Skip to content

Vendor RatEye into monorepo and update name-scan marker#2

Open
DysektAI wants to merge 57 commits into
masterfrom
feat/vendor-rateye
Open

Vendor RatEye into monorepo and update name-scan marker#2
DysektAI wants to merge 57 commits into
masterfrom
feat/vendor-rateye

Conversation

@DysektAI

@DysektAI DysektAI commented Jul 11, 2026

Copy link
Copy Markdown
Member

User description

Summary

  • Vendor RatEye v4.0.1 sources into RatEye/ and switch RatScanner from the NuGet package to an in-repo ProjectReference, so scan/marker/OCR changes ship with the app in one PR.
  • Align RatEye package versions with the app (RatStash 6.0.0, System.Drawing.Common 8.0.7), disable NuGet packaging on the vendored project, and document the layout in RatEye/VENDOR.md and AGENTS.md.
  • Update the name-scan magnifier marker to the post-patch template (embedded in RatEye resources + RatScanner/Data/icon_search.png override) and set MarkerItemScale to 16/28.

Test plan

  • dotnet restore RatScanner.sln
  • dotnet build RatScanner.sln (Debug) — 0 errors
  • dotnet build RatScanner.sln -c Release — 0 errors
  • Confirm CI Build workflow passes on this PR
  • Smoke-run the app and verify name-scan / icon-scan still work with the new marker template

CodeAnt-AI Description

Ship RatEye with the app and update scan detection to the new marker

What Changed

  • The image-processing library now lives in the repository and is built with RatScanner, so scan and OCR updates ship together with the app
  • Name-scan uses the updated magnifier marker template and the new marker scale, which improves detection with the current in-game UI
  • Inventory and item scanning now include the current item backgrounds, highlighted inventory support, and rotated icon handling
  • App startup now uses the in-repo processing library instead of a separate package

Impact

✅ Fewer broken scans after UI changes
✅ More reliable name and item detection
✅ Cleaner marker matching on current inspection windows

💡 Usage Guide

Checking Your Pull Request

Every time you make a pull request, our system automatically looks through it. We check for security issues, mistakes in how you're setting up your infrastructure, and common code problems. We do this to make sure your changes are solid and won't cause any trouble later.

Talking to CodeAnt AI

Got a question or need a hand with something in your pull request? You can easily get in touch with CodeAnt AI right here. Just type the following in a comment on your pull request, and replace "Your question here" with whatever you want to ask:

@codeant-ai ask: Your question here

This lets you have a chat with CodeAnt AI about your pull request, making it easier to understand and improve your code.

Example

@codeant-ai ask: Can you suggest a safer alternative to storing this secret?

Preserve Org Learnings with CodeAnt

You can record team preferences so CodeAnt AI applies them in future reviews. Reply directly to the specific CodeAnt AI suggestion (in the same thread) and replace "Your feedback here" with your input:

@codeant-ai: Your feedback here

This helps CodeAnt AI learn and adapt to your team's coding style and standards.

Example

@codeant-ai: Do not flag unused imports.

Retrigger review

Ask CodeAnt AI to review the PR again, by typing:

@codeant-ai: review

Check Your Repository Health

To analyze the health of your code repository, visit our dashboard at https://app.codeant.ai. This tool helps you identify potential issues and areas for improvement in your codebase, ensuring your repository maintains high standards of code health.

DysektAI added 2 commits July 11, 2026 15:34
Bring RatEye v4.0.1 sources under RatEye/ and wire the app via
ProjectReference so scan/marker changes land with the app. Align
RatStash and System.Drawing.Common with the app major versions, disable
package publish on the vendored project, and document the layout.
Convert provided WebP (28x28) to PNG for System.Drawing, embed it in
RatEye resources, set MarkerItemScale to 16/28, and ship a Data copy.
@coderabbitai

coderabbitai Bot commented Jul 11, 2026

Copy link
Copy Markdown

Review Change Stack

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

  • @coderabbitai resume to resume automatic reviews.
  • @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

  • ▶️ Resume reviews
  • 🔍 Trigger review
📝 Walkthrough

Walkthrough

This PR rewrites RatScanner as "TarkovTracker Edition": removes the legacy RatScanner project, adds a restructured src/App (WPF+Blazor Hybrid) with new config, hotkeys, active-hotkey/settings-persistence infrastructure, display detection, TarkovDev/TarkovTracker integrations, presentation/view-model layers, and Blazor UI; vendors a src/ScanEngine (RatEye) library; adds CI, scripts, agent-context docs, and a new xUnit test suite.

Changes

RatScanner TarkovTracker Edition rewrite

Layer / File(s) Summary
Repository tooling, CI, and documentation
.editorconfig, .gitattributes, .github/*, AGENTS.md, CONTRIBUTING.md, README.md, FAQ.md, docs/agent-context/*, scripts/*, dev.bat, publish.bat, dotnet-tools.json
Adds formatting/lint config, CI workflow, dev/publish/setup scripts, doc-integrity checks, and comprehensive agent-context documentation for the fork.
Legacy RatScanner application
RatScanner/*
Shows the removal/reformatting of the old application project, superseded by the new src/App.
Vendored RatEye scan engine
src/ScanEngine/*
Adds the in-tree scan engine: config, icon manager, OCR/template-matching processing, and resources.
New App host, config, hotkeys, and integrations
src/App/*.cs (non-UI)
Implements App/Program startup, RatConfig, RatScannerMain, hotkey management, display detection, TarkovDev/TarkovTracker clients, presentation adapters, ItemExtensions/Exceptions, and the GitHub update service.
Settings persistence and hotkey infrastructure
src/App/ActiveHotkey.cs, src/App/HotkeyManager.cs, src/App/SettingsPersistenceService.cs, src/App/ViewModel/SettingsVM.cs, src/App/Components/HotkeySelector.razor
Adds ActiveHotkey/HotkeyManager for hotkey listening/dispatch, a serialized SettingsPersistenceService, and the SettingsVM draft/validation logic wired to Razor hotkey/settings controls.
App Blazor UI and localization
src/App/Pages/*, src/App/Shared/*, src/App/Components/*, src/App/wwwroot/*, src/App/i18n/*
Adds Blazor pages, shared layouts, reusable components, static assets, and translated locale catalogs.
Test suite
tests/RatScanner.Tests/*
Adds unit/integration tests for config migration, display detection, presentation services, RatEye processing, localization, and TarkovTracker reliability.

Estimated code review effort: 5 (Critical) | ~180+ minutes

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 7.00% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (4 passed)
Check name Status Explanation
Title check ✅ Passed The title matches the main change: vendoring RatEye into the monorepo and updating name-scan marker detection.
Description check ✅ Passed The description is clearly related to the changes and covers the vendored RatEye, marker update, and related build/test work.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch feat/vendor-rateye

Comment @coderabbitai help to get the list of available commands.

@codeant-ai codeant-ai Bot added the size:XXL This PR changes 1000+ lines, ignoring generated files label Jul 11, 2026
@socket-security

socket-security Bot commented Jul 11, 2026

Copy link
Copy Markdown

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
Obfuscated code: nuget runtime.debian.8-x64.runtime.native.system.security.cryptography.openssl is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: src/App/RatScanner.csprojnuget/ratstash@6.0.0nuget/runtime.debian.8-x64.runtime.native.system.security.cryptography.openssl@4.3.0

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore nuget/runtime.debian.8-x64.runtime.native.system.security.cryptography.openssl@4.3.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: nuget runtime.ubuntu.14.04-x64.runtime.native.system.security.cryptography.openssl is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: src/App/RatScanner.csprojnuget/ratstash@6.0.0nuget/runtime.ubuntu.14.04-x64.runtime.native.system.security.cryptography.openssl@4.3.0

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore nuget/runtime.ubuntu.14.04-x64.runtime.native.system.security.cryptography.openssl@4.3.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: nuget system.net.http is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: src/App/RatScanner.csprojnuget/ratstash@6.0.0nuget/system.net.http@4.3.0

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore nuget/system.net.http@4.3.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
High CVE: .NET Core Information Disclosure in nuget system.net.http

CVE: GHSA-7jgj-8wvc-jh57 .NET Core Information Disclosure (HIGH)

Affected versions: < 4.3.4

Patched version: 4.3.4

From: src/App/RatScanner.csprojnuget/ratstash@6.0.0nuget/system.net.http@4.3.0

ℹ Read more on: This package | This alert | What is a CVE?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore nuget/system.net.http@4.3.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: nuget system.reflection.emit.ilgeneration is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: src/ScanEngine/RatEye.csprojnuget/tesseract@5.2.0nuget/ratstash@6.0.0nuget/system.reflection.emit.ilgeneration@4.7.0

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore nuget/system.reflection.emit.ilgeneration@4.7.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

Comment thread RatEye/Config/Path.cs Outdated
Comment thread RatEye/Config/Processing/Inspection.cs Outdated
Comment thread RatEye/Processing/Icon.cs Outdated
Comment thread RatEye/Processing/Inventory.cs Outdated
Comment thread RatEye/Processing/Inventory.cs Outdated
Comment thread RatEye/Processing/MultiInspection.cs Outdated
Comment thread RatEye/Processing/MultiInspection.cs Outdated
Comment thread RatEye/Properties/Resources.resx Outdated
Comment thread RatEye/Config/Path.cs Outdated
Comment thread RatEye/Processing/Inspection.cs Outdated
Comment thread RatEye/Processing/Icon.cs Outdated
Comment thread RatEye/Processing/Icon.cs Outdated
Comment thread RatEye/IconManager.cs Outdated
Comment thread RatEye/IconManager.cs Outdated
@kilo-code-bot

This comment was marked as resolved.

Comment thread RatEye/Extensions.cs Outdated
Comment thread RatEye/Extensions.cs Outdated
Comment thread RatEye/Logger.cs Outdated
Comment thread RatEye/Processing/Inspection.cs Outdated
Comment thread RatEye/Processing/Inspection.cs Outdated
Comment thread RatEye/Processing/Inspection.cs Outdated
Comment thread .github/workflows/build.yml Fixed
Comment thread src/App/Scan/ItemQueue.cs
Comment thread RatScanner/TarkovDevAPI.cs Outdated
Comment thread RatScanner/TarkovDevAPI.cs Outdated
Comment thread RatScanner/ViewModel/MenuVM.cs Outdated
Comment thread src/ScanEngine/RatEyeEngine.cs
@DysektAI DysektAI self-assigned this Jul 13, 2026
Comment thread RatScanner/Pages/App/Index.razor Outdated
DysektAI added 7 commits July 13, 2026 11:42
Production reliability
- Do not terminate the process for missing/corrupt maps.json or failed
  remote resource downloads; Logger.LogError exits, so use LogWarning.
- Keep icon scans alive when Data/icons is absent by degrading to empty
  matches instead of throwing from EnsureStaticIconsLoaded.
- Prevent offering pre-release GitHub updates to stable installs.
- Null-coalesce ItemIconScan.IconPath; tolerate missing screens during
  full-screen name scan; use a seed placeholder when ItemQueue is empty.
- Use LazyThreadSafetyMode.ExecutionAndPublication for TarkovDevAPI
  request deduplication.

Dead code and asset cleanup
These were confirmed unreferenced at runtime (call-site + history audit):
- Remove unused Discord OAuth stack (AuthService, OAuth2) and legacy
  api.ratscanner.com ApiManager resource client, kept only for abandoned
  patronage/updater flows after GitHub-update migration.
- Drop OAuthRefreshToken config, Paths.Updater, unused Patreon/Discord
  SVG constants, and unused DeepCloner/upgrade-assistant packages.
- Delete orphaned WPF assets left after 2021 UI rewrite: iconMods.png
  (old HasMods badge) and settings.png (old settings button), now
  replaced by MudBlazor Material icons.
- Delete unused Data/icon_search.png duplicate; RatEye embeds the name-
  scan magnifier as the sole marker source.
- Delete unused bender fonts (theme uses Segoe UI; fonts were already
  excluded from publish).
- Delete dead ASP.NET Error.cshtml stubs, WindowsServices click-through
  helper, empty CSS stubs, and unused Resource model.

Why
- Reliability fixes prevent non-fatal data/network issues from becoming
  full app exits, and stop accidental beta auto-updates.
- Cleanup reduces maintenance cost and repo bulk without changing product
  behavior: removed paths had zero live consumers since the WPF to Blazor
  shell migration and GitHub-based updates.

Verified: dotnet test RatScanner.sln (71 passed).
Day-to-day coding should use Debug + dotnet watch, not a full
single-file publish. This makes that path one command and documents
it clearly.

Added
- dev.bat / scripts/dev.ps1: ensure Data, restore, then
  `dotnet watch --non-interactive --no-hot-reload run`
  (restart-on-save; WPF/WebView2 hot reload is not reliable)
- scripts/Expand-Zip.ps1: Expand-Archive -> ZipFile -> python
  so setup/publish work when PowerShell Archive fails

Hardened
- setup-data.ps1: skip if Data already valid, -Force re-download,
  curl fallback, nested archive layout handling
- publish.bat: shared zip helper, error checks, Data validation,
  overwriteable zip; tip to use dev.bat for iteration
- RatScanner.csproj: exclude Data/** from DefaultItemExcludes and
  mark Content Watch=false so ~4k icons do not flood the watcher
  while still copying Data into bin/publish
- BlazorUI dispose: null-safe WebView dispose for clean restarts

Docs
- README + AGENTS: local workflow, dev vs publish, hot-reload note
Delete leftover watch-verify/watch-test stdout/stderr captures from
local tooling checks and keep them out of git status going forward.
Rename project folders so the monorepo no longer looks like nested
product repos at the root. Assemblies and C# namespaces are unchanged
(RatScanner app, RatEye engine) to avoid a huge API churn.

Layout
- RatScanner/      -> src/App/
- RatEye/          -> src/ScanEngine/
- RatScanner.Tests/ -> tests/RatScanner.Tests/

Wiring
- RatScanner.sln project paths
- ProjectReference paths (App -> ScanEngine, Tests -> App)
- publish.bat, CI workflow, setup-data/dev/bench scripts
- gitignore Data path: src/App/Data

Docs
- README + AGENTS: new layout, Data path, local commands
- ScanEngine/VENDOR.md: provenance + explicit license note
  (upstream RatEye still has no LICENSE file)

Local Data remains gitignored under src/App/Data.
coderabbitai[bot]

This comment was marked as resolved.

Harden CI dependency audit (JSON severity), publish package checks, updater
cleanup, tracker 401 token race, exit disposals, map parse cache, drawer/status
a11y, presentation i18n, and related tooling robustness.
coderabbitai[bot]

This comment was marked as resolved.

Separate vulnerability-audit stdout/stderr, harden publish curl, translate
new i18n strings, localize jump/tray menus, and restore focus on scanner
settings navigation.
@DysektAI

Copy link
Copy Markdown
Member Author

Review triage (5fb9876)

Addressed remaining open review threads and the actionable outside-diff findings from the latest CodeRabbit pass.

Fixed in code

  • CI vulnerability audit — stdout/stderr no longer merged; JSON parse uses stdout only
  • publish.batcurl -fL --retry 3 --retry-all-errors for Data.zip (matches CI)
  • i18n — translated new Rec*/ItemType*/Recognition*/price keys in es/fr/pl/pt/ru/zh; added jump/tray keys in all locales
  • Jump list / tray menu — localized via PresentationText + new i18n keys
  • ScannerStatus OpenSettings — closes through CloseAsync() before navigate (focus restore)
  • measure-idle — verbose diagnostics on per-process property read failures

Not changed (invalid / already handled)

  • PageSwitcher constructor try/catch + singleton — invalid. Logger.LogError ends in Environment.Exit(1) after logging/help UI, so a failed construction does not leave a usable half-built singleton. Removing the catch would also drop the FAQ/issue help dialogs on startup failure.
  • Modal Tab trapping beyond inert main — prior pass already added inert/aria-hidden on main content while the drawer is open and basic Tab handling in the status popover. Full multi-boundary modal focus managers are a heavier a11y follow-up, not a merge blocker for this vendor PR.

Validation

  • dotnet build RatScanner.sln -c Release — 0 warnings / 0 errors
  • dotnet test RatScanner.sln -c Release — 119 passed

coderabbitai[bot]

This comment was marked as resolved.

DysektAI added 2 commits July 15, 2026 02:53
Replace the settings Save bar with per-control persistence, store independent
PvP/PvE .org keys (plus legacy .io), and switch game mode from the sidebar with
stale-request safety and config v3 migration.
Align softprops/action-gh-release with the org selected-actions allowlist so
Build can start, reject Subject Search / UI chrome OCR as items, require
MinItemConfidence before accepting fuzzy title matches, and correct ru/zh FIR
recommendation strings from review.
@DysektAI

Copy link
Copy Markdown
Member Author

Addressed the remaining open review thread and uncommitted production fixes:

  • CI: softprops/action-gh-release pin now matches the TarkovTracker org selected-actions allowlist (a06a81a…). Previous pin caused workflow startup_failure for the entire Build workflow (including non-release PR builds).
  • ScanEngine: Reject inventory/UI chrome titles (e.g. Subject Search) and require MinItemConfidence (0.55) before accepting fuzzy OCR→item matches; regression tests added.
  • i18n: Grammatical RecFirRequired / RecFirMixed wording for ru and zh.

Local validation: dotnet build -c Release, dotnet test (152 passed), csharpier check, agent-docs integrity, markdown lint.

DysektAI added 2 commits July 15, 2026 09:58
Restore the current release pin after adding its SHA to the TarkovTracker
selected-actions policy; keep the older v2.5.0 pin listed for other org repos.
Replace node20-targeting setup-node v4 / upload-artifact v4 / download-artifact
v4 pins with mature node24 pins (setup-node v6.4.0, upload-artifact v7.0.1,
download-artifact v8.0.1) to clear the Node.js 20 deprecation annotation.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 14

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (3)
docs/agent-context/release-and-versioning.md (1)

37-43: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Document the verified data-package contract.

The local publish instructions still say to download the mutable latest archive. Update them to require the same pinned RatScannerData release and checksum/signature verification used by the packaging scripts.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/agent-context/release-and-versioning.md` around lines 37 - 43, Update
the local publish instructions to replace the mutable RatScannerData “latest”
download with the pinned release used by the packaging scripts, and require
matching checksum/signature verification before extraction into publish\Data.
Keep the existing publish, LICENSE inclusion, and archive steps unchanged.
scripts/bench/measure-idle.ps1 (2)

7-13: 🎯 Functional Correctness | 🟡 Minor | ⚡ Quick win

Validate WarmupSeconds before calling Start-Sleep.

Negative values are accepted by parameter binding and then fail at runtime. Add a non-negative range constraint.

Proposed fix
-    [int]$WarmupSeconds = 8,
+    [ValidateRange(0, [int]::MaxValue)]
+    [int]$WarmupSeconds = 8,
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@scripts/bench/measure-idle.ps1` around lines 7 - 13, Update the WarmupSeconds
parameter validation in the measure-idle script to reject negative values while
allowing zero, so Start-Sleep receives only non-negative durations. Preserve the
existing parameter type and validation style used by SampleCount and
SampleIntervalMilliseconds.

82-86: 🩺 Stability & Availability | 🟠 Major | 🏗️ Heavy lift

Make cleanup fail closed on uncertain process identity.

When StartTime cannot be read, $rootStartTime remains null and any process currently using the PID is treated as the benchmark process. PID reuse can therefore terminate unrelated descendants. Conversely, if the root exits before finally, $live is null and cleanup skips WebView2 children that may still be running. Track PID/start-time pairs during sampling, stop only matching processes, and do not perform PID-based cleanup when identity cannot be established.

Also applies to: 165-194

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@scripts/bench/measure-idle.ps1` around lines 82 - 86, Update the sampling and
cleanup logic around $rootStartTime, $live, and the finally block to track each
discovered process as a PID/start-time pair. Only stop processes whose current
PID and start time match the recorded identity; if any identity cannot be
established, skip PID-based cleanup rather than guessing. Preserve descendant
cleanup even when the root process exits before finally by using the identities
collected during sampling.
♻️ Duplicate comments (2)
.github/workflows/build.yml (2)

30-47: 🔒 Security & Privacy | 🟠 Major | ⚡ Quick win

Disable dependency caches for release-producing tag runs.

The workflow handles both pull requests and v* pushes, but .NET and npm caches remain unconditional. This leaves the cache-poisoning path flagged by zizmor: a PR-controlled cache can influence a later release build. Guard both caches for tag refs or use a separate no-cache release build.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/build.yml around lines 30 - 47, Update the .NET cache
configuration in setup-dotnet and the npm cache configuration in setup-node so
both are disabled for v* tag push runs while remaining enabled for pull requests
and other builds. Use the workflow’s existing event/ref context to conditionally
apply the cache settings, preserving the current dependency paths and Node/.NET
versions.

Source: Linters/SAST tools


107-109: 🔒 Security & Privacy | 🟠 Major | 🏗️ Heavy lift

Use one pinned and verified RatScannerData release across all packaging paths.

The CI workflow and local publish script both consume a mutable, unverified archive, while the release documentation instructs the same behavior.

  • .github/workflows/build.yml#L107-L109: pin the data release and verify its checksum/signature before extraction.
  • docs/agent-context/release-and-versioning.md#L37-L43: document the pinned artifact and integrity check.
  • publish.bat#L28-L34: enforce the same pin and verification before Expand-Zip.ps1.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/build.yml around lines 107 - 109, Use one pinned
RatScannerData release and verified artifact across all packaging paths: update
.github/workflows/build.yml lines 107-109 to download the pinned archive and
verify its checksum or signature before extraction; update publish.bat lines
28-34 to enforce the identical pin and verification before Expand-Zip.ps1;
document the pinned artifact and integrity check in
docs/agent-context/release-and-versioning.md lines 37-43.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/App/Components/HotkeySelector.razor`:
- Around line 42-70: Update StopListeningAsync to transition _listening to false
before awaiting HotkeyChanged.InvokeAsync, preventing concurrent OnKeyUp calls
from re-entering the commit path. Keep the state refresh in a finally block so
the component exits listening mode and invokes StateHasChanged even when the
callback throws, while preserving discard and commit behavior.

In `@src/App/i18n/es.json`:
- Around line 241-307: Translate every value in the Spanish locale block from
SettingSaveFailed through CredentialUnexpectedResponse into Spanish, covering
the advanced-capture, settings, scanning, overlay, tracking, and credential
messages. Preserve all keys and the {0}/{1} placeholders exactly, using the
English values only as the source meaning.

In `@src/App/i18n/fr.json`:
- Around line 241-307: Translate every user-visible value in the shared English
string block into the target language while preserving all keys and
placeholders: update src/App/i18n/fr.json lines 241-307 in French,
src/App/i18n/pl.json lines 241-307 in Polish, and src/App/i18n/pt.json lines
241-307 in Portuguese. Keep the locale structure aligned with the English
baseline.

In `@src/App/i18n/ru.json`:
- Around line 241-307: Translate every user-visible key from SettingSaveFailed
through CredentialUnexpectedResponse into Russian in src/App/i18n/ru.json at
lines 241-307, preserving keys and placeholders. Translate the same key set into
Simplified Chinese in src/App/i18n/zh.json at lines 241-307; do not leave the
English baseline text in either locale.

In `@src/App/Pages/App/Settings/SettingsGeneral.razor`:
- Around line 230-241: Update RefreshDisplayDetectionAsync so
SettingsVM.RefreshGameDisplays and the subsequent LoadDisplaySettings view-model
mutations execute on the Blazor renderer synchronization context instead of
using Task.Run, or consistently protect every display-draft mutation with the
existing display-persistence lock. Ensure _refreshing is reset in all paths
while keeping SelectedGameDisplayId, resolution/scale text, and preview state
synchronized.

In `@src/App/Pages/App/Settings/SettingsScanning.razor`:
- Around line 101-110: The four settings pages duplicate the persist,
failure-snackbar, and StateHasChanged flow. Promote ReportAsync in
src/App/Pages/App/Settings/SettingsScanning.razor:101-110 into a shared helper
or SettingsPageBase, then route the corresponding handlers in
src/App/Pages/App/Settings/SettingsGeneral.razor:294-307,
src/App/Pages/App/Settings/SettingsInteractableOverlay.razor:47-53, and
src/App/Pages/App/Settings/SettingsMinimalUI.razor:61-67 through it, preserving
the existing failure message and UI refresh behavior.

In `@src/App/Pages/App/Settings/SettingsTracking.razor`:
- Around line 96-100: Update CancelOrgReplacement and CancelIoReplacement so
they cancel the corresponding in-flight validation operation and prevent its
completion from persisting the candidate key. Ensure the validation/save flow
checks cancellation immediately before saving, and apply the same behavior to
all related replacement sections and Cancel buttons.

In `@src/App/RatConfig.cs`:
- Around line 327-335: Gate the legacy-token fallback in the
configuration-loading logic around legacyToken and
Tracking.TarkovTracker.IoToken so it only runs for pre-v3 configurations.
Preserve the existing IO-token and PvP-token assignments, but require the config
version to indicate a pre-v3 file before using legacyToken when Backend is 0.
- Around line 383-415: Update SetGameModeAsync so SaveConfig is called only
after ActivateTrackerModeAsync(gameMode) completes successfully. Keep the
in-memory rollback and previous-mode restoration behavior unchanged when
activation fails, ensuring config.cfg never persists an unsuccessful game-mode
switch.

In `@src/App/SettingsPersistenceService.cs`:
- Around line 91-104: Update SaveImmediateAsync’s second lock around the _tail
continuation so it safely handles disposal before reading _lifetime.Token.
Re-check _disposed under the lock and return the appropriate completed/canceled
result, or reuse a token captured while the lifetime source was still valid,
ensuring ObjectDisposedException cannot escape from SaveImmediateAsync.

In `@src/App/Shared/AppLayout.razor`:
- Around line 64-69: Update the tracker-attention NavLink in AppLayout to wire
its `@onclick` handler to CloseDrawerAfterNavAsync, matching the other sidebar
navigation links and ensuring the drawer closes even when the current route is
already /app/settings/tracking.

In `@src/App/ViewModel/SettingsVM.cs`:
- Around line 341-352: Update SetShowTarkovTrackerTeamAsync so the
ActivateTrackerModeAsync task is observed instead of silently discarded.
Preserve the existing fire-and-forget behavior, but attach fault handling that
logs the activation failure and provides appropriate user feedback using the
surrounding SettingsVM error-handling conventions.

In `@src/ScanEngine/Processing/Inspection.cs`:
- Around line 259-271: Replace the Title property reads inside ScanTitle with
the _title backing field, including the IsUiChromeTitle check and its debug log,
so ScanTitle does not re-enter SatisfyState while processing OCR. Preserve the
existing UI-chrome skip behavior and item-state reset.

In `@tests/RatScanner.Tests/OpenCvPipelineTests.cs`:
- Around line 183-190: Update
Weak_title_fuzzy_matches_are_rejected_below_min_item_confidence to exercise the
actual Inspection acceptance path and assert that these weak title matches are
rejected as non-Items. Use the existing inspection pipeline and
MinItemConfidence behavior rather than only asserting NormedLevenshteinDistance
scores; alternatively, rename the test to accurately describe score-helper
coverage.

---

Outside diff comments:
In `@docs/agent-context/release-and-versioning.md`:
- Around line 37-43: Update the local publish instructions to replace the
mutable RatScannerData “latest” download with the pinned release used by the
packaging scripts, and require matching checksum/signature verification before
extraction into publish\Data. Keep the existing publish, LICENSE inclusion, and
archive steps unchanged.

In `@scripts/bench/measure-idle.ps1`:
- Around line 7-13: Update the WarmupSeconds parameter validation in the
measure-idle script to reject negative values while allowing zero, so
Start-Sleep receives only non-negative durations. Preserve the existing
parameter type and validation style used by SampleCount and
SampleIntervalMilliseconds.
- Around line 82-86: Update the sampling and cleanup logic around
$rootStartTime, $live, and the finally block to track each discovered process as
a PID/start-time pair. Only stop processes whose current PID and start time
match the recorded identity; if any identity cannot be established, skip
PID-based cleanup rather than guessing. Preserve descendant cleanup even when
the root process exits before finally by using the identities collected during
sampling.

---

Duplicate comments:
In @.github/workflows/build.yml:
- Around line 30-47: Update the .NET cache configuration in setup-dotnet and the
npm cache configuration in setup-node so both are disabled for v* tag push runs
while remaining enabled for pull requests and other builds. Use the workflow’s
existing event/ref context to conditionally apply the cache settings, preserving
the current dependency paths and Node/.NET versions.
- Around line 107-109: Use one pinned RatScannerData release and verified
artifact across all packaging paths: update .github/workflows/build.yml lines
107-109 to download the pinned archive and verify its checksum or signature
before extraction; update publish.bat lines 28-34 to enforce the identical pin
and verification before Expand-Zip.ps1; document the pinned artifact and
integrity check in docs/agent-context/release-and-versioning.md lines 37-43.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 9325639b-8c17-4d96-9b97-90ce9a11dd55

📥 Commits

Reviewing files that changed from the base of the PR and between 6bf02db and 28f960f.

📒 Files selected for processing (62)
  • .github/workflows/build.yml
  • docs/agent-context/app-ui.md
  • docs/agent-context/configuration-and-cache.md
  • docs/agent-context/data-integrations.md
  • docs/agent-context/project-overview.md
  • docs/agent-context/release-and-versioning.md
  • publish.bat
  • scripts/bench/measure-idle.ps1
  • src/App/APIClient.cs
  • src/App/Components/HotkeySelector.razor
  • src/App/Components/ImmediateSettingSwitch.razor
  • src/App/Components/ImmediateSettingSwitch.razor.css
  • src/App/FetchModels/TarkovTracker/Exceptions.cs
  • src/App/FetchModels/TarkovTracker/ProgressResponse.cs
  • src/App/FetchModels/TarkovTracker/TokenResponse.cs
  • src/App/InteractableOverlay.razor
  • src/App/ItemExtensions.cs
  • src/App/Overlay.razor
  • src/App/PageSwitcher.xaml.cs
  • src/App/Pages/App/Settings/SettingsGeneral.razor
  • src/App/Pages/App/Settings/SettingsGeneral.razor.css
  • src/App/Pages/App/Settings/SettingsInteractableOverlay.razor
  • src/App/Pages/App/Settings/SettingsInteractableOverlay.razor.css
  • src/App/Pages/App/Settings/SettingsMinimalUI.razor
  • src/App/Pages/App/Settings/SettingsScanning.razor
  • src/App/Pages/App/Settings/SettingsScanning.razor.css
  • src/App/Pages/App/Settings/SettingsTracking.razor
  • src/App/Pages/App/Settings/SettingsTracking.razor.css
  • src/App/Pages/App/Settings/_Imports.razor
  • src/App/RatConfig.cs
  • src/App/RatScannerMain.cs
  • src/App/RazorApp.razor
  • src/App/SettingsPersistenceService.cs
  • src/App/Shared/AppLayout.razor
  • src/App/Shared/AppLayout.razor.css
  • src/App/Shared/ScannerStatus.razor
  • src/App/Shared/SettingsLayout.razor
  • src/App/Shared/SettingsLayout.razor.css
  • src/App/TarkovTrackerDB.cs
  • src/App/View/BlazorInteractableOverlay.xaml
  • src/App/View/BlazorOverlay.xaml
  • src/App/View/BlazorUI.xaml
  • src/App/View/BlazorUI.xaml.cs
  • src/App/ViewModel/MenuVM.cs
  • src/App/ViewModel/SettingsVM.cs
  • src/App/i18n/en.json
  • src/App/i18n/es.json
  • src/App/i18n/fr.json
  • src/App/i18n/pl.json
  • src/App/i18n/pt.json
  • src/App/i18n/ru.json
  • src/App/i18n/zh.json
  • src/ScanEngine/Config/Processing/Inspection.cs
  • src/ScanEngine/Processing/Inspection.cs
  • tests/RatScanner.Tests/ConfigurationMigrationTests.cs
  • tests/RatScanner.Tests/GameDisplayConfigurationTests.cs
  • tests/RatScanner.Tests/OpenCvPipelineTests.cs
  • tests/RatScanner.Tests/PresentationServicesTests.cs
  • tests/RatScanner.Tests/SettingsInputTests.cs
  • tests/RatScanner.Tests/SettingsLayoutContractTests.cs
  • tests/RatScanner.Tests/SettingsPersistenceTests.cs
  • tests/RatScanner.Tests/TarkovTrackerReliabilityTests.cs

Comment thread src/App/Components/HotkeySelector.razor Outdated
Comment thread src/App/i18n/es.json Outdated
Comment thread src/App/i18n/fr.json Outdated
Comment thread src/App/i18n/ru.json Outdated
Comment thread src/App/Pages/App/Settings/SettingsGeneral.razor
Comment thread src/App/SettingsPersistenceService.cs
Comment thread src/App/Shared/AppLayout.razor
Comment thread src/App/ViewModel/SettingsVM.cs
Comment thread src/ScanEngine/Processing/Inspection.cs
Comment thread tests/RatScanner.Tests/OpenCvPipelineTests.cs
Immediate name/icon enable toggles never rebuilt ActiveHotkey, so Enable
stayed stale after settings changes. Rebuild hotkeys on those toggles.
Reject non-HTTPS or non-GitHub release asset URLs before auto-update
download/apply.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
tests/RatScanner.Tests/PresentationServicesTests.cs (1)

351-383: 🩺 Stability & Availability | 🟠 Major | 🏗️ Heavy lift

Keep TarkovDevApiTests hermetic.

These tests fetch live TarkovDev data and tolerate empty results during network/CI flakiness. That makes failures nondeterministic and can turn an API outage or schema regression into a passing test. Use a fake HTTP handler with small checked-in JSON fixtures and assert IDs/item IDs unconditionally.

As per coding guidelines, tests must be pure, hermetic, deterministic, and must not use live network services.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tests/RatScanner.Tests/PresentationServicesTests.cs` around lines 351 - 383,
Make TarkovDevApiTests hermetic by injecting a fake HTTP handler into
TarkovDevAPI and serving small checked-in JSON fixtures for FetchCraftsAsync and
FetchBartersAsync. Remove the empty-result early returns and assert projected
IDs and item IDs unconditionally, while preserving the existing ItemTypeLabel
tests.

Source: Coding guidelines

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/App/GitHubUpdateService.cs`:
- Around line 164-180: Update the downloader method around HttpClientHandler and
IsAllowedReleaseAssetUrl so redirects are not followed automatically. Manually
inspect each response Location, follow only HTTPS URLs accepted by
IsAllowedReleaseAssetUrl, and enforce a finite redirect hop limit; reject
missing, invalid, or unallowlisted targets before downloading or executing the
archive.

In `@tests/RatScanner.Tests/SettingsLayoutContractTests.cs`:
- Around line 50-58: Replace the raw-text search in
ContainsApplyRuntimeRegisterHotkeys with a behavior- or syntax-aware check that
targets applyRuntime. Verify HotkeyManager.RegisterHotkeys() is executable and
occurs after the immediate save operation, using controlled SettingsVM
dependencies or parsed method structure rather than comments or dead branches.

---

Outside diff comments:
In `@tests/RatScanner.Tests/PresentationServicesTests.cs`:
- Around line 351-383: Make TarkovDevApiTests hermetic by injecting a fake HTTP
handler into TarkovDevAPI and serving small checked-in JSON fixtures for
FetchCraftsAsync and FetchBartersAsync. Remove the empty-result early returns
and assert projected IDs and item IDs unconditionally, while preserving the
existing ItemTypeLabel tests.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: ce01cfd9-70c9-4c03-bea7-6199596314df

📥 Commits

Reviewing files that changed from the base of the PR and between 28f960f and 8d6301b.

📒 Files selected for processing (4)
  • src/App/GitHubUpdateService.cs
  • src/App/ViewModel/SettingsVM.cs
  • tests/RatScanner.Tests/PresentationServicesTests.cs
  • tests/RatScanner.Tests/SettingsLayoutContractTests.cs

Comment thread src/App/GitHubUpdateService.cs
Comment on lines +50 to +58
private static bool ContainsApplyRuntimeRegisterHotkeys(string source, string methodName)
{
int methodStart = source.IndexOf($"internal Task<SettingSaveResult> {methodName}", StringComparison.Ordinal);
if (methodStart < 0)
return false;

int nextMethod = source.IndexOf("internal Task<SettingSaveResult>", methodStart + 1, StringComparison.Ordinal);
string methodBody = nextMethod < 0 ? source[methodStart..] : source[methodStart..nextMethod];
return methodBody.Contains("HotkeyManager.RegisterHotkeys()", StringComparison.Ordinal);

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎯 Functional Correctness | 🟠 Major | 🏗️ Heavy lift

Make the hotkey contract test behavior- or syntax-aware.

ContainsApplyRuntimeRegisterHotkeys only searches raw source text for HotkeyManager.RegisterHotkeys(). It does not verify that the call is inside applyRuntime, occurs after the immediate save, or is executable; a comment or dead branch could keep the test green while the behavior is removed.

Prefer exercising SettingsVM with controlled dependencies, or parse the method structure and assert the call and ordering explicitly.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tests/RatScanner.Tests/SettingsLayoutContractTests.cs` around lines 50 - 58,
Replace the raw-text search in ContainsApplyRuntimeRegisterHotkeys with a
behavior- or syntax-aware check that targets applyRuntime. Verify
HotkeyManager.RegisterHotkeys() is executable and occurs after the immediate
save operation, using controlled SettingsVM dependencies or parsed method
structure rather than comments or dead branches.

DysektAI added 3 commits July 15, 2026 20:34
The ref bool parameter suggested live-tracking, but Enabled was always
copied by value at construction. Settings toggles now call
RegisterHotkeys() to rebuild with the current config value, making the
ref keyword unnecessary and misleading.
Fixes applied:
- Inspection.cs: use _title backing field to avoid stack-overflow from re-entrant Title getter (P0/Critical)
- HotkeySelector.razor: set _listening=false before awaiting HotkeyChanged so duplicate key-up cannot double-commit; StateHasChanged in finally
- SettingsPersistenceService.cs: capture _lifetime.Token while _gate is held to prevent ObjectDisposedException on disposal race
- SettingsTracking.razor: add AbortOrgReplacement/AbortIoReplacement wrappers that cancel in-flight validation so a completed request cannot persist a canceled candidate; restore UI via Cancel*Replacement; also add ThrowIfCancellationRequested immediately after the save call; capture IO token locally to avoid disposed-CTS access and guard finalize cleanup via _ioValidation identity check
- RatConfig.cs: gate legacy Token/Backend migration on pre-v3 configs; move SaveConfig after ActivateTrackerModeAsync so a failed mode switch never persists the failed mode on disk
- SettingsVM.cs: wire _synchronizationContext in OnGameDisplayConfigurationChanged to marshal VM mutations to the Blazor renderer; add RefreshGameDisplaysAsync that offloads only detection to Task.Run and resumes state updates on the renderer; add fault-logging continuation to SetShowTarkovTrackerTeamAsync fire-and-forget activation
- SettingsGeneral.razor: call RefreshGameDisplaysAsync instead of Task.Run(sync refresh)
- GitHubUpdateService.cs: add NoRedirectHttp client with manual redirect loop (5-hop cap, per-hop host validation, relative-URI resolution, 308 PermanentRedirect support) so a trusted GitHub asset URL cannot silently redirect the download to an untrusted host
- AppLayout.razor: wire CloseDrawerAfterNavAsync on the tracker-attention NavLink
- Tests: ConfigurationMigrationTests adds v3 staleness regression; OpenCvPipelineTests renames to Ui_chrome_fuzzy_scores_stay_below_the_configured_min_item_confidence and reads threshold from config; SettingsLayoutContractTests strips comments and matches applyRuntime lambda shape to prevent false-positive coverage
- i18n: todo — six locale blocks from SettingSaveFailed through CredentialUnexpectedResponse remain in English (es/fr/pl/pt/ru/zh ~67 keys each)
Comment thread src/App/SettingsPersistenceService.cs Outdated
coderabbitai[bot]

This comment was marked as resolved.

DysektAI added 2 commits July 17, 2026 01:43
…UserProgress

- Exceptions.cs: UnauthorizedTokenException had a copy-pasted comment about rate
  limiting; corrected to describe authentication failure.
- ItemExtensions.cs: GetUserProgress read Progress and Self from TarkovTrackerDB
  across two accessor calls, allowing a mode switch or reconfiguration between
  reads to produce a mismatched Self/Progress snapshot. Capture both in locals
  from a single getter call.
- SettingsPersistenceService: guard disposed-path rollback so the returned
  task always completes even if apply(previous) throws (kilo-code-bot).
- HotkeySelector: stop mutating the bound Hotkey before HotkeyChanged so
  the parent's rollback snapshot captures the original value (coderabbitai).
- i18n: translate 67 untranslated settings/credential keys (lines 241-307)
  into es, fr, pl, pt, ru, zh — English was copy-pasted into all six
  non-English locale catalogs (coderabbitai x3).
- OpenCvPipelineTests, SettingsLayoutContractTests: apply csharpier
  formatting to unblock CI csharpier check on this branch.
@DysektAI

Copy link
Copy Markdown
Member Author

Skipped 2 unresolved threads as out-of-scope for merge-readiness:

  • SettingsScanning shared helper (nitpick): 4-file DRY refactor for the persist/snackbar/StateHasChanged pattern. Tagged as nitpick by CodeRabbit. Out of scope for a merge-readiness fix — no correctness impact, purely a maintainability preference. The duplicated blocks are ~5 lines each and work correctly.

  • OpenCvPipelineTests test name (potential_issue): The test name \Ui_chrome_fuzzy_scores_stay_below_the_configured_min_item_confidence\ already accurately describes what it tests (score-helper coverage). The UI chrome rejection mechanism itself (\IsUiChromeTitle) is tested separately at lines 166-181. Adding a full Inspection-level test would require OCR/marker fixtures and duplicate the existing \IsUiChromeTitle\ coverage. The rename alternative offered in the comment is already satisfied by the current name.

5 other threads addressed in commit a846ae1: i18n translations (es/fr/pl/pt/ru/zh), SettingsPersistenceService disposed-path hang guard, HotkeySelector bound-hotkey mutation fix.

@DysektAI

This comment was marked as resolved.

@coderabbitai

This comment was marked as resolved.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
src/App/Components/HotkeySelector.razor (1)

57-78: 🎯 Functional Correctness | 🟡 Minor | ⚡ Quick win

Resync the displayed hotkey after the save callback.

_tmpHotkey is rendered by this component but is never replaced after HotkeyChanged.InvokeAsync completes. If the parent save fails, the bound Hotkey is restored while the UI continues displaying the rejected candidate until the next capture starts. Copy the bound value back in finally before refreshing the component.

Proposed fix
         finally {
+            _tmpHotkey = new Hotkey(Hotkey);
             await InvokeAsync(StateHasChanged);
         }
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/App/Components/HotkeySelector.razor` around lines 57 - 78, Update
StopListeningAsync so its finally block copies the current bound Hotkey value
into _tmpHotkey before invoking StateHasChanged, ensuring the displayed hotkey
reflects any parent-side save or rollback result.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/App/i18n/pl.json`:
- Line 242: Update the AdvancedCapture translation in pl.json from the masculine
form to the neuter form “Zaawansowane przechwytywanie,” preserving the existing
translation key.

In `@src/App/i18n/ru.json`:
- Line 273: Update the TeamPermissionDescription translation to replace both
occurrences of “требует разрешение” with “требует разрешения”, preserving the
rest of the Russian text unchanged.

---

Outside diff comments:
In `@src/App/Components/HotkeySelector.razor`:
- Around line 57-78: Update StopListeningAsync so its finally block copies the
current bound Hotkey value into _tmpHotkey before invoking StateHasChanged,
ensuring the displayed hotkey reflects any parent-side save or rollback result.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 5392e638-5e1a-43f6-8216-28f0e3d7d5a9

📥 Commits

Reviewing files that changed from the base of the PR and between aafff41 and a846ae1.

📒 Files selected for processing (10)
  • src/App/Components/HotkeySelector.razor
  • src/App/SettingsPersistenceService.cs
  • src/App/i18n/es.json
  • src/App/i18n/fr.json
  • src/App/i18n/pl.json
  • src/App/i18n/pt.json
  • src/App/i18n/ru.json
  • src/App/i18n/zh.json
  • tests/RatScanner.Tests/OpenCvPipelineTests.cs
  • tests/RatScanner.Tests/SettingsLayoutContractTests.cs

Comment thread src/App/i18n/pl.json
Comment thread src/App/i18n/ru.json Outdated
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

size:XXL This PR changes 1000+ lines, ignoring generated files

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants