card -> neutral graphite (it is pre-auth, no theme context, so it matches the dark default). - TerminalApp: xterm theme + container backgrounds were hardcoded indigo (#151625). Now built from the active theme's CSS tokens (buildXtermTheme reads --color-shell-bg/-text/--color-accent) and re-applied on theme switch, so the terminal tracks whatever theme is active at runtime. Refs #899
…in purple + terminal theme-reactive; PWA reinstall caveat), cross-agent learning #900
…persistent mobile-PWA purple) The chat PWA has its own entry HTML (desktop/chat.html), separate from index.html. Its theme-color meta and iOS apple-touch-startup splash background were still #1a1b2e, so the mobile PWA kept flashing indigo on launch (status bar + iOS splash) even after the manifest + SPA fixes, and survived reinstall because it is baked into the served HTML. -> graphite #141415. Refs #899
…lor-scheme
The desktop index.html had html,body { background: transparent }, so the
browser-default white showed through behind Safari's top status-bar area and
bottom toolbar, and in the safe-area strips (Safari tints its chrome from the
page edge colour). Set the document background to var(--color-shell-bg) with a
graphite fallback + color-scheme: dark on both index.html and chat.html so
Safari renders its UI + safe areas dark and theme-aware.
Refs #899
…ss token + safe-area MobileSplitView (the chat-pwa mobile header / back-nav bar) used a hardcoded indigo glass rgba(15,15,30,0.7) -- the purple strip at the top. Add a --color-shell-bg-glass token (neutral graphite, theme-overridable) and use it, border via --color-shell-border, and extend the bar's bg up behind the status bar (paddingTop safe-area-inset-top) so the top strip matches the bar not the body. Combined with the body -> var(--color-shell-bg) fix, the white Safari bars, purple top, and bottom dead-space all resolve and follow the theme. Refs #899 #39
fastapi 0.137.0 broke APIRouter inclusion: app.include_router(router) contributes none of the router's routes to the app. With the previous open-ended fastapi>=0.115.0 pin, CI floated to 0.137.0 and create_app() came up with an empty /api surface, failing every route-registration test on dev (and cascading to all open PRs). Minimal repro: a 3-route APIRouter included into a fresh FastAPI app yields zero of its paths under 0.137.0; 0.136.3 yields all three. Cap to the last good release.
fix(deps): cap fastapi <0.137 (0.137.0 include_router regression)
…sible fix(theme): repaint backdrop-filter layers on tab-visible (Safari blank windows)
fix(theme): purple/indigo flash on load -> match active theme
feat(projects): export_storybook tool -> illustrated children's-book PDF
…ipts
Every catalog manifest with install.method: script was audited against the
two installer resolution paths (services via ScriptInstaller at the repo
root; agents via the deployer at the manifest dir). 11 entries named an
install script that existed nowhere, so the store offered a broken install
for each.
Wrote real, researched, idempotent install scripts (each based on the
project's official upstream instructions, set -euo pipefail, detect-installed
exit 0, pinned versions/SHA256 for downloads) for 10:
services: stable-diffusion-cpp, tailscale, wan2gp, lcm-dreamshaper-rknn,
musicgpt, dify, ltx-video
agents: moltis, agent-zero, picoclaw
Also:
- audit-manifests.py: new convention-aware guard that fails when a manifest
names an install.script that does not resolve on disk (mirrors both
installer paths; accepts install.package / install.command alternatives).
- moltis manifest: corrected homepage (moltis-ai/moltis 404 -> moltis-org/moltis)
and license (Apache-2.0 -> MIT) to match the real upstream.
- ltx-video: remapped service port 7861 -> 7862 to clear a collision with
stable-diffusion-cpp.
- removed rk3588-sd-gpu: upstream is a one-shot research CLI with no
installable service (no server, TVM-from-unpinned-master, no port), so it
has no honest install path. Removed the manifest + catalog index entry
rather than ship a fabricated installer.
Pre-existing, out of scope: the ltx-video MODEL manifest still reports
context_window=0 (unrelated to install scripts).
Correct stale CURRENT STATE: #902 (fastapi <0.137 cap), #891 (Safari), #899 (theming), #895 (storybook) are MERGED to dev (tip f57edde), not in flight. master unchanged + gated on Jay. Record #904 (catalog install scripts), the 3060 freed for taOSmd, the resume pair for the 20:40Z window, and tasks #35/#40.
…mmon ports Per the port-hygiene rule (issue #695 / port_allocator.py): apps must not bind well-known/core/common host ports. The new host-binding services defaulted to common ports (7860/7861/7864/8882, and dify on 3000 which is in RESERVED_PORTS). Remapped each script default + manifest port to its deterministic slot in the managed 30000-40000 pool (matching allocate_host_port's per-id hash), still overridable via TAOS_<id>_PORT: stable-diffusion-cpp 7861 -> 30450 wan2gp 7860 -> 33109 lcm-dreamshaper-rknn 7864 -> 32275 musicgpt 8882 -> 30264 dify 3000 -> 35444 ltx-video 7862 -> 36909 moltis (MOLTIS_PORT) 3000 -> 32213 Docker/LXC apps already get a high-pool host port from allocate_host_port (their manifest port is container-internal), so only the host-binding script/agent defaults needed remapping here.
- ltx-video: pipeline config matched the 13B preset while the installer fetches the 2B distilled checkpoint; point it at ltxv-2b-0.9.8-distilled.yaml so config and weights agree. - lcm-dreamshaper, wan2gp: default ref was a moving branch (master/main) despite 'pinned' framing; default to the current upstream commit SHA for genuine reproducibility (still TAOS_LCM_COMMIT / TAOS_WAN2GP_REF overridable). - tailscale: the bundled SHA256 of the frequently-rotated install.sh is now advisory (warn + proceed over HTTPS) instead of a hard-fail; set TAOS_TAILSCALE_INSTALL_SHA256 to enforce a strict pin.
pip/script services run on the host, so their declared port is the effective bind. Per the port-hygiene rule (issue #695 / port_allocator.py) these must live in the managed high pool (>= 30000), never on a reserved/common port. - Remapped 10 standalone media-gen/TTS store apps off common ports into their deterministic high-pool slots (matching allocate_host_port): chatterbox-tts 8881->30145, cogvideox 7860->30412, fastsdcpu 7860->37120, hunyuanvideo 7860->39378, kokoro-tts-server 8880->36195, mochi-1 7860->37536, piper 10200->36534, sd-webui 7860->35685, wan-2-1 7860->36576, whisper-cpp 8080->36823. - audit-manifests.py: new port-hygiene guard that fails when a pip/script service declares a reserved or sub-pool host port, with an ALLOWLIST for LLM/inference/NPU backends taOS connects to by a hardcoded localhost URL (ollama 11434 is referenced in 10 places across resource_manager / job_worker / cluster probe; also rkllama, rk-llama-cpp, vllm, llama-cpp, mlc-llm, openllm, ezrknpu). Those need a coordinated code+config change to move, tracked separately, and are not store apps grabbing a core port. Stacked on #904 (catalog install scripts), which already remapped the 6 script services it added + removed rk3588-sd-gpu.
fix(catalog): real install scripts for entries that had none
- Sync install-script comments/logs to the remapped high-pool ports (header/docstring lines still cited the old 7860/7861/7864/8882/3000 defaults after the functional remap); ltx-video collision note rewritten since ltx-video (36909) and sd-cpp (30450) no longer share a port. - audit-manifests.py: port-hygiene guard now flags ports above the pool too (p >= _POOL_END), not just below _POOL_START, so the check covers the full [30000, 40000) window it claims. - install-tailscale.sh: header + residual-risk comments now describe the advisory SHA behaviour (warn + proceed over HTTPS, strict only when TAOS_TAILSCALE_INSTALL_SHA256 is set) instead of the old hard-fail claim.
Security review flagged the advisory-by-default SHA check as a supply-chain integrity downgrade (fail-open). Make it fail-closed: a mismatch aborts. To handle upstream rotating install.sh, an operator updates the pinned hash (preferred) or sets TAOS_TAILSCALE_ALLOW_UNPINNED=1 to override one run. This keeps the secure default while leaving a documented escape hatch, which also resolves gitar's rotation concern.
fix(catalog): port hygiene for host-binding services + audit guard
build(deps): reproducible Python deps via committed lockfile
…rface backend, harden saves
…tier works on install The IOPaint and FLUX.1-Fill service manifests had no lifecycle block, so auto_register_from_manifest derived an empty backend_type and added no backends entry on install. With no registered backend the catalog reported no image-editing capability and /api/images/edit, /remove-bg and /upscale returned 503 on every install. IOPaint also declared type: iopaint, which the flat-format path read as the backend type but with no default_url. Switch it to type: service (the catalog path) and carry the backend type via lifecycle.backend_type, with a local default_url on the deterministic high-pool port. Add the same lifecycle block to flux-fill (still GPU/CUDA gated by its hardware_tiers). Also populate context_window on the ltx-video model manifest (128, the T5 prompt limit from the diffusers LTX pipeline), the lone audit-manifests.py failure.
… exit-to-taOS (phase 1)
…mage-magic responses
fix(catalog): auto-register iopaint + flux-fill edit backends
fix(flux-fill): loopback bind by default
fix(test): safety-regression test failure
fix(images-edit): reliability hardening
feat(game-studio): Game Studio app shell (phase 1)
…s research + new tasks
… (39 apps) - Add Game Studio (offline-AI game maker, three.js + react-three-fiber) - Expand Images to Image Studio (Create / Library / Edit, tier-aware backends) - New Creative Studios feature section - Add taOS Agent + Browser (Streamed) to bundled apps; DeepSeek to Providers - Bump bundled-app count 36 to 39 across the doc
* feat(store): popularity backend from GitHub stars, telemetry-ready (#13) * fix(store): non-blocking rate-limit-aware popularity fetch, strict repo parse * fix(store): atomic cache persist (temp file + replace) Prevents popularity-cache corruption if the process crashes mid-write. Writes to a sibling .tmp then atomically replaces the target.
Qodo reviews are paused for this user.Troubleshooting steps vary by plan Learn more → On a Teams plan? Using GitHub Enterprise Server, GitLab Self-Managed, or Bitbucket Data Center? |
|
👋 Thanks for the PR! This one targets See CONTRIBUTING.md for the branch model. |
|
Warning Review limit reached
More reviews will be available in 1 minute and 31 seconds. Learn how PR review limits work. Your organization has used up its prepaid credits, and credit purchases are no longer available. Enable the review add-on in the billing tab to keep reviews running — you're only billed for reviews past your plan's rate limits ($0.25/file). ⌛ How to resolve this issue?After more reviews become available, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available. Please see our Fair Usage Limits Policy for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Plus Run ID: ⛔ Files ignored due to path filters (2)
📒 Files selected for processing (124)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
jaylfc
added a commit
that referenced
this pull request
Jun 15, 2026
jaylfc
added a commit
that referenced
this pull request
Jun 16, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Release dev to master. 124 commits since the last master release (#889).
Highlights
Verification