Skip to content

fix: prevent white screen when log_creds.txt is missing fields#17

Merged
alaa-alsalehi merged 3 commits into
ruknsoftware:masterfrom
hamzaabadah:fix/macos-prod-build-white-screen
May 5, 2026
Merged

fix: prevent white screen when log_creds.txt is missing fields#17
alaa-alsalehi merged 3 commits into
ruknsoftware:masterfrom
hamzaabadah:fix/macos-prod-build-white-screen

Conversation

@hamzaabadah

@hamzaabadah hamzaabadah commented May 4, 2026

Copy link
Copy Markdown

https://tasko.rukn.sh/tasko/task/TASK-2026-00479

Summary by CodeRabbit

Release Notes v0.48.0

  • Bug Fixes

    • Resolved white screen issue on macOS after build
    • Fixed .zip file opening failures on macOS
    • Improved credential validation to prevent telemetry-related startup failures
  • Chores

    • Version bumped to 0.48.0

When log_creds.txt was empty or shorter than 4 non-empty lines, the
destructure left apiKey/apiSecret/errorLogUrl/telemetryUrl as
undefined. The original code then wrapped them in encodeURI(...),
which turned telemetryUrl into the literal string "undefined".

Because "undefined" is truthy, the hasCreds guard in
TelemetryManager did not skip telemetry, and at first render
navigator.sendBeacon("undefined", ...) was called. Chromium throws
synchronously since the URL is not HTTP/S; the unhandled rejection
during boot aborted Vue mount and the window stayed blank.

Return the empty Creds object when any required field is missing so
the downstream hasCreds checks correctly skip both telemetry and
error-log reporting.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@coderabbitai

coderabbitai Bot commented May 4, 2026

Copy link
Copy Markdown

Warning

Rate limit exceeded

@hamzaabadah has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 59 minutes and 19 seconds before requesting another review.

To keep reviews running without waiting, you can enable usage-based add-on for your organization. This allows additional reviews beyond the hourly cap. Account admins can enable it under billing.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: a97be813-da42-4a01-a830-a8e20f28c82b

📥 Commits

Reviewing files that changed from the base of the PR and between 50bfbbe and a35759b.

📒 Files selected for processing (1)
  • package.json
📝 Walkthrough

Walkthrough

The PR fixes macOS build failures by switching from a custom app:// buffer-based protocol to native file protocol, validating credentials before telemetry use, updating the Vite build base path to ./, and documenting the issues and verification steps.

Changes

macOS Build Failure Fixes

Layer / File(s) Summary
Protocol & Scheme Privileges
main.ts
app scheme privileges expanded to include supportFetchAPI and stream; registerAppProtocol switches from registerBufferProtocol to registerFileProtocol('app', ...), mapping URLs to filesystem paths; duplicate registration guarded by appProtocolRegistered flag.
Build Configuration
build/scripts/build.mjs
Vite renderer base changed from app://-style path to ./; removeBaseLeadingSlash post-processor helper removed as no longer needed.
Credential Validation
main/contactMothership.ts
getUrlAndTokenString() now validates apiKey, apiSecret, errorLogUrl, and telemetryUrl presence; returns empty Creds early if any are missing, preventing undefined values from propagating to telemetry URLs.
Documentation & Release
MACOS_BUILD_FIX.md, package.json
Comprehensive guide added documenting white-screen root cause (missing credentials), .zip signing/quarantine issue, fixes, rebuild commands, debug recipe, and verification checklist; version bumped to 0.48.0.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 25.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (4 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The PR title accurately summarizes the main critical fix—preventing a white screen by handling missing log_creds.txt fields—which directly addresses the root cause documented in the PR description and changes.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (3)
main/contactMothership.ts (1)

53-64: 💤 Low value

Consider guarding against empty errorLogUrl before calling fetch.

When credentials are missing, errorLogUrl will be an empty string. fetch('') attempts a relative request that will fail. While the error is caught, adding an early return would avoid the unnecessary network call.

♻️ Proposed fix
 export async function sendError(body: string, main: Main) {
   const { errorLogUrl, tokenString } = getUrlAndTokenString();
+  if (!errorLogUrl) {
+    return;
+  }
   const headers = {
     Authorization: tokenString,
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In `@main/contactMothership.ts` around lines 53 - 64, The sendError function calls
fetch even when getUrlAndTokenString() returns an empty errorLogUrl, causing a
pointless relative request; update sendError to check the errorLogUrl returned
by getUrlAndTokenString() and return early (optionally log via rendererLog(main,
...) if you want visibility) when errorLogUrl is falsy/empty so fetch is only
invoked with a valid URL; keep the existing catch to handle real network errors.
MACOS_BUILD_FIX.md (1)

36-40: 💤 Low value

Minor: Add language specifier to fenced code blocks.

The static analysis tool flagged these blocks at lines 36 and 65 as missing language specifiers. Using text or console for error output would satisfy the linter.

📝 Proposed fix
-```
+```text
 TypeError: Failed to execute 'sendBeacon' on 'Navigator':
   Beacons are only supported over HTTP(S).

Similarly for line 65:
```diff
-```
+```text
 $ codesign -dv --verbose=4 "RUKN Books.app"
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In `@MACOS_BUILD_FIX.md` around lines 36 - 40, The fenced code blocks showing the
runtime error "TypeError: Failed to execute 'sendBeacon' on 'Navigator': Beacons
are only supported over HTTP(S)." and the shell line beginning with "$ codesign
-dv --verbose=4 \"RUKN Books.app\"" are missing language specifiers; update
those fenced blocks to include a language token such as "text" or "console"
(e.g., change ``` to ```text or ```console) so the linter/static analysis no
longer flags them and the output is rendered correctly.
main.ts (1)

155-165: 💤 Low value

Consider adding path traversal protection.

The decodeURI(url.pathname) could theoretically contain ../ sequences. While practical exploitation is limited since only the renderer can make app:// requests and contextIsolation is enabled, adding a guard would be a defense-in-depth measure.

🛡️ Proposed fix
   registerAppProtocol() {
     if (!this.appProtocolRegistered) {
       protocol.registerFileProtocol('app', (request, callback) => {
         const url = new URL(request.url);
-        const filePath = path.join(__dirname, 'src', decodeURI(url.pathname));
+        const srcDir = path.join(__dirname, 'src');
+        const filePath = path.join(srcDir, decodeURI(url.pathname));
+        // Ensure the resolved path is within srcDir
+        if (!filePath.startsWith(srcDir + path.sep) && filePath !== srcDir) {
+          callback({ error: -6 }); // NET::ERR_FILE_NOT_FOUND
+          return;
+        }
         callback({ path: filePath });
       });
       this.appProtocolRegistered = true;
     }
     this.winURL = 'app://./index.html';
   }
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In `@main.ts` around lines 155 - 165, The registerAppProtocol handler currently
uses decodeURI(url.pathname) directly which allows path traversal like "../"; in
registerAppProtocol (inside the protocol.registerFileProtocol callback) sanitize
the requested path by resolving it against the app content root (e.g.,
path.resolve(__dirname, 'src', decodeURI(url.pathname))) then verify the
resolved path startsWith the allowed root (path.resolve(__dirname, 'src')); if
the check fails, return an error or a safe fallback (e.g., serve index.html or
callback with an error), otherwise callback with the resolved path; update the
variables referenced (decodeURI(url.pathname), filePath, callback) accordingly.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@MACOS_BUILD_FIX.md`:
- Around line 36-40: The fenced code blocks showing the runtime error
"TypeError: Failed to execute 'sendBeacon' on 'Navigator': Beacons are only
supported over HTTP(S)." and the shell line beginning with "$ codesign -dv
--verbose=4 \"RUKN Books.app\"" are missing language specifiers; update those
fenced blocks to include a language token such as "text" or "console" (e.g.,
change ``` to ```text or ```console) so the linter/static analysis no longer
flags them and the output is rendered correctly.

In `@main.ts`:
- Around line 155-165: The registerAppProtocol handler currently uses
decodeURI(url.pathname) directly which allows path traversal like "../"; in
registerAppProtocol (inside the protocol.registerFileProtocol callback) sanitize
the requested path by resolving it against the app content root (e.g.,
path.resolve(__dirname, 'src', decodeURI(url.pathname))) then verify the
resolved path startsWith the allowed root (path.resolve(__dirname, 'src')); if
the check fails, return an error or a safe fallback (e.g., serve index.html or
callback with an error), otherwise callback with the resolved path; update the
variables referenced (decodeURI(url.pathname), filePath, callback) accordingly.

In `@main/contactMothership.ts`:
- Around line 53-64: The sendError function calls fetch even when
getUrlAndTokenString() returns an empty errorLogUrl, causing a pointless
relative request; update sendError to check the errorLogUrl returned by
getUrlAndTokenString() and return early (optionally log via rendererLog(main,
...) if you want visibility) when errorLogUrl is falsy/empty so fetch is only
invoked with a valid URL; keep the existing catch to handle real network errors.

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: d80dcead-1470-41b4-8d0e-5527ebde18a9

📥 Commits

Reviewing files that changed from the base of the PR and between 08a6e3b and 50bfbbe.

📒 Files selected for processing (5)
  • MACOS_BUILD_FIX.md
  • build/scripts/build.mjs
  • main.ts
  • main/contactMothership.ts
  • package.json

@hamzaabadah hamzaabadah force-pushed the fix/macos-prod-build-white-screen branch from 50bfbbe to ba3b22b Compare May 5, 2026 14:20
@alaa-alsalehi alaa-alsalehi merged commit 1e2f4e6 into ruknsoftware:master May 5, 2026
1 of 5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants