Implement native macOS GUI foundation with structured API helper

[jamesyc]

Implement native macOS GUI foundation with structured API helper

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: eec1bcb6ed

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[gemini-code-assist]

Code Review

This pull request introduces a structured Python backend and a macOS SwiftUI frontend to provide a graphical interface for TimeCapsuleSMB operations. The backend adds a JSON-based API mode for tasks such as device discovery, deployment, and maintenance, while the frontend manages the helper process and event streaming. Review feedback identifies several critical improvements, including resolving a potential deadlock when reading process output, ensuring configuration files are merged rather than overwritten, capturing stderr for better logging, and enhancing error diagnostics with tracebacks.

[jamesyc]

/gemini review

[gemini-code-assist]

Code Review

This pull request introduces a macOS GUI for TimeCapsuleSMB, featuring a SwiftUI application and a new Python-based structured API. The implementation includes a subprocess runner to execute the Python helper and a refactored backend to support event streaming and configuration management. Review feedback highlights the need for more idiomatic Swift Concurrency patterns in the subprocess runner to avoid polling and thread blocking. Additionally, the reviewer identified several locations in the Python operations where unvalidated type conversions of GUI parameters could cause crashes, and recommended updating a deprecated SwiftUI alert API.

[jamesyc]

/gemini review

[gemini-code-assist]

Code Review

This pull request introduces a structured app backend and a macOS GUI integration for TimeCapsuleSMB. The changes include a new Python-based API helper for structured communication, a Swift-based macOS application, and comprehensive unit tests for both. Feedback provided includes recommendations for localizing user-facing strings in the SwiftUI views, improving UTF-8 decoding safety in the Swift helper runner, implementing input size limits on stdin to prevent potential Denial of Service, and enhancing the jsonable utility to support Enum types.

[gemini-code-assist]

The ContentView and its subviews contain numerous hardcoded user-facing strings (e.g., "Readiness", "Discover And Connect", "Deploy", etc.). To support internationalization (i18n) and follow macOS development best practices, these strings should be moved to a .strings or .stringsdict file and accessed using LocalizedStringKey or the String(localized:) initializer.

[gemini-code-assist]

Using String(data:encoding:) with .utf8 can return nil if the Data was truncated in the middle of a multi-byte UTF-8 character sequence, which is possible here due to the limit applied in readCapped. Using String(decoding:as:) is safer as it will provide a string even if the data contains invalid or truncated sequences by using the Unicode replacement character.

Suggested change

	return String(data: output, encoding: .utf8) ?? ""
	return String(decoding: output, as: UTF8.self)

[gemini-code-assist]

Reading the entire content of sys.stdin into memory without a size limit can lead to excessive memory consumption or Denial of Service (DoS) if the input is unexpectedly large. It is safer to specify a reasonable maximum size for the expected JSON request.

    # Limit request size to 1MB to prevent memory exhaustion
    raw = sys.stdin.read(1024 * 1024)

[gemini-code-assist]

The jsonable helper function does not handle enum.Enum types. Since many models in the project likely use Enums, and asdict() on a dataclass preserves Enum members, json.dumps() will fail when encountering them. Adding explicit Enum handling ensures the function is robust for all project models.

Suggested change

	def jsonable(value: object) -> object:
	if is_dataclass(value):
	return jsonable(asdict(value))
	if isinstance(value, Path):
	return str(value)
	if isinstance(value, dict):
	return {str(key): jsonable(item) for key, item in value.items()}
	if isinstance(value, (list, tuple, set)):
	return [jsonable(item) for item in value]
	return value
	def jsonable(value: object) -> object:
	from enum import Enum
	if is_dataclass(value):
	return jsonable(asdict(value))
	if isinstance(value, Enum):
	return jsonable(value.value)
	if isinstance(value, Path):
	return str(value)
	if isinstance(value, dict):
	return {str(key): jsonable(item) for key, item in value.items()}
	if isinstance(value, (list, tuple, set)):
	return [jsonable(item) for item in value]
	return value

[jamesyc]

@codex review

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 175195804b

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Reject boolean values for integer API parameters

int_param currently accepts JSON booleans because int(True)/int(False) are valid in Python, so a request like {"mount_wait": true} is silently treated as 1 instead of being rejected. This creates hard-to-diagnose behavior (e.g., near-immediate timeouts) and is inconsistent with optional_int_param/float_param, which already reject booleans. The helper API should validate booleans as invalid integer input.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Include no_reboot in uninstall dry-run request

The uninstall dry-run button ignores the UI's No Reboot toggle by sending only dry_run=true, so the generated plan always assumes reboot is required (no_reboot defaults to false in the backend). This means users can review a plan that does not match the operation they intend to run, which is especially risky for destructive maintenance flows.

Useful? React with 👍 / 👎.

[jamesyc]

/gemini review

[gemini-code-assist]

Code Review

This pull request introduces a structured app backend and a macOS GUI for TimeCapsuleSMB, enabling non-interactive integration and a graphical user interface. Key additions include a Swift-based macOS application, a new Python api command for handling structured requests, and updates to existing CLI tools to support JSON output and new operational flags like --no-wait. The review feedback identifies a missing validation for the path parameter in the repair operation and points out unreachable dead code in the SSH configuration logic.

[gemini-code-assist]

The path parameter is not validated here. If it's missing from params, params.get("path") will be None, and args.path will be None. This will cause run_repair_structured to fail with a SystemExit when resolve_scan_root can't find a path, which is then caught as a generic operation_failed error. It's better to validate the parameter and fail with a validation_failed error.

Using require_string_param would be a good way to handle this.

Suggested change

	path=Path(str(params["path"])) if params.get("path") else None,
	path=Path(require_string_param(params, "path")),

[gemini-code-assist]

This code appears to be unreachable. The logic for should_enable and should_disable ensures that one of them is always true when no explicit mode (--enable or --disable) is selected. The if should_enable or if should_disable blocks seem to cover all possible paths and always return a value, so this error condition will never be hit. You should consider removing this dead code.