<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3257"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open in Devin Review">
  </picture>
</a>
<!-- devin-review-badge-end -->

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3259"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open in Devin Review">
  </picture>
</a>
<!-- devin-review-badge-end -->

This PR should fix CI build failure 
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3258"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open in Devin Review">
  </picture>
</a>
<!-- devin-review-badge-end -->

closes #1772 

When an AI request fails during build, the error popup would appear and
cover the retry button at the bottom of the chat, forcing users to
manually scroll down to access it. This fix adds an auto-scroll effect
that scrolls up ~150px when an error occurs, ensuring the retry button
remains visible and accessible above the error popup. This improves the
UX for error recovery scenarios.
before:
<img width="550" height="365" alt="Capture d&#39;écran 2026-04-18
031044"
src="https://github.com/user-attachments/assets/61b4108b-0732-469e-abae-bd6ba86ee7ab"
/>
after 
<img width="583" height="439" alt="Capture d&#39;écran 2026-04-18
030508"
src="https://github.com/user-attachments/assets/917ac306-a7eb-41ae-959c-aadf9d87b2c2"
/>

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3231"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

This is related to #3240, but likely does not fix the crash.

#3240 mentions heavy rate-limits from Supabase. This happens because
currently:
- we are polling the Supabase endpoint every 5 seconds, and
- we do not stop making requests when we get rate limited.

This PR makes a few changes:
1. When we get rate-limited by Supabase, we'll check the `Retry-After`
property that Supabase sends back. This tells us when Supabase will
allow us to make our next request, and we'll honor that value.
2. Changes the polling rate from once every 5 seconds to once every 15
seconds. From what I can tell the requests are just fetching logs from
the Supabase API, so I don't think that it's critical enough to need to
happen once every 5 seconds. If I'm wrong about this though, please
correct me.
3. Refactors `loadEdgeLogsMutation` into a `useQuery` call, which is
probably what we want it to be given that we're periodically polling an
API endpoint. The side effects can be handled in a separate `useEffect`
call, so the behavior should stay essentially the same. This does also
prevent us from making extra requests to the endpoint when we already
have an active request.

Also closes #3244.

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3250"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open in Devin Review">
  </picture>
</a>
<!-- devin-review-badge-end -->

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3254"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open in Devin Review">
  </picture>
</a>
<!-- devin-review-badge-end -->

## Summary
- Adds chat mode persistence to chats so Ask, Build, and Plan are
remembered per conversation.
- Resolves effective chat mode for chat creation and streaming paths,
including fallback metadata for the UI.
- Updates chat mode hooks, selectors, tab flows, and coverage for
persistence behavior.

## Test plan
- npm run fmt && npm run lint:fix && npm run ts
- npm test
- npm run build
- PLAYWRIGHT_HTML_OPEN=never npm run e2e -- e2e-tests/chat_mode.spec.ts

Generated with Codex

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3249"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open in Devin Review">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Will Chen <7344640+wwwillchen@users.noreply.github.com>

@azizmejri1 - I added an info banner with a link to
https://neon.com/docs/auth/production-checklist#email-provider under the
email verification toggle so users know to not rely on it for production

<img width="506" height="377" alt="image"
src="https://github.com/user-attachments/assets/7f403de7-de2f-462e-84c0-8eb0779af87a"
/>

## Summary
- Add a compact, clickable info banner below the Neon email verification
toggle that recommends configuring a custom email provider for
production.
- Link opens the Neon Auth production checklist (email provider
section).
- Add `integrations.neon.customEmailProviderHint` strings for English,
Portuguese (Brazil), and Chinese (Simplified).

## Test plan
- Open Neon integration for a connected Next.js app and confirm the
banner appears under email verification with correct copy.
- Click the banner and confirm the Neon docs open in the browser.

## Summary
- Escape the keppo-bot[bot] Bash case pattern so it matches the literal
bot login.
- Add RyanGroch to the privileged CI author allow-list for E2E test
routing.

## Test plan
- npm run fmt && npm run lint:fix && npm run ts
- npm test

#skip-bugbot
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3248"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open in Devin Review">
  </picture>
</a>
<!-- devin-review-badge-end -->

## Summary

Fixes the 6 `TimeoutError: locator.click: ... element is not enabled`
failures in `chat_tabs.spec.ts` and `per_chat_input.spec.ts` on CI run
[24692456779](https://github.com/dyad-sh/dyad/actions/runs/24692456779)
caused by a Lexical/jotai race during chat switches.

## Root cause

Trace + screenshot from the failing shards show chat 2 with an empty
input and a disabled Send button the moment the second `sendPrompt()`
runs. The race:

1. `clickNewChat()` navigates to chat 2 (`selectedChatIdAtom` flips, URL
updates, `ChatInput` re-renders with `chatId=2`).
2. Playwright's `fill()` into the Lexical editor fires
`OnChangePlugin.onChange` before React has flushed the atom update for
this render cycle.
3. `chatInputValueAtom`'s writer is keyed off `selectedChatIdAtom`, so
the typed text gets stored under the **previous** chat's slot.
4. On the next render `ExternalValueSyncPlugin` sees `value=""` for chat
2 and resets the editor to empty.
5. `inputValue.trim()` is empty → Send button stays `disabled` → 30s
click timeout.

Only the *second* `sendPrompt()` after a `clickNewChat()` fails, and
it's flaky because it depends on render/event ordering.

## Fix

Wrap `click → fill` in `expect.toPass()` and assert the editor actually
contains the prompt and the Send button is enabled before clicking. On a
dropped fill the loop re-runs once atoms settle, eliminating the race
deterministically. No product changes.

## Test plan

- [x] `npm run fmt && npm run lint && npm run ts`
- [ ] CI: chat_tabs.spec.ts and per_chat_input.spec.ts pass on shards
1/2

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3246"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open in Devin Review">
  </picture>
</a>
<!-- devin-review-badge-end -->
Co-authored-by: Will Chen <7344640+wwwillchen@users.noreply.github.com>
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

## Summary

Adds a new skill, `dyad:deflake-e2e-from-run`, for root-causing E2E
failures from a specific CI run by reading the Playwright HTML report
artifacts directly — traces, screenshots, error-context, and app
stdout/stderr — instead of rebuilding and rerunning locally.

This complements the existing `deflake-e2e` and
`deflake-e2e-recent-commits` skills, which drive *discovery* by
repeat-running tests. This new skill is for when you already have a
failing run and want to root-cause fast.

## What the skill covers

- Downloading the merged `html-report` artifact with `gh run download -R
dyad-sh/dyad -n html-report`.
- `jq` queries against `results.json` for `unexpected` vs `flaky` test
buckets.
- Matching trace `.zip` hashes (paths in `results.json` are CI-side;
files are local in `/tmp/pw-report/data/`).
- Reading `test.trace` as JSONL to extract the step timeline.
- Correlating with app IPC logs that show up as `stderr`/`stdout` trace
events (gold for race-condition root-causing — e.g. `(proposal_handlers)
› IPC: get-proposal returned: …` at failure time).
- A short playbook of common failure shapes (disabled-button-after-fill,
navigation races, cross-test state) and their usual fixes.

Derived from the workflow used to root-cause #3246.

## Test plan

- [x] Skill file follows the same frontmatter format as existing skills
in `.claude/skills/`.
- [x] Verified via the use case in #3246 (full investigation done
end-to-end using exactly these steps).

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3247"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open in Devin Review">
  </picture>
</a>
<!-- devin-review-badge-end -->
Co-authored-by: Will Chen <7344640+wwwillchen@users.noreply.github.com>
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

closes #2416 
This PR addresses the following improvements and fixes in the chat
message UI for assistant messages:

Commit Hash Display: The commit hash is now shown as a sibling to the
commit message in the metadata row, following the commit message and
icon.
Minimal Tooltip: The tooltip for the commit hash now displays only the
commit hash itself (no commit message or extra text), providing a clean
and focused UX.
Copy-to-Clipboard: Users can copy the full commit hash by clicking the
hash or copy icon
<img width="769" height="199" alt="image"
src="https://github.com/user-attachments/assets/9b28db64-6521-4ee7-b46c-a3b9e8ee9389"
/>


<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3191"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

#skip-bb
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3243"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open in Devin Review">
  </picture>
</a>
<!-- devin-review-badge-end -->

Closes #3185.

For context, a while back I had opened #2511 to close #1272. For some
reason the change got reverted, though, which I think is why #3185 was
opened.

This PR makes the essentially the same change as #2511, so it has the
"refactor" button tooltip show the full path of the file it's going to
refactor. #2511 also changed the width of the button, but I've changed
my mind on that.
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3237"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open in Devin Review">
  </picture>
</a>
<!-- devin-review-badge-end -->

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3241"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open in Devin Review">
  </picture>
</a>
<!-- devin-review-badge-end -->

### Context for review bots :

1.The agent can execute sql commands directly on production , this is
fine because they user may choose to start with a simple setup first and
use the production database directly (in a follow up PR we should give
the users the ability to sync dev branch to match production branch).The
user also has the possiblity to revert database changes .
2.Right now there’s no warning for destructive changes before migration
, this is fine for now as we're gonna add a follow up PR for this
3.When linking an existing neon project that doesnt have a developement
database , we're setting the default branch as the active branch . This
is fine because the user may prefer to start a simple setup at the
beginning and work directly on the production database , in addition
since the project was created outside dyad it may have a developement
branch named differently so it wouldnt be wise to auto create one here .
However, in a follow up PR we should allow the user to manually create
branches and sync dev branch to match production .
4.neon is only available for next.js now
5.We dont have enough tests for now, i am gonna add a follow-up PR to
cover this
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3178"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

This plan solves the React/Vite + Neon integration issue by adding a
server layer to the app using Nitro.

- Nitro deploys cleanly to Vercel

- API routes are automatically exposed as Vercel Functions

- it keeps the setup lightweight and requires minimal effort from both
the user and the AI agent
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3090"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

closes #3075 
Implements pause/resume functionality for the message queue processing
system, allowing users to pause automatic processing of queued messages
and selectively resume. Includes session-level persistence via
sessionStorage.


<img width="594" height="694" alt="Capture d&#39;écran 2026-03-26
045040"
src="https://github.com/user-attachments/assets/2cf9648f-7be1-466c-971c-e2e96faccd0d"
/>


9 comprehensive E2E test cases covering:
Pause/Resume button visibility
Pause functionality and message blocking
Resume processing
SessionStorage persistence (empty & non-empty cases)
Multiple pause/resume cycles
Per-chat isolation
Visual styling

When mid-turn compaction ran during a multi-step tool loop (e.g., after
web_crawl completed), injected user messages (like screenshots) were
registered at an array index based on the compacted message history. The
AI SDK's internal messages don't include the compaction summary, so in
subsequent steps the stale index caused the injected user message to
land between a tool_use and its tool_result, breaking the SDK's
validation.

Fix 1: Track the delta between compacted and SDK base message counts,
and adjust injection indices after prepareStepMessages runs so future
re-injections land at the correct position.

Fix 2: Add ensureToolResultOrdering() as a defensive safety net that
detects and fixes any user messages misplaced between tool_use/
tool_result pairs before returning from prepareStep.
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3213"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3194"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

## What changed
- switch the cloud sandbox upload client to a multipart
manifest-plus-file request instead of JSON `Record<string, string>`
payloads
- read synced files as raw bytes for both full and incremental uploads
while preserving `replaceAll`, `deletedFiles`, and queued incremental
sync behavior
- update the fake cloud sandbox server and desktop-side tests to
validate multipart uploads and binary byte preservation

## Why
The previous upload path decoded files as UTF-8 strings before sending
them to the engine, which corrupted binary assets and broke cloud
previews for files like images, fonts, and wasm.

## Impact
Desktop cloud sandbox syncs now send byte-exact file contents to the
engine, including incremental syncs.

## Compatibility
- depends on the engine multipart upload support in
dyad-sh/dyad-llm-engine#146
- the engine PR keeps legacy JSON uploads available for older desktop
clients, but this desktop change is required for binary-safe uploads

## Validation
- `npm test -- src/ipc/utils/cloud_sandbox_provider.test.ts`
- `npm run ts`
- `npm run lint`
- `npm run fmt:check`

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3188"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->
Co-authored-by: Will Chen <7344640+wwwillchen@users.noreply.github.com>

## Summary
- replace context_manage snapshot assertions with narrower UI and
dump-path checks
- wait for context rows to appear or disappear before continuing so the
picker interactions are deterministic
- remove the obsolete context_manage snapshot baselines

## Test plan
- npm run build
- PLAYWRIGHT_RETRIES=0 PLAYWRIGHT_HTML_OPEN=never npm run e2e --
e2e-tests/context_manage.spec.ts --repeat-each=10
- npm run fmt
- npm run lint:fix
- npm run ts
- npm test

#skip-bugbot
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3187"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Will Chen <7344640+wwwillchen@users.noreply.github.com>

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3179"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

- **Cloud sandbox**
- **docs: record session learnings**
- **settings: gate cloud sandbox behind experiment**
- **cloud: sync dirty paths incrementally**

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3177"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Will Chen <willchen90@gmail.com>
Co-authored-by: Will Chen <7344640+wwwillchen@users.noreply.github.com>

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3183"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

#skip-bb
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3176"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3173"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3172"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

## Summary
- remove unsupported `node-pty` artifacts before Windows signing runs,
including Darwin prebuild directories and the extra `bin` directory
- keep the supported Windows `node-pty` runtime binaries in place for
packaged app execution
- expand the Windows signing unit test to verify unsupported artifacts
are removed and Windows binaries remain

## Test plan
- npm run fmt
- npm run lint:fix
- npm run ts
- npm test

#skip-bugbot

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3171"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3170"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->
Co-authored-by: Claude <noreply@anthropic.com>

## Summary
- remove the two bundled node-pty PowerShell helper scripts before
Windows signing runs
- keep the Azure Trusted Signing flow unchanged for signable binaries
and libraries
- add a unit test covering the packaging cleanup helper

## Test plan
- npm run fmt
- npm run lint:fix
- npm run ts
- npm test

Generated with Claude Code
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3169"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Claude <noreply@anthropic.com>

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3168"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: claude[bot] <41898282+claude[bot]@users.noreply.github.com>

## Summary
- replace add-dependency command execution with a cross-platform
node-pty runner in the Electron main process
- preserve add-dependency output and failure handling while adding PTY
output normalization and command timeouts
- package node-pty correctly in Electron Forge by externalizing it from
Vite, rebuilding it, and unpacking its helper binaries

## Test plan
- npm run fmt
- npm run lint:fix
- npm run ts
- npm test
- npm run build

🤖 Generated with Claude Code
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3167"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Will Chen <7344640+wwwillchen@users.noreply.github.com>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
Co-authored-by: devin-ai-integration[bot] <158243242+devin-ai-integration[bot]@users.noreply.github.com>

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3165"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>

Chat input state management to use per-chat values
 
 Closes #3128 
 
 
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3129"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>

## Summary
- run Socket Firewall through `npx sfw@2.0.4` instead of relying on a
global install
- keep the socket firewall command path reproducible and avoid Windows
global path issues
- update command-shape assertions in the related IPC tests

## Test plan
- npm run fmt
- npm run lint:fix
- npm run ts
- npm test

<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3163"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Will Chen <7344640+wwwillchen@users.noreply.github.com>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>

## Summary
- accept `keppo-bot[bot]` in GitHub Actions author checks that read raw
`github.*` logins
- switch Claude PR Review to `allowed_bots: \"keppo-bot[bot]\"` instead
of treating the bot as a non-write user
- trust `copilot-pull-request-reviewer` in the PR comment-fixing skill

## Test plan
- `npm run fmt`
- `npm run lint:fix`
- `npm run ts`
- `npm test`

🤖 Generated with [Claude Code](https://claude.com/claude-code)
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3162"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

---------
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Will Chen <7344640+wwwillchen@users.noreply.github.com>

This PR changes the SQLite database setting to use WAL (Write-Ahead
Logging) mode. From what I can tell, it should be an easy performance
improvement with no real downside for our case. Documentation is here:
https://sqlite.org/wal.html

Also, the [docs for
better-sqlite3](https://www.npmjs.com/package/better-sqlite3) explicitly
recommend it:

> Though not required, it is generally important to set the WAL pragma
for performance reasons.

I came across this as I was looking into the issue where the chat code
blocks slow down Dyad's framerate. I'm not entirely sure whether this is
related, but I did notice that sometimes database calls were taking a
lot longer than I expected, and that would cause Dyad's framerate to
drop significantly on my machine. This change seems to be an improvement
in that regard, so it might also have an effect on the code blocks issue
as well.

It's hard to accurately benchmark this because its effect is only
substantial when there are multiple database calls going on at the same
time. I can definitely attempt a benchmark if that would be worthwhile
though.
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3140"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->

#skip-bb
<!-- devin-review-badge-begin -->

---

<a href="https://app.devin.ai/review/dyad-sh/dyad/pull/3161"
target="_blank">
  <picture>
<source media="(prefers-color-scheme: dark)"
srcset="https://static.devin.ai/assets/gh-open-in-devin-review-dark.svg?v=1">
<img
src="https://static.devin.ai/assets/gh-open-in-devin-review-light.svg?v=1"
alt="Open with Devin">
  </picture>
</a>
<!-- devin-review-badge-end -->
Co-authored-by: Claude <noreply@anthropic.com>

Co-authored-by: Claude <noreply@anthropic.com>