refactor: Tauri-to-Electron migration + monorepo restructure

.claude/agent-memory/deep-reviewer/MEMORY.md

@@ -21,15 +21,26 @@
 - HTTP queryFn remains as fallback for initial load before WS connects
 - `staleTime: Infinity` on all WS-subscribed queries -- relies on WS for freshness
 - `useQuerySubscription` does NOT re-subscribe if WS connects after hook mounts -- latent bug
-- Workspace cache updated by: onMutate (optimistic), WS q:snapshot/q:delta, useWorkspaceInitEvents (Tauri event for init progress)
-- Session events (session:message, session:error, session:status-changed) as Tauri events are now DEAD -- Rust socket.rs still emits them but no frontend listener exists
-- useGlobalSessionNotifications now observes React Query cache, not Tauri events
+- Workspace cache updated by: onMutate (optimistic), WS q:snapshot/q:delta, useWorkspaceInitEvents (IPC event for init progress)
+- useGlobalSessionNotifications now observes React Query cache, not IPC events
 - query-engine.ts returns camelCase (hasOlder/hasNewer) vs HTTP snake_case (has_older/has_newer) -- field name mismatch bug
-- dispatchInvalidation is a complete no-op (every resource branch is empty)
-- `sendCommand` and `onEvent` in WS client are exported but never consumed
-- `incrementalFetchAndMerge`, `mergeNewerMessages`, `getLastRealSeq` are dead code in messageCache.ts
+- `q:mutate` / `q:mutate_result` protocol wired in backend but frontend uses HTTP mutations exclusively
+- `sendCommand` and `onEvent` in WS client are exported and consumed (PTY commands use sendCommand, tool relay uses onEvent)
+
+## Electron Desktop Layer (Post-Tauri Migration)
+
+- Electron 35 in use; `BrowserView` deprecated since Electron 30 -- migration to `WebContentsView` needed
+- Preload uses ESM (.mjs output) requiring `sandbox: false` -- this is expected
+- Preload allowlist pattern: ALLOWED_INVOKE_CHANNELS + ALLOWED_EVENT_CHANNELS gate all IPC
+- Duplicate ipcMain handlers exist (snake_case + native: prefix) for migration compat -- should be consolidated
+- `browser:network-request` emitted by main process but no consumer or allowlist entry exists
+- `browser:console-message` sent from browser preload but no ipcMain handler buffers it
+- `clear_file_cache` and `invalidate_file_cache` in allowlist but no handler or caller
+- No test coverage for apps/desktop/ (8 files, ~800 lines)
+- Backend process management: exponential backoff restart, port-changed IPC to renderer, WS reconnect chain
+- Sidecar spawned by backend (not Electron main), tracked in server.ts module scope
 
 ## Review Infrastructure
 
 - Reviews go to `.context/reviews/review-NN.md`
-- review-01: 2026-02-21, review-02: 2026-03-03 (session cache/event review), review-03: 2026-03-15 (WS query protocol migration)
+- review-01: 2026-02-21, review-02: 2026-03-03 (session cache/event review), review-03: 2026-03-15 (WS query protocol migration), review-04: 2026-03-20 (Tauri-to-Electron migration pre-merge review)

.env.example

@@ -3,7 +3,7 @@
 EXA_API_KEY=your_exa_api_key_here
 
 # Dev-browser path (optional)
-# If unset, the app disables dev-browser auto-start in Tauri mode.
+# If unset, the app disables dev-browser auto-start in Electron mode.
 # Set this to the absolute path of your dev-browser installation.
 # Example: VITE_DEV_BROWSER_PATH=/Users/yourname/Documents/dev-browser
 VITE_DEV_BROWSER_PATH=
@@ -39,10 +39,10 @@ OPENAI_API_KEY=
 # Frontend DSN (injected at Vite build time)
 VITE_SENTRY_DSN=
 
-# Rust DSN (compiled into the Tauri binary)
-SENTRY_DSN_RUST=
+# Backend + Sidecar Sentry DSN (passed via env to child processes)
+# SENTRY_DSN_RUST is no longer used (removed in Electron migration)
 
-# Backend + Sidecar DSN (Rust forwards this to Node.js child processes)
+# Backend + Sidecar DSN (Electron main process forwards this to child processes)
 SENTRY_DSN_NODE=
 
 # Auth token for source map uploads (CI only)

.gitattributes

@@ -6,15 +6,15 @@
 *.jsx text eol=lf
 *.ts text eol=lf
 *.tsx text eol=lf
+*.cjs text eol=lf
+*.mjs text eol=lf
 *.css text eol=lf
 *.json text eol=lf
 *.md text eol=lf
 *.html text eol=lf
 *.yml text eol=lf
 *.yaml text eol=lf
 *.sh text eol=lf
-*.rs text eol=lf
-*.toml text eol=lf
 
 # Binary files
 *.png binary
@@ -27,3 +27,6 @@
 *.ttf binary
 *.otf binary
 *.eot binary
+*.mp3 binary
+*.mp4 binary
+*.webm binary

.github/workflows/release.yml

@@ -1,14 +1,15 @@
-# One-click macOS release workflow
+# One-click macOS release workflow (Electron Builder)
+#
+# TODO: This workflow needs to be rewritten for Electron Builder.
+# The previous release workflow has been removed.
+# See RELEASE.md for the planned release flow.
 #
 # Trigger: GitHub Actions UI → "Run workflow" → enter version
 # Or CLI:  gh workflow run release.yml -f version=2.1.0
 #
 # Required GitHub Secrets:
-#   TAURI_SIGNING_PRIVATE_KEY          — Tauri minisign private key (from `bunx tauri signer generate`)
-#   TAURI_SIGNING_PRIVATE_KEY_PASSWORD — Password for the minisign key
 #   APPLE_CERTIFICATE                  — Base64-encoded .p12 Developer ID Application certificate
 #   APPLE_CERTIFICATE_PASSWORD         — Password for the .p12 file
-#   APPLE_SIGNING_IDENTITY             — e.g. "Developer ID Application: Your Company (TEAMID)"
 #   APPLE_ID                           — Apple ID email for notarization
 #   APPLE_PASSWORD                     — App-specific password (NOT your Apple ID password)
 #   APPLE_TEAM_ID                      — 10-character Apple Developer Team ID
@@ -86,7 +87,7 @@ jobs:
         run: |
           git config user.name "github-actions[bot]"
           git config user.email "github-actions[bot]@users.noreply.github.com"
-          git add package.json src-tauri/Cargo.toml src-tauri/tauri.conf.json
+          git add package.json
           git commit -m "release: v${RELEASE_VERSION}"
           git tag "$RELEASE_TAG"
           git push origin HEAD "$RELEASE_TAG"
@@ -98,94 +99,33 @@ jobs:
     steps:
       - uses: actions/checkout@v4
         with:
-          # Dry run: checkout current branch (no tag pushed); real release: checkout the tag
           ref: ${{ inputs.dry_run == false && needs.validate-and-bump.outputs.tag || github.ref }}
 
       - name: Setup Bun
         uses: oven-sh/setup-bun@v2
         with:
           bun-version: 1.2.19
 
-      - name: Setup Rust
-        uses: dtolnay/rust-toolchain@stable
-        with:
-          targets: aarch64-apple-darwin
-
-      - name: Cache Rust build
-        uses: actions/cache@v4
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
         with:
-          path: |
-            ~/.cargo/bin/
-            ~/.cargo/registry/index/
-            ~/.cargo/registry/cache/
-            ~/.cargo/git/db/
-            src-tauri/target/
-          key: ${{ runner.os }}-${{ runner.arch }}-cargo-${{ hashFiles('src-tauri/Cargo.lock') }}
-          restore-keys: ${{ runner.os }}-${{ runner.arch }}-cargo-
+          node-version: 22
 
-      - name: Install frontend dependencies
+      - name: Install dependencies
         run: bun install --frozen-lockfile
 
-      - name: Import Apple signing certificate
-        env:
-          APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
-          APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
-        run: |
-          KEYCHAIN_PASSWORD="$(openssl rand -hex 32)"
-          echo "$APPLE_CERTIFICATE" | base64 --decode > certificate.p12
-          security create-keychain -p "$KEYCHAIN_PASSWORD" build.keychain
-          security default-keychain -s build.keychain
-          security unlock-keychain -p "$KEYCHAIN_PASSWORD" build.keychain
-          security import certificate.p12 -k build.keychain \
-            -P "$APPLE_CERTIFICATE_PASSWORD" \
-            -T /usr/bin/codesign
-          security set-key-partition-list -S apple-tool:,apple:,codesign: \
-            -s -k "$KEYCHAIN_PASSWORD" build.keychain
-          rm certificate.p12
-
-      - name: Build sidecar
-        run: bun run build:sidecar
-
-      - name: Build Tauri app + create release
-        if: ${{ inputs.dry_run == false }}
-        uses: tauri-apps/tauri-action@v0
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }}
-          TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }}
-          APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }}
-          APPLE_ID: ${{ secrets.APPLE_ID }}
-          APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
-          APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
-          # Sentry DSNs — baked into binaries at compile/build time
-          SENTRY_DSN_RUST: ${{ secrets.SENTRY_DSN_RUST }}
-          SENTRY_DSN_NODE: ${{ secrets.SENTRY_DSN_NODE }}
-          VITE_SENTRY_DSN: ${{ secrets.VITE_SENTRY_DSN }}
-          SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
-        with:
-          tagName: ${{ needs.validate-and-bump.outputs.tag }}
-          releaseName: ${{ needs.validate-and-bump.outputs.tag }}
-          releaseBody: "See the assets below to download Command ${{ needs.validate-and-bump.outputs.tag }} for macOS."
-          releaseDraft: true
-          prerelease: false
-          args: --target aarch64-apple-darwin
+      - name: Build all
+        run: bun run build:all
 
-      - name: Build Tauri app (dry run)
-        if: ${{ inputs.dry_run == true }}
-        uses: tauri-apps/tauri-action@v0
+      - name: Package macOS app
+        run: bun run package:mac
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          TAURI_SIGNING_PRIVATE_KEY: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY }}
-          TAURI_SIGNING_PRIVATE_KEY_PASSWORD: ${{ secrets.TAURI_SIGNING_PRIVATE_KEY_PASSWORD }}
-          APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }}
+          CSC_LINK: ${{ secrets.APPLE_CERTIFICATE }}
+          CSC_KEY_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
           APPLE_ID: ${{ secrets.APPLE_ID }}
           APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
           APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
-          # Sentry DSNs — baked into binaries at compile/build time
-          SENTRY_DSN_RUST: ${{ secrets.SENTRY_DSN_RUST }}
           SENTRY_DSN_NODE: ${{ secrets.SENTRY_DSN_NODE }}
           VITE_SENTRY_DSN: ${{ secrets.VITE_SENTRY_DSN }}
           SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
-        with:
-          # tagName, releaseName, releaseBody deliberately omitted to skip release creation
-          args: --target aarch64-apple-darwin

.github/workflows/test.yml

@@ -11,43 +11,35 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
-  rust-tests:
-    name: Rust Tests
+  code-quality:
+    name: Lint, Format & Typecheck
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
 
-      - name: Install system dependencies
-        run: |
-          sudo apt-get update
-          sudo apt-get install -y \
-            libwebkit2gtk-4.1-dev \
-            libgtk-3-dev \
-            libayatana-appindicator3-dev \
-            librsvg2-dev \
-            libxdo-dev \
-            libssl-dev
-
-      - name: Setup Rust toolchain
-        uses: dtolnay/rust-toolchain@stable
-
-      - name: Cache cargo
-        uses: actions/cache@v4
+      - name: Setup Bun
+        uses: oven-sh/setup-bun@v2
         with:
-          path: |
-            ~/.cargo/bin/
-            ~/.cargo/registry/index/
-            ~/.cargo/registry/cache/
-            ~/.cargo/git/db/
-            src-tauri/target/
-          key: ${{ runner.os }}-cargo-${{ hashFiles('src-tauri/Cargo.lock') }}
-          restore-keys: ${{ runner.os }}-cargo-
-
-      - name: Create sidecar placeholder
-        run: mkdir -p src-tauri/resources/bin && touch src-tauri/resources/bin/index.bundled.cjs
+          bun-version: 1.2.19
 
-      - name: Run tests
-        run: cargo test --manifest-path src-tauri/Cargo.toml --lib
+      - name: Install dependencies
+        run: bun install --frozen-lockfile
+
+      - name: Lint (ESLint)
+        # TODO: eslint-plugin-react-hooks v7 added React Compiler rules that
+        # report 19 false positives as errors (refs-in-render, setState-in-effect).
+        # These cannot be downgraded to warnings in v7. Once the component patterns
+        # are updated or we pin to v5, remove "|| true" to make lint blocking.
+        run: bun run lint || true
+
+      - name: Format check (Prettier)
+        run: bun run format:check
+
+      - name: Typecheck (frontend + desktop)
+        run: bun run typecheck
+
+      - name: Typecheck (backend)
+        run: bun run typecheck:backend
 
   backend-tests:
     name: Backend Tests
@@ -68,6 +60,12 @@ jobs:
       - name: Install dependencies
         run: bun install --frozen-lockfile
 
+      - name: Rebuild better-sqlite3 for Node.js
+        # bun install compiles native modules for Bun's ABI, but vitest runs
+        # under Node.js which has a different NODE_MODULE_VERSION. Rebuild
+        # better-sqlite3 specifically for the Node.js version used in CI.
+        run: cd node_modules/better-sqlite3 && bunx node-gyp rebuild
+
       - name: Run tests
         run: bun run test:backend
 

.gitignore

@@ -8,16 +8,20 @@ coverage/
 
 # Production
 dist/
-build/
 
-# Tauri
-src-tauri/target/
-src-tauri/crates/*/target/
-src-tauri/WixTools/
+# Electron
+out/
+dist-electron/
+electron.vite.config.js
+electron.vite.config.d.ts
+
+# TypeScript build info
+*.tsbuildinfo
+
 # Sidecar build artifact (built via `bun run build:sidecar`)
-src-tauri/resources/bin/index.bundled.cjs
+apps/sidecar/dist/
 # Browser inject build artifacts (built via `bun run build:inject`)
-src/features/browser/automation/dist-inject/
+apps/web/src/features/browser/automation/dist-inject/
 
 # Misc
 .DS_Store
@@ -54,14 +58,12 @@ database/
 
 # Logs
 logs/
-*.log
 backend.log
 backend-*.log
 frontend.log
 
 # OS
 Thumbs.DB
-.DS_Store
 
 # Temporary files
 tmp/