fix(onboard): detect Windows-host Ollama via process probe

[laitingsheng]

Summary

On WSL2, hasWindowsOllama was determined solely by running powershell.exe Get-Command ollama.exe, which only returns a path when ollama.exe is on the calling user's PATH. Service-style installs (and any installer that does not update the user PATH) leave the binary undiscoverable by Get-Command even while the Windows-host Ollama daemon is running on 127.0.0.1:11434.

In that state, the inference menu offered "Install Ollama on Windows host (recommended)" instead of the "Restart Ollama on Windows host with 0.0.0.0 binding" variant that the bug report and the WSL2 Ollama test expect.

Fall back to a Get-Process ollama probe when Get-Command returns empty: a live ollama process is sufficient proof of installation. The existing winOllamaLoopbackOnly block already uses Get-Process for the PID and Get-NetTCPConnection for the listen address, so once hasWindowsOllama is true the loopback-only menu variant fires correctly.

Related Issue

Fixes #3949

Changes

• src/lib/onboard.ts:6090: when Get-Command ollama.exe returns empty, fall back to Get-Process ollama and treat a live PID as proof of installation. Bracketed by if (isWsl()) as before.
• test/onboard-selection.test.ts: new regression test "detects Windows-host Ollama via running process when not on the user PATH ([NemoClaw][Inference][WSL2][Ollama] Inference menu never shows "Restart Ollama on Windows host with 0.0.0.0 binding" variant under documented preconditions #3949)" — sets up the bug's exact probe state (Get-Command empty, Get-Process returns a PID, NetTCPConnection on 127.0.0.1, host.docker.internal unreachable) and asserts NEMOCLAW_PROVIDER=start-windows-ollama is satisfied and setupWindowsOllamaWith0000Binding is invoked exactly once.

Type of Change

• Code change (feature, bug fix, or refactor)
• Code change with doc updates
• Doc only (prose changes, no code sample modifications)
• Doc only (includes code sample changes)

Verification

• npx prek run --all-files passes
• npm test passes
• Tests added or updated for new or changed behavior
• No secrets, API keys, or credentials committed
• Docs updated for user-facing behavior changes
• make docs builds without warnings (doc changes only)
• Doc pages follow the style guide (doc changes only)
• New doc pages include SPDX header and frontmatter (new pages only)

---

Signed-off-by: Tinson Lai tinsonl@nvidia.com

Summary by CodeRabbit

• Bug Fixes

  • Improved Windows onboarding: detects Ollama on the host even when not on PATH (falls back to a running process) and uses the discovered executable path to drive start/restart behavior.
  • UI now offers "Start Windows Ollama" and correctly distinguishes loopback-only restarts versus fresh starts.

• Tests

  • Added tests covering the detection fallback and the Windows start flow, including cases that recover the executable path.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 9d5d912b-8b48-4446-ab82-2b2b0733a649

📥 Commits

Reviewing files that changed from the base of the PR and between 41752fe and ce94a4c.

📒 Files selected for processing (2)

• src/lib/onboard/windows-host-ollama.ts
• test/onboard-selection.test.ts

---

📝 Walkthrough

Walkthrough

Replaces inline WSL PowerShell probing with a new detectWindowsHostOllama() that checks PATH then falls back to a running ollama process and loopback binding; onboarding consumes its { installed, installedPath, loopbackOnly } result and tests cover both PATH and process-based detection.

Changes

Windows Ollama Fallback Detection

Layer / File(s)	Summary
Detection module and types src/lib/onboard/windows-host-ollama.ts	Adds WindowsHostOllamaState and detectWindowsHostOllama() which probes Get-Command, falls back to Get-Process for Path, checks known install locations, and parses Get-NetTCPConnection on port 11434 to compute loopbackOnly.
Onboard integration and wiring src/lib/onboard.ts	Imports detectWindowsHostOllama, replaces previous inline PowerShell checks in setupNim, and passes the detected installedPath into setupWindowsOllamaWith0000Binding.
Tests: strengthen existing + new process-fallback test test/onboard-selection.test.ts	Tightens prior assertion to include recovered installedPath and adds a new test that mocks Get-Command failure and Get-Process success, verifying setupNim selects ollama-local and calls setupWindowsOllamaWith0000Binding with announceStop: true and the recovered installedPath.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• NVIDIA/NemoClaw#3824: touches related Windows-host Ollama onboarding/provider resolution changes and may overlap provider routing logic.

Suggested labels

Provider: Ollama, Platform: Windows/WSL, bug

Suggested reviewers

• ericksoa
• prekshivyas
• jyaunches

Poem

🐇 I sniff the PATH at break of dawn,
If ollama hides, I chase the process on,
From WSL burrow I call PowerShell's name,
Found the exe, and loopback's claim,
Hooray — onboarding wakes without needless install!

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: detecting Windows-host Ollama via process probe instead of relying solely on PATH-based detection.
Linked Issues check	✅ Passed	The PR implements all coding objectives from #3949: process-based detection fallback when PATH fails, proper loopback-only state computation, offering rebinding variant instead of install, and regression test coverage.
Out of Scope Changes check	✅ Passed	All changes directly support detecting Windows-host Ollama via process probe and rebinding flow; no unrelated modifications detected.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/wsl2-windows-ollama-detection-3949

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 ESLint

If the error stems from missing dependencies, add them to the package.json file. For unrecoverable errors (e.g., due to private dependencies), disable the tool in the CodeRabbit configuration.

ESLint skipped: no ESLint configuration detected in root package.json. To enable, add eslint to devDependencies.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

E2E Advisor Recommendation

Required E2E: wsl-e2e
Optional E2E: gpu-e2e, gpu-repo-local-ollama-openclaw, ollama-proxy-e2e

Workflow run

Full advisor summary

E2E Recommendation Advisor

Base: origin/main
Head: HEAD
Confidence: high

Required E2E

• wsl-e2e (high): This is the closest existing end-to-end coverage for WSL onboarding. The PR changes WSL-specific onboard behavior and PowerShell probing that runs before provider selection, so a real WSL install/onboard flow should validate that the refactor does not break onboarding on Windows runners.

Optional E2E

• gpu-e2e (high): Useful adjacent coverage for the local Ollama onboarding path and live local inference, although it runs on Linux GPU rather than WSL/Windows-host Ollama and does not exercise the new PowerShell detection logic directly.
• gpu-repo-local-ollama-openclaw (high): Scenario-runner coverage for the repo local-Ollama OpenClaw flow can provide additional confidence in provider selection and local Ollama inference behavior, but it is Linux GPU coverage rather than Windows-host Ollama.
• ollama-proxy-e2e (medium): Adjacent validation for real Ollama plus the auth proxy and container reachability. It does not cover Windows-host detection, but it can catch regressions in local Ollama assumptions around binding and proxy behavior.

New E2E recommendations

• wsl-windows-host-ollama (high): No existing E2E appears to exercise Windows-host Ollama from WSL, including Get-Command miss, Get-Process path recovery, known-install-path fallback, loopback-only detection, and restart with an explicit installedPath. The current WSL E2E uses cloud onboarding and the GPU Ollama E2Es run on Linux, so the core behavior changed by this PR is only covered by tests, not a real WSL/Windows integration flow.
  • Suggested test: Add a WSL Windows-host Ollama E2E scenario/job that installs or stubs Ollama on the Windows host, runs nemoclaw onboard inside WSL with NEMOCLAW_PROVIDER=start-windows-ollama, verifies the Windows-host option is selected, restarts/binds to 0.0.0.0 when needed, and completes a local Ollama model validation from the sandbox.

[github-actions]

PR Review Advisor

Recommendation: blocked
Confidence: high
Analyzed HEAD: ce94a4c7a3fcc31fd62bba4f95de3f4fdb8bad9c
Findings: 1 blocker(s), 3 warning(s), 0 suggestion(s)

This is an automated advisory review. A human maintainer must make the final merge decision.

Limitations: Review is based on trusted PR metadata, linked issue content, provided diff, and read-only repository inspection; no scripts, tests, package-manager commands, or network operations were executed by this advisor.; Issue #3949 has no issue comments in the provided context; acceptance coverage maps the issue body clauses only.; The E2E Advisor required wsl-e2e and it passed, but the advisor also identified a missing dedicated WSL Windows-host Ollama scenario that is not currently covered by existing E2E.; Interactive menu label rendering is inferred from setupNim state and label construction; the added tests exercise non-interactive provider selection rather than asserting the full literal menu output.; GitHub still reports mergeStateStatus=BLOCKED/reviewDecision=REVIEW_REQUIRED despite required CI passing; final merge readiness depends on clearing repository protection gates.

Workflow run

Full advisor summary

PR Review Advisor

Base: origin/main
Head: HEAD
Analyzed SHA: ce94a4c7a3fcc31fd62bba4f95de3f4fdb8bad9c
Recommendation: blocked
Confidence: high

The code change is focused and required WSL E2E passed for the head SHA, but the PR remains blocked by GitHub mergeStateStatus=BLOCKED/review requirements and should not be considered merge-ready until that gate clears.

Gate status

• CI: pass — 5 required status context(s) completed with no failures for ce94a4c: checks, commit-lint, dco-check, check-hash, changes. Non-required contexts still pending: 1; failed: 0.
• Mergeability: fail — GitHub GraphQL reports mergeStateStatus=BLOCKED for PR fix(onboard): detect Windows-host Ollama via process probe #3969 at head SHA ce94a4c; reviewDecision=REVIEW_REQUIRED.
• Review threads: pass — 1 review thread(s), all resolved. The CodeRabbit budget concern was addressed in commit 41752fe and current monolith delta is net-negative for src/lib/onboard.ts.
• Risky code tested: warning — Risky area detected: onboarding/host glue. Focused unit/regression tests were added and wsl-e2e passed, but the E2E Advisor notes no existing job exercises real Windows-host Ollama from WSL with Get-Command miss, Get-Process path recovery, known-install fallback, loopback-only detection, and explicit installedPath restart.

🔴 Blockers

• PR merge state is still blocked: The trusted GitHub metadata reports mergeStateStatus=BLOCKED and reviewDecision=REVIEW_REQUIRED for the current head SHA, even though required CI contexts have passed. This is a hard gate outside the diff itself.
  • Recommendation: Resolve branch protection, required review, and any remaining repository merge requirements until GitHub no longer reports BLOCKED for ce94a4c.
  • Evidence: GraphQL pullRequest: headRefOid=ce94a4c7a3fcc31fd62bba4f95de3f4fdb8bad9c, mergeStateStatus=BLOCKED, reviewDecision=REVIEW_REQUIRED.

🟡 Warnings

• Active overlapping onboarding work increases drift risk (src/lib/onboard.ts:6012): The patch applies to code that still exists and is narrowly scoped, but src/lib/onboard.ts and test/onboard-selection.test.ts are active hotspots with many open PRs touching the same files. Provider selection, step labels, non-interactive overrides, and onboard refactors could alter this behavior after rebases.
  • Recommendation: Before merge, re-check this branch after any rebase against overlapping onboard/provider-selection PRs and confirm the added tests plus wsl-e2e still pass for the final head SHA.
  • Evidence: Trusted overlap list includes PRs fix(onboard): honor navigation at credential prompts #3865, fix(onboard): make step 3 banner provider-agnostic #3966, fix(onboard): use generic inference step label #3982, fix: allow provider override in non-interactive installs #2083, feat(cli): add resource profiles to nemoclaw onboard and nemoclaw resources command #3348, fix(onboard): early-validate NEMOCLAW_POLICY_TIER before preflight (#3741) #3788, fix(onboard): reject host.docker.internal inference URLs #3804, refactor(cli): route onboard step boundaries through runtime #3864, refactor(cli): extract onboard preflight handler #3868, refactor(cli): extract onboard gateway handler #3870, refactor(cli): extract provider inference handlers #3871, refactor(cli): extract onboard sandbox handler #3872, refactor(cli): extract onboard agent setup handler #3873, refactor(cli): extract onboard policies handler #3874, refactor(cli): extract onboard finalization handler #3876, refactor(cli): route agent setup session writes through context #3879, refactor(cli): emit resume skip repair events #3882, refactor(cli): route final machine transitions #3883, fix(rebuild): reuse OpenShell gateway credential when host env is empty #3918, refactor(cli): reduce onboard shell implementation #3919, and chore: upgrade agent runtime dependencies #3925 touching src/lib/onboard.ts and/or test/onboard-selection.test.ts.
• Windows-host Ollama 0.0.0.0 rebinding remains security-sensitive (src/lib/onboard.ts:6960): The PR intentionally makes the existing Windows-host restart/rebind path reachable for service-style installs by recovering an explicit executable path and passing it to setupWindowsOllamaWith0000Binding. Binding Ollama to 0.0.0.0 can expose the daemon beyond loopback depending on host firewall and network configuration. The existing exposure warning is preserved, and this appears intended, but it remains a security-sensitive user-facing network change.
  • Recommendation: Keep the exposure warning visible in interactive flows, ensure maintainers consciously accept the network exposure tradeoff, and consider a follow-up real WSL Windows-host Ollama E2E that validates the warning/rebind path end-to-end.
  • Evidence: src/lib/onboard.ts passes installedPath into setupWindowsOllamaWith0000Binding for start/restart paths after printOllamaExposureWarning(); E2E Advisor flags a missing real WSL Windows-host Ollama scenario.
• Core Windows-host Ollama scenario is still only mocked (src/lib/onboard/windows-host-ollama.ts:72): The required wsl-e2e job passed for the current head SHA, but the E2E Advisor explicitly notes that existing WSL coverage does not exercise Windows-host Ollama detection from WSL, including Get-Command miss, Get-Process path recovery, known-install-path fallback, loopback-only detection, and restart with an explicit installedPath. The new unit tests mock PowerShell, curl, DNS/reachability, and the Windows setup helper.
  • Recommendation: Treat the current wsl-e2e pass as satisfying the required job gate, but add or schedule the E2E Advisor's suggested wsl-windows-host-ollama scenario for stronger coverage of the actual bug path.
  • Evidence: E2E Advisor required wsl-e2e and it passed; its 'New E2E recommendations' section says no existing E2E appears to exercise Windows-host Ollama from WSL. test/onboard-selection.test.ts stubs platform.isWsl, runner.runCapture, and setupWindowsOllamaWith0000Binding.

🔵 Suggestions

• None.

Acceptance coverage

• met — When running nemoclaw onboard inside WSL2 with Ollama running on the Windows host at 127.0.0.1:11434 and unreachable from WSL, the inference menu never shows the expected "Restart Ollama on Windows host with 0.0.0.0 binding" variant.: src/lib/onboard/windows-host-ollama.ts adds detectWindowsHostOllama(), which falls back from Get-Command to Get-Process Path/Id and checks Get-NetTCPConnection for 127.0.0.1-only listeners. The new regression test mocks Get-Command empty, Get-Process Path/Id present, Get-NetTCPConnection=127.0.0.1, and host.docker.internal unreachable, then exercises NEMOCLAW_PROVIDER=start-windows-ollama.
• met — Instead it shows Local Ollama (WSL:11434) — running plus Install Ollama on Windows host (recommended), contradicting the WSL2 Ollama test's expectations.: The test 'detects Windows-host Ollama via running process when not on the user PATH ([NemoClaw][Inference][WSL2][Ollama] Inference menu never shows "Restart Ollama on Windows host with 0.0.0.0 binding" variant under documented preconditions #3949)' makes installOllamaOnWindowsHost throw if called and asserts setupWindowsOllamaWith0000Binding is invoked once with announceStop:true and the recovered installedPath.
• met — Component area: Install / Onboard / Inference.: The diff changes setupNim in src/lib/onboard.ts, adds src/lib/onboard/windows-host-ollama.ts, and updates test/onboard-selection.test.ts provider-selection coverage.
• unknown — Host OS: Windows 11: The added tests mock WSL and PowerShell outputs; the provided trusted context does not include a real Windows 11 runtime result for this exact Windows-host Ollama scenario.
• partial — WSL2 distro: Ubuntu 22.04 / 24.04: The required wsl-e2e job passed for ce94a4c, but the focused bug-path tests mock platform.isWsl rather than executing the Windows-host Ollama scenario on Ubuntu 22.04/24.04.
• unknown — CPU arch: x86_64: No trusted issue-environment runtime evidence confirms the reported x86_64 host for the new Windows-host Ollama process-probe path.
• unknown — GPU: NVIDIA GeForce RTX 5070: The code path is inference/onboarding host glue and the tests do not exercise the reported RTX 5070 GPU environment.
• unknown — Docker: Docker CE; WSL Ubuntu uses Docker Desktop engine: The tests mock curl/reachability and do not execute against Docker Desktop networking for this specific Windows-host Ollama condition.
• partial — nemoclaw (in WSL): v0.0.46: The source patch targets current HEAD rather than the released v0.0.46 environment. The mocked regression test covers the reported source-level behavior.
• unknown — openshell (in WSL): 0.0.39: No OpenShell runtime behavior is exercised by the added tests for this path.
• partial — Ollama: installed on Windows host, running as Windows service,
  bound to 127.0.0.1:11434 only (default Windows install): The regression test models this signature with Get-Command empty, Get-Process Path/Id present, and Get-NetTCPConnection returning 127.0.0.1. It does not verify a real Windows service.
• partial — 1. Confirm Ollama is running on Windows host, bound to loopback only. In Windows PowerShell:: src/lib/onboard/windows-host-ollama.ts probes Get-Process and Get-NetTCPConnection; the test mocks PID 7652 and a 127.0.0.1 listener.
• partial — 2. NemoClaw CLI installed inside WSL Ubuntu, not yet onboarded:: The tests launch built dist modules in a temporary HOME and non-interactive environment, approximating clean onboarding, but not a real installed CLI inside WSL Ubuntu.
• partial — 3. No prior NemoClaw onboarding in this WSL instance.: The tests use temporary HOME directories and reset the Ollama host cache, approximating a clean state.
• partial — 4. From WSL, host.docker.internal does not resolve by default:: The regression test returns empty output for api/tags before setup, representing host.docker.internal being unreachable. It does not prove real DNS resolution failure.
• partial — This satisfies the spirit of "curl host.docker.internal must fail" — WSL cannot access Windows Ollama (failure is DNS resolution, not ECONNREFUSED).: The mocked pre-setup api/tags probe fails, but the test does not distinguish DNS failure from ECONNREFUSED.
• partial — 5. Inside WSL Ubuntu, run:: The test invokes setupNim directly from a subprocess with platform.isWsl mocked; wsl-e2e passed but no trusted result shows a real nemoclaw onboard run against Windows-host Ollama.
• partial — 6. Observe the preflight and inference menu output at step [3/8] Configuring inference (NIM).: setupNim implements step 3 and is directly exercised, but the tests do not run the full CLI preflight/menu rendering flow.
• partial — Under documented WSL2 + Windows-Ollama-loopback conditions, the inference menu should:: The non-interactive tests verify provider availability and setup invocation under mocked conditions, but they do not assert the complete rendered interactive menu.
• partial — - Include a rebinding variant, e.g.:: The start-windows-ollama non-interactive provider is satisfiable and triggers setupWindowsOllamaWith0000Binding with announceStop:true; the literal visible label is inferred from src/lib/onboard.ts label construction rather than asserted in the new test.

Security review

• pass — 1. Secrets and Credentials: No hardcoded secrets, API keys, passwords, PEM files, credential JSON, or .env files were added. Tests use temporary HOME directories and mocked credential prompts.
• pass — 2. Input Validation and Data Sanitization: The new PowerShell invocations are static strings with no user-controlled interpolation. The path returned by PowerShell is passed as data to the existing Windows Ollama helper; no eval, unsafe deserialization, path traversal, SSRF validation bypass, or shell interpolation of untrusted PR/user input was found in the diff.
• pass — 3. Authentication and Authorization: No authentication or authorization boundary is modified. The change affects local onboarding detection and selection for Windows-host Ollama under WSL.
• pass — 4. Dependencies and Third-Party Libraries: No new dependencies, dependency versions, registries, installers, or package-manager configuration changes were introduced.
• pass — 5. Error Handling and Logging: The new probes use ignoreError:true and conservative empty/false fallback states. The detection code does not log recovered PIDs, executable paths, credentials, or sensitive values in normal operation.
• pass — 6. Cryptography and Data Protection: Not applicable — no cryptographic operations, encryption, hashing, signing, or data-protection mechanisms are changed.
• warning — 7. Configuration and Security Headers: The change makes the existing Windows-host 0.0.0.0 rebinding flow reachable for service-style installs. This is intended for the bug fix, but exposing Ollama on all interfaces is security-sensitive and should remain paired with clear exposure warnings and runtime validation. No HTTP headers or container image configuration changed.
• warning — 8. Security Testing: Focused mocked regression tests cover Get-Command miss, Get-Process Path/Id hit, known install path fallback, loopback-only listener state, and non-interactive provider satisfaction. Required wsl-e2e passed, but no real WSL Windows-host Ollama E2E currently exercises PowerShell/service visibility, host.docker.internal routing, or actual restart/rebind behavior.
• warning — 9. Holistic Security Posture: No direct sandbox escape, SSRF bypass, policy bypass, credential leakage, blueprint tampering, installer trust regression, or workflow trusted-code-boundary issue was found. The change is still runtime host glue that alters when a network-rebinding helper is offered, so human review and conscious acceptance of the network exposure tradeoff remain important.

Test / E2E status

• Test depth: e2e_required — Runtime/sandbox/infrastructure paths in src/lib/onboard.ts and src/lib/onboard/windows-host-ollama.ts require real execution coverage. The PR adds useful unit/regression tests and required wsl-e2e passed, but the core Windows-host Ollama service/path/rebind behavior is still mocked rather than exercised end-to-end.
• E2E Advisor: ok
• Required E2E jobs: wsl-e2e

✅ What looks good

• The patch targets code that still exists and is narrowly scoped to WSL Windows-host Ollama detection plus focused regression coverage.
• The previous inline probe was extracted into src/lib/onboard/windows-host-ollama.ts, resolving the CodeRabbit/onboard-entrypoint budget concern; src/lib/onboard.ts is net-negative in the trusted monolith delta.
• The helper uses static PowerShell commands and deliberately requires a recoverable executable path before marking Windows-host Ollama as installed/restartable, reducing the risk of stopping a daemon that cannot be relaunched.
• The regression tests model the reported service-style install condition where Get-Command misses but Get-Process can observe the running daemon and recover its executable path.
• The start/restart path now threads the recovered installedPath into setupWindowsOllamaWith0000Binding, avoiding reliance on the broken Windows PATH condition described in [NemoClaw][Inference][WSL2][Ollama] Inference menu never shows "Restart Ollama on Windows host with 0.0.0.0 binding" variant under documented preconditions #3949.
• Required wsl-e2e and required CI contexts passed for the current head SHA ce94a4c.

Review completeness

• Review is based on trusted PR metadata, linked issue content, provided diff, and read-only repository inspection; no scripts, tests, package-manager commands, or network operations were executed by this advisor.
• Issue [NemoClaw][Inference][WSL2][Ollama] Inference menu never shows "Restart Ollama on Windows host with 0.0.0.0 binding" variant under documented preconditions #3949 has no issue comments in the provided context; acceptance coverage maps the issue body clauses only.
• The E2E Advisor required wsl-e2e and it passed, but the advisor also identified a missing dedicated WSL Windows-host Ollama scenario that is not currently covered by existing E2E.
• Interactive menu label rendering is inferred from setupNim state and label construction; the added tests exercise non-interactive provider selection rather than asserting the full literal menu output.
• GitHub still reports mergeStateStatus=BLOCKED/reviewDecision=REVIEW_REQUIRED despite required CI passing; final merge readiness depends on clearing repository protection gates.
• Human maintainer review required: yes

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/lib/onboard.ts`:
- Around line 6100-6117: The new fallback probe that sets hasWindowsOllama using
runCapture and winOllamaPid should be extracted into a small helper function
(e.g., isWindowsOllamaRunning or probeWindowsOllama) placed under
src/lib/onboard/; replace the inline block in onboard.ts (the else branch that
calls runCapture and computes hasWindowsOllama) with a call to that helper so
onboard.ts has no net line growth. Ensure the helper exports a boolean-returning
function that performs the powershell Get-Process call (using runCapture) and is
imported/used by the existing code to assign hasWindowsOllama.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 7c204475-e79b-41fe-8af6-1af18325ca11

📥 Commits

Reviewing files that changed from the base of the PR and between cfa817b and a0f9870.

📒 Files selected for processing (2)

• src/lib/onboard.ts
• test/onboard-selection.test.ts

[github-actions]

Selective E2E Results — ⚠️ No requested jobs ran

Run: 26208178751
Target ref: 41752feb515ebe0a64562773568a22a019798c2d
Workflow ref: main
Requested jobs: gpu-e2e
Summary: 0 passed, 0 failed, 1 skipped

Job	Result
gpu-e2e	⏭️ skipped

[ericksoa]

Reviewed for v0.0.49 feature freeze: scoped WSL/Windows-host Ollama detection fix; topper covers unreadable process Path with a conservative known-install fallback; checks and WSL E2E green.