fix(ui): improve account settings feedback#27
Conversation
Persist GitHub OAuth tokens for signed-in accounts and add a user installation sync endpoint for already-installed GitHub Apps. Update account, repository, and jobs empty states to use the sync flow and refresh OAuth when older sessions lack a stored token.
Show loading feedback while syncing GitHub App installations and align account settings cards with the catalog views. Keep saved Sandbox regions visible without reusing inherited URLs when switching an organization to custom credentials.
This comment was marked as resolved.
This comment was marked as resolved.
There was a problem hiding this comment.
I found one UI state regression and left it inline.
Verification: go test ./internal/github and go test ./internal/state passed. go test ./internal/github ./internal/server ./internal/state could not run internal/server because internal/server/ui_assets_production.go expects generated files under internal/server/ui/.
This comment was marked as resolved.
This comment was marked as resolved.
There was a problem hiding this comment.
Code Review
This pull request introduces the ability to sync existing GitHub App installations using a saved GitHub OAuth token, adding backend sync endpoints, secure token storage, and corresponding UI components. It also adds support for a redirect parameter (return_to) during OAuth login. The review feedback highlights several important issues: a potential Open Redirect vulnerability in the URL sanitization logic, a UX issue that locks users out of entering custom Sandbox endpoints, a lack of reconciliation to delete stale local installations during sync, and brittle frontend error handling that relies on matching exact backend error strings.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
Harden OAuth return redirects, reconcile stale GitHub App installations during sync, and expose structured reauth errors to the UI. Gate sync affordances on configured GitHub App state and keep custom Sandbox endpoints editable without restoring them to the region list.
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
Review CompleteNo issues found in this review. I inspected the changed backend GitHub installation sync/auth paths, state-store usage, account settings UI changes, and sandbox catalog layout changes, then submitted a non-blocking PR review. Verified:
Not run successfully in this environment:
|
There was a problem hiding this comment.
Code Review
This pull request introduces the ability to sync existing GitHub App installations directly from the user dashboard. It implements a new backend endpoint /user/github-app/installations/sync that retrieves installations using the user's securely stored and encrypted GitHub OAuth token. Additionally, it adds support for a return_to parameter during GitHub OAuth login to redirect users back to their original page after authentication, complete with open-redirect sanitization. The UI is updated with a 'Sync existing installations' button and corresponding state management to handle the sync process and trigger re-authentication if the OAuth token is missing or expired. There are no review comments, so I have no feedback to provide.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
There was a problem hiding this comment.
No issues found in this review.
Verified: go test ./... -tags development and git diff --check origin/main...HEAD.
Note: production-tag go test ./internal/server requires generated embedded UI assets in internal/server/ui/, and frontend npm run lint / npm run build could not run in this checkout because the UI dependency executables are unavailable/permission-blocked in the local environment.
Summary
Validation