Conversation
- Add scrubForAnalytics utility to redact sensitive fields/patterns before PostHog capture (emails, phones, keys, addresses). - Replace silently-swallowed tool-call-log write errors with structured console.warn JSON for debuggability. - Mark /api/payclaw/status as deprecated with HTTP headers and log. Co-authored-by: Cursor <cursoragent@cursor.com>
- Replace markdown rendering in user messages with plain-text whitespace-pre-wrap, removing custom component overrides in both message-user and chat-preview-panel. - Enhance ModelSelectorHeader to read the current chat's persisted model and write model changes back to the chat record. - Add Payclaw architecture hardening plan (#47). - Add ChatGPT nav list widget analysis research. Co-authored-by: Cursor <cursoragent@cursor.com>
Restructure sidebar header for consistent home link placement, close sidebar on chat navigation, swap to hamburger menu icon, add share option to chat actions menu on mobile, and smooth sheet animations. Co-authored-by: Cursor <cursoragent@cursor.com>
…toolbar reveal - Read IndexedDB cache directly in cacheAndAddMessage instead of stale closure state, preventing the second sequential call from dropping the first's write - Defer edited user message persistence to onFinish to avoid provider state mutations during the sendMessage/setMessages React batch - Ensure createdAt on cached messages for correct sort order - Auto-play mask-reveal animation on fresh stream completion; keep hover-trigger for historical messages - Include Convex auth loading in ChatsProvider isLoading - Add dual-message-state and stale-closure-persistence agent skills Co-authored-by: Cursor <cursoragent@cursor.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Greptile SummaryThis PR fixes a critical stale closure data loss bug in edit persistence, adds PII scrubbing to analytics, improves mobile UX, and polishes the assistant toolbar animation. Key changes:
Confidence Score: 5/5
Important Files Changed
Sequence DiagramsequenceDiagram
participant User
participant EditUI as Edit UI
participant ChatCore as use-chat-core
participant Provider as MessagesProvider
participant IDB as IndexedDB
participant Convex
User->>EditUI: Edit message
EditUI->>ChatCore: setPendingEditUserMessage(editedMsg)
Note over ChatCore: Store in pendingEditUserMsgRef
EditUI->>ChatCore: sendMessage()
ChatCore->>Provider: Stream starts
Provider-->>User: Display streaming response
Note over ChatCore: onFinish triggered
ChatCore->>Provider: cacheAndAddMessage(pendingEdit)
Provider->>IDB: Read current cache
IDB-->>Provider: Return existing messages
Provider->>IDB: Write [existing + editedUser]
Provider->>Convex: Persist editedUser
ChatCore->>Provider: cacheAndAddMessage(assistantMsg)
Provider->>IDB: Read current cache (includes editedUser)
IDB-->>Provider: Return messages with editedUser
Provider->>IDB: Write [existing + assistant]
Provider->>Convex: Persist assistant
Last reviewed commit: 6b6aa99 |
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
There was a problem hiding this comment.
3 issues found across 26 files
Prompt for AI agents (all issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="app/components/layout/share-publish-drawer.tsx">
<violation number="1" location="app/components/layout/share-publish-drawer.tsx:40">
P2: URL-encode the tweet text before interpolating it into the intent URL; unencoded spaces/punctuation can produce an invalid query string.</violation>
</file>
<file name="app/components/chat/use-chat-core.ts">
<violation number="1" location="app/components/chat/use-chat-core.ts:186">
P2: Pending edited user messages are only persisted on successful stream completion. If the stream aborts/errors, the early return skips this block, so edited user messages can be dropped from persistence. Consider persisting (or at least clearing) pending edits before the early return on error/abort.</violation>
</file>
<file name="app/components/layout/chat-actions-menu.tsx">
<violation number="1" location="app/components/layout/chat-actions-menu.tsx:68">
P1: Share action targets the active session chatId instead of the menu’s chat prop, so sharing from a chat list will publish the wrong chat. Use the `chat.id` prop for mutations and drawer rendering.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
Remove outdated archive, plans, and research files from .agents/. Simplify and consolidate .cursor/rules; drop 070-documentation and 090-icon-sizing. Co-authored-by: Cursor <cursoragent@cursor.com>
Use a derived flag from current message props to drive the post-stream action reveal, avoiding ref reads/writes during render and satisfying react-hooks/refs lint rules. Made-with: Cursor
Persist pending edited user messages even when streams abort or error, and tighten share behavior by using stable chat IDs and URL-encoding X share text to avoid malformed links. Made-with: Cursor
There was a problem hiding this comment.
2 issues found across 3 files (changes from recent commits).
Prompt for AI agents (unresolved issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="app/components/layout/share-publish-drawer.tsx">
<violation number="1">
P2: Opening an external URL with `_blank` should include `noopener,noreferrer` to prevent reverse-tabnabbing via `window.opener`.</violation>
</file>
<file name="app/components/chat/use-chat-core.ts">
<violation number="1">
P2: The new early return on abort/error skips message ID reconciliation after persisting a pending edited message, which can leave duplicate local/server copies of that message.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
| @@ -0,0 +1,98 @@ | |||
| "use client" | |||
There was a problem hiding this comment.
P2: Opening an external URL with _blank should include noopener,noreferrer to prevent reverse-tabnabbing via window.opener.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At app/components/layout/share-publish-drawer.tsx, line 41:
<comment>Opening an external URL with `_blank` should include `noopener,noreferrer` to prevent reverse-tabnabbing via `window.opener`.</comment>
<file context>
@@ -37,7 +37,8 @@ export function SharePublishDrawer({
const text = `Check out this conversation I shared with Not A Wrapper! ${publicLink}`
- window.open(`https://x.com/intent/tweet?text=${text}`, "_blank")
+ const encodedText = encodeURIComponent(text)
+ window.open(`https://x.com/intent/tweet?text=${encodedText}`, "_blank")
}
</file context>
Suggested change
| "use client" | |
| window.open(`https://x.com/intent/tweet?text=${encodedText}`, "_blank", "noopener,noreferrer") |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
cacheAndAddMessagenow reads the current IndexedDB cache directly instead of relying on stale closure-captured React state, preventing sequential calls from silently dropping messages. Edited user messages are deferred toonFinishto avoid mutating provider state mid-batch.mask-revealkeyframe; historical messages keep the hover-triggered reveal.Test plan
Made with Cursor
Summary by cubic
Strengthens chat edit persistence (even on aborted/error streams) and stabilizes mobile share publishing. Also improves mobile UX, scrubs PII from analytics, polishes the assistant toolbar, persists the selected model per chat, and simplifies user message rendering.
New Features
Bug Fixes
Written for commit 32dbb2b. Summary will update on new commits.
Note
Low Risk
Deletes only
.agents/archive/*markdown reference documents; no runtime code or configuration changes, so risk is limited to losing historical internal documentation.Overview
Removes several large, outdated
.agents/archive/*markdown documents (AI SDK upgrade research, self-hosting descope plan, icon migration plans/mappings, installation plan, and model registry update notes) to reduce repository noise and prevent stale internal guidance from being referenced.Written by Cursor Bugbot for commit 32dbb2b. This will update automatically on new commits. Configure here.