[Payment due @suneox] Fix isAttendeeTrackingEnabled default to true for Classic backwards compat

[MelvinBot]

Explanation of Change

For backwards compatibility with Expensify Classic, isAttendeeTrackingEnabled should default to true when the property is undefined on a policy. Classic-created Control policies don't have this field set, but attendee tracking was historically always enabled. The incorrect ?? false default caused two bugs:

1. The Attendee Tracking toggle appeared disabled in NewDot workspace settings for Classic-migrated policies
2. The "Attendees required" violation didn't fire until the toggle was manually enabled in NewDot

Changes:

• Updated all 7 ?? false nullish coalescing fallbacks to ?? true across the codebase
• Added ?? true at call sites that pass policy?.isAttendeeTrackingEnabled to AttendeeUtils functions (MoneyRequestConfirmationList, MoneyRequestView, CategorySettingsPage) — the function parameter defaults in AttendeeUtils.ts are intentionally not changed, since attendee tracking is restricted to Control policies and callers should explicitly pass the resolved value
• Fixed raw truthiness checks that treated undefined as false (ExpenseReportListItem guard, CategorySettingsPage pending action check)
• Added a special case in isPolicyFeatureEnabled() for IS_ATTENDEE_TRACKING_ENABLED to return true when the field is undefined, ensuring the useAdvancedSearchFilters selector and any other consumer of this utility correctly defaults

This is safe because violations only fire when a category has areAttendeesRequired=true (requires explicit admin action), so policies without required attendees categories will see no behavior change.

Fixed Issues

$ https://github.com/Expensify/Expensify/issues/617341

Tests

1. Create a Control policy in Classic (or simulate one where isAttendeeTrackingEnabled is not set on the policy object)
2. Open the policy in NewDot
3. Enable "Rules"
4. Verify that "Attendee Tracking" toggle shows as enabled in workspace settings
5. Edit a category and mark attendees as required
6. Create a new expense with that category without adding attendees
7. Verify that the expense gets a "Attendees required" violation
8. Verify that the attendee selector is visible (unchanged from before)
9. Verify that the attendee search filter appears in advanced search

• Verify that no errors appear in the JS console

Offline tests

N/A — this change only affects default values for a policy property. Offline behavior is unchanged since the fallback logic is applied at render time from cached policy data.

QA Steps

1. Find or create a Control policy that was originally created in Classic (where isAttendeeTrackingEnabled NVP is not set)
2. Open the policy in NewDot → Workspace Settings → Rules
3. Verify the "Attendee Tracking" toggle shows as enabled
4. Edit a category → mark "Attendees" as required
5. Create an expense with that category, do not add any attendees beyond yourself
6. Verify a "Attendees required" violation appears
7. Verify no regressions for policies where attendee tracking is explicitly disabled (toggle should still show as off, no violations)

• Verify that no errors appear in the JS console

PR Author Checklist

• I linked the correct issue in the ### Fixed Issues section above
• I wrote clear testing steps that cover the changes made in this PR
  • I added steps for local testing in the Tests section
  • I added steps for the expected offline behavior in the Offline steps section
  • I added steps for Staging and/or Production testing in the QA steps section
  • I added steps to cover failure scenarios (i.e. verify an input displays the correct error message if the entered data is not correct)
  • I turned off my network connection and tested it while offline to ensure it matches the expected behavior (i.e. verify the default avatar icon is displayed if app is offline)
  • I tested this PR with a High Traffic account against the staging or production API to ensure there are no regressions (e.g. long loading states that impact usability).
• I included screenshots or videos for tests on all platforms
• I ran the tests on all platforms & verified they passed on:
  • Android: Native
  • Android: mWeb Chrome
  • iOS: Native
  • iOS: mWeb Safari
  • MacOS: Chrome / Safari
• I verified there are no console errors (if there's a console error not related to the PR, report it or open an issue for it to be fixed)
• I followed proper code patterns (see Reviewing the code)
  • I verified that any callback methods that were added or modified are named for what the method does and never what callback they handle (i.e. toggleReport and not onIconClick)
  • I verified that comments were added to code that is not self explanatory
  • I verified that any new or modified comments were clear, correct English, and explained "why" the code was doing something instead of only explaining "what" the code was doing.
  • I verified any copy / text shown in the product is localized by adding it to src/languages/* files and using the translation method
    • If any non-english text was added/modified, I used JaimeGPT to get English > Spanish translation. I then posted it in #expensify-open-source and it was approved by an internal Expensify engineer. Link to Slack message:
  • I verified all numbers, amounts, dates and phone numbers shown in the product are using the localization methods
  • I verified any copy / text that was added to the app is grammatically correct in English. It adheres to proper capitalization guidelines (note: only the first word of header/labels should be capitalized), and is either coming verbatim from figma or has been approved by marketing (in order to get marketing approval, ask the Bug Zero team member to add the Waiting for copy label to the issue)
  • I verified proper file naming conventions were followed for any new files or renamed files. All non-platform specific files are named after what they export and are not named "index.js". All platform-specific files are named for the platform the code supports as outlined in the README.
  • I verified the JSDocs style guidelines (in STYLE.md) were followed
• If a new code pattern is added I verified it was agreed to be used by multiple Expensify engineers
• I followed the guidelines as stated in the Review Guidelines
• I tested other components that can be impacted by my changes (i.e. if the PR modifies a shared library or component like Avatar, I verified the components using Avatar are working as expected)
• I verified all code is DRY (the PR doesn't include any logic written more than once, with the exception of tests)
• I verified any variables that can be defined as constants (ie. in CONST.ts or at the top of the file that uses the constant) are defined as such
• I verified that if a function's arguments changed that all usages have also been updated correctly
• If any new file was added I verified that:
  • The file has a description of what it does and/or why is needed at the top of the file if the code is not self explanatory
• If a new CSS style is added I verified that:
  • A similar style doesn't already exist
  • The style can't be created with an existing StyleUtils function (i.e. StyleUtils.getBackgroundAndBorderStyle(theme.componentBG))
• If new assets were added or existing ones were modified, I verified that:
  • The assets are optimized and compressed (for SVG files, run npm run compress-svg)
  • The assets load correctly across all supported platforms.
• If the PR modifies code that runs when editing or sending messages, I tested and verified there is no unexpected behavior for all supported markdown - URLs, single line code, code blocks, quotes, headings, bold, strikethrough, and italic.
• If the PR modifies a generic component, I tested and verified that those changes do not break usages of that component in the rest of the App (i.e. if a shared library or component like Avatar is modified, I verified that Avatar is working as expected in all cases)
• If the PR modifies a component related to any of the existing Storybook stories, I tested and verified all stories for that component are still working as expected.
• If the PR modifies a component or page that can be accessed by a direct deeplink, I verified that the code functions as expected when the deeplink is used - from a logged in and logged out account.
• If the PR modifies the UI (e.g. new buttons, new UI components, changing the padding/spacing/sizing, moving components, etc) or modifies the form input styles:
  • I verified that all the inputs inside a form are aligned with each other.
  • I added Design label and/or tagged @Expensify/design so the design team can review the changes.
• If a new page is added, I verified it's using the ScrollView component to make it scrollable when more elements are added to the page.
• I added unit tests for any new feature or bug fix in this PR to help automatically prevent regressions in this user flow.
• If the main branch was merged into this PR after a review, I tested again and verified the outcome was still expected according to the Test steps.

Screenshots/Videos

Android: Native

N/A — no UI changes, only default value logic

Android: mWeb Chrome

N/A — no UI changes, only default value logic

iOS: Native

N/A — no UI changes, only default value logic

iOS: mWeb Safari

N/A — no UI changes, only default value logic

MacOS: Chrome / Safari

N/A — no UI changes, only default value logic

[francoisl]

@MelvinBot how about we add a

function isAttendeeTrackingEnabled(policy: OnyxEntry<Policy>): boolean {
    return isControlPolicy(policy) && policy?.isAttendeeTrackingEnabled ?? true;
}

function in src/libs/PolicyUtils.ts instead of changing the default everywhere?

[MelvinBot]

Great idea! I've added an isAttendeeTrackingEnabled(policy) helper to PolicyUtils.ts that centralizes the default logic:

function isAttendeeTrackingEnabled(policy: OnyxEntry<Policy>): boolean {
    return (isControlPolicy(policy) && policy?.isAttendeeTrackingEnabled) ?? true;
}

This combines the Control policy check with the ?? true backwards-compat default into a single function. All 10 call sites across the codebase now use this helper instead of repeating policy?.isAttendeeTrackingEnabled ?? true everywhere.

The one exception is useAdvancedSearchFilters.ts line 379 where policyDerived is a partial object without type — but that value is already correctly resolved via isPolicyFeatureEnabled (which also uses the new helper), so it doesn't need changing.

Pushed in 829f18e.

[MelvinBot]

Fixed the failing Prettier check: ran prettier on 3 files with formatting diffs (import line wrapping in ViolationsUtils.ts and import ordering in CategoryRequiredFieldsPage.tsx and IndividualExpenseRulesSection.tsx).

[MelvinBot]

Fixed the failing test (job 6) check: the useAdvancedSearchFilters tests for attendee filter visibility were creating TEAM-type policies, but the isAttendeeTrackingEnabled() function (added in this PR) requires a Control policy (CORPORATE type) via isControlPolicy(). Updated the three attendee-related test cases to use CONST.POLICY.TYPE.CORPORATE so the test policies match the real-world constraint.

[codecov]

Codecov Report

❌ Looks like you've decreased code coverage for some files. Please write tests to increase, or at least maintain, the existing level of code coverage. See our documentation here for how to interpret this table.

Files with missing lines	Coverage Δ
src/components/MoneyRequestConfirmationList.tsx	61.69% <ø> (-0.61%)	⬇️
...c/components/ReportActionItem/MoneyRequestView.tsx	66.74% <ø> (ø)
...Search/SearchList/ListItem/TransactionListItem.tsx	0.00% <ø> (ø)
src/hooks/useAdvancedSearchFilters.ts	96.42% <100.00%> (ø)
src/libs/PolicyUtils.ts	61.36% <100.00%> (+0.06%)	⬆️
src/libs/Violations/ViolationsUtils.ts	75.22% <100.00%> (ø)
...arch/SearchList/ListItem/ExpenseReportListItem.tsx	0.00% <0.00%> (ø)
src/libs/TransactionUtils/index.ts	83.68% <50.00%> (-0.02%)	⬇️
...orkspace/categories/CategoryRequiredFieldsPage.tsx	0.00% <0.00%> (ø)
...ages/workspace/categories/CategorySettingsPage.tsx	0.00% <0.00%> (ø)
... and 1 more
... and 21 files with indirect coverage changes

[francoisl]

@MelvinBot please add the test I mentioned, and pull main into the branch as it's getting quite far behind.

[francoisl]

@MelvinBot let's add a test to confirm that we show the attendee filter when the isAttendeeTrackingEnabled prop is absent

[MelvinBot]

Added a test that creates a Corporate policy without isAttendeeTrackingEnabled set (property explicitly deleted) and asserts the attendee filter is visible. All 18 tests pass.

[melvin-bot]

@suneox Please copy/paste the Reviewer Checklist from here into a new comment on this PR and complete it. If you have the K2 extension, you can simply click: [this button]

[MelvinBot]

Done — the test for absent isAttendeeTrackingEnabled was already added in the previous commit (84075f5), and I've now merged main into the branch (986deed). All 18 tests pass after the merge.

[melvin-bot]

@aimane-chnaif Please copy/paste the Reviewer Checklist from here into a new comment on this PR and complete it. If you have the K2 extension, you can simply click: [this button]

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 84075f531b

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

Align rollback state with new attendee default

This change makes Classic control policies resolve isAttendeeTrackingEnabled to true when the field is missing, but the toggle action still snapshots the original value with !!policy?.isAttendeeTrackingEnabled in setPolicyAttendeeTrackingEnabled(). For a legacy policy (undefined flag), toggling OFF and then hitting an API failure will roll back to false instead of the effective default true, leaving the setting incorrectly disabled until a full refetch. Please ensure rollback uses the same resolver (or preserves undefined) as this new defaulting logic.

Useful? React with 👍 / 👎.

[francoisl]

Yes it does

https://github.com/Expensify/App/blob/da3ad9bd51f6a2d7628/src/libs/actions/Policy/Policy.ts#L6187

[chatgpt-codex-connector]

Default attendee filter to hidden when policy data is absent

Changing this fallback to ?? true causes the ATTENDEE filter to be shown whenever policyDerived is temporarily undefined (e.g., initial Onyx load), unlike other feature-gated filters that default to hidden. That can surface an attendee filter in contexts where policy capabilities are not yet known and produce incorrect/flickering filter UI; the Classic compatibility behavior is already handled by isPolicyFeatureEnabled() once policy data is available.

Useful? React with 👍 / 👎.

[francoisl]

Hm maybe. You could also argue the opposite that we're not showing the attendee selector when we should. Not going to block on this.

[francoisl]

Not sure why MelvinBot decided to assign 2 C+s here, @aimane-chnaif hopefully you haven't started reviewing yet. I'll remove you since you were assigned second.

[francoisl]

@suneox are you able to start reviewing this today you think?

[suneox]

@suneox are you able to start reviewing this today you think?

Yes, I lost focus on this one and I will take a look at this one in few hours

[suneox]

Based on my analysis of latest main, I found 7 affected locations where undefined ?? false need to be verified.

Affected Areas

1. Toggle Display (IndividualExpenseRulesSection.tsx:202)
2. Checkbox Visibility (CategoryRequiredFieldsPage.tsx:40)
3. Violation Logic (ViolationsUtils.ts:501, TransactionUtils.ts:1690)
4. Badge Sync (ExpenseReportListItem.tsx:99,117, TransactionListItem.tsx:148)
5. Search Filter (useAdvancedSearchFilters.ts:379, PolicyUtils.ts feature check)
6. Pending Action (CategorySettingsPage.tsx:162)

Test Matrix

Test	Test Name	Page	Before	After
TC-001	Toggle State	Workspace → Settings → Rules	OFF ❌	ON ✅
TC-002	Attendees Switch Visibility	Workspace → Settings → Categories → [Category] → Required Fields	Hidden ❌	Visible ✅
TC-003	Violation Fires	Create Expense → New Expense	No violation ❌	Violation fires ✅
TC-004	Badge Sync	Search → Expense List	No badge ❌	Badge shows ✅
TC-005	Search Filter	Search → Advanced Filters	Hidden ❌	Visible ✅
TC-006	Pending Action	Category Settings (Offline)	No badge ❌	Badge shows ✅

[suneox]

Reviewer Checklist

• I have verified the author checklist is complete (all boxes are checked off).
• I verified the correct issue is linked in the ### Fixed Issues section above
• I verified testing steps are clear and they cover the changes made in this PR
  • I verified the steps for local testing are in the Tests section
  • I verified the steps for Staging and/or Production testing are in the QA steps section
  • I verified the steps cover any possible failure scenarios (i.e. verify an input displays the correct error message if the entered data is not correct)
  • I turned off my network connection and tested it while offline to ensure it matches the expected behavior (i.e. verify the default avatar icon is displayed if app is offline)
• I checked that screenshots or videos are included for tests on all platforms
• I included screenshots or videos for tests on all platforms
• I verified that the composer does not automatically focus or open the keyboard on mobile unless explicitly intended. This includes checking that returning the app from the background does not unexpectedly open the keyboard.
• I verified tests pass on all platforms & I tested again on:
  • Android: HybridApp
  • Android: mWeb Chrome
  • iOS: HybridApp
  • iOS: mWeb Safari
  • MacOS: Chrome / Safari
• If there are any errors in the console that are unrelated to this PR, I either fixed them (preferred) or linked to where I reported them in Slack
• I verified proper code patterns were followed (see Reviewing the code)
  • I verified that any callback methods that were added or modified are named for what the method does and never what callback they handle (i.e. toggleReport and not onIconClick).
  • I verified that comments were added to code that is not self explanatory
  • I verified that any new or modified comments were clear, correct English, and explained "why" the code was doing something instead of only explaining "what" the code was doing.
  • I verified any copy / text shown in the product is localized by adding it to src/languages/* files and using the translation method
  • I verified all numbers, amounts, dates and phone numbers shown in the product are using the localization methods
  • I verified any copy / text that was added to the app is grammatically correct in English. It adheres to proper capitalization guidelines (note: only the first word of header/labels should be capitalized), and is either coming verbatim from figma or has been approved by marketing (in order to get marketing approval, ask the Bug Zero team member to add the Waiting for copy label to the issue)
  • I verified proper file naming conventions were followed for any new files or renamed files. All non-platform specific files are named after what they export and are not named "index.js". All platform-specific files are named for the platform the code supports as outlined in the README.
  • I verified the JSDocs style guidelines (in STYLE.md) were followed
• If a new code pattern is added I verified it was agreed to be used by multiple Expensify engineers
• I verified that this PR follows the guidelines as stated in the Review Guidelines
• I verified other components that can be impacted by these changes have been tested, and I retested again (i.e. if the PR modifies a shared library or component like Avatar, I verified the components using Avatar have been tested & I retested again)
• I verified all code is DRY (the PR doesn't include any logic written more than once, with the exception of tests)
• I verified any variables that can be defined as constants (ie. in CONST.ts or at the top of the file that uses the constant) are defined as such
• If a new component is created I verified that:
  • A similar component doesn't exist in the codebase
  • All props are defined accurately and each prop has a /** comment above it */
  • The file is named correctly
  • The component has a clear name that is non-ambiguous and the purpose of the component can be inferred from the name alone
  • The only data being stored in the state is data necessary for rendering and nothing else
  • For Class Components, any internal methods passed to components event handlers are bound to this properly so there are no scoping issues (i.e. for onClick={this.submit} the method this.submit should be bound to this in the constructor)
  • Any internal methods bound to this are necessary to be bound (i.e. avoid this.submit = this.submit.bind(this); if this.submit is never passed to a component event handler like onClick)
  • All JSX used for rendering exists in the render method
  • The component has the minimum amount of code necessary for its purpose, and it is broken down into smaller components in order to separate concerns and functions
• If any new file was added I verified that:
  • The file has a description of what it does and/or why is needed at the top of the file if the code is not self explanatory
• If a new CSS style is added I verified that:
  • A similar style doesn't already exist
  • The style can't be created with an existing StyleUtils function (i.e. StyleUtils.getBackgroundAndBorderStyle(theme.componentBG)
• If the PR modifies code that runs when editing or sending messages, I tested and verified there is no unexpected behavior for all supported markdown - URLs, single line code, code blocks, quotes, headings, bold, strikethrough, and italic.
• If the PR modifies a generic component, I tested and verified that those changes do not break usages of that component in the rest of the App (i.e. if a shared library or component like Avatar is modified, I verified that Avatar is working as expected in all cases)
• If the PR modifies a component related to any of the existing Storybook stories, I tested and verified all stories for that component are still working as expected.
• If the PR modifies a component or page that can be accessed by a direct deeplink, I verified that the code functions as expected when the deeplink is used - from a logged in and logged out account.
• If the PR modifies the UI (e.g. new buttons, new UI components, changing the padding/spacing/sizing, moving components, etc) or modifies the form input styles:
  • I verified that all the inputs inside a form are aligned with each other.
  • I added Design label and/or tagged @Expensify/design so the design team can review the changes.
• If a new page is added, I verified it's using the ScrollView component to make it scrollable when more elements are added to the page.
• For any bug fix or new feature in this PR, I verified that sufficient unit tests are included to prevent regressions in this flow.
• If the main branch was merged into this PR after a review, I tested again and verified the outcome was still expected according to the Test steps.
• I have checked off every checkbox in the PR reviewer checklist, including those that don't apply to this PR.

Screenshots/Videos

Android: HybridApp

CleanShot.2026-04-07.at.03.04.23.1.mp4

Android: mWeb Chrome

CleanShot.2026-04-07.at.03.06.47.2.mp4

iOS: HybridApp

CleanShot.2026-04-07.at.03.07.43.mp4

iOS: mWeb Safari

CleanShot.2026-04-07.at.03.07.43.3.mp4

MacOS: Chrome / Safari

CleanShot.2026-04-07.at.02.43.38.4.mp4

CleanShot.2026-04-07.at.02.32.15.3.mp4

CleanShot.2026-04-07.at.02.30.58.2.mp4

CleanShot.2026-04-07.at.02.18.49.1.mp4

[suneox]

The current change set LGTM, and the functionality still works as expected.

[melvin-bot]

🎯 @suneox, thanks for reviewing and testing this PR! 🎉

A payment issue will be created for your review once this PR is deployed to production.
E/E issue linked to the PR - https://www.github.com/Expensify/Expensify/issues/617341.

If payment is not needed (e.g., regression PR review fix etc), react with 👎 to this comment to prevent the payment issue from being created.

[francoisl]

Yes it does

https://github.com/Expensify/App/blob/da3ad9bd51f6a2d7628/src/libs/actions/Policy/Policy.ts#L6187

[francoisl]

Hm maybe. You could also argue the opposite that we're not showing the attendee selector when we should. Not going to block on this.

[github-actions]

🚧 @francoisl has triggered a test Expensify/App build. You can view the workflow run here.

[github-actions]

🧪🧪 Use the links below to test this adhoc build on Android, iOS, and Web. Happy testing! 🧪🧪
Built from App PR #86818.

Android 🤖	iOS 🍎
https://ad-hoc-expensify-cash.s3.us-east-1.amazonaws.com/rock-artifacts/ad-hoc/rock-android-Adhoc-02b2574-b0990c7-6d19a789025720ce9b279fd461cca7e90674add1/index.html	https://ad-hoc-expensify-cash.s3.us-east-1.amazonaws.com/rock-artifacts/ad-hoc/rock-ios-device-AdHoc-02b2574-b0990c7-7769e75afc832ceb494d147f4334bb187b08273c/index.html

Web 🕸️
https://86818.pr-testing.expensify.com

---

👀 View the workflow run that generated this build 👀

[OSBotify]

✋ This PR was not deployed to staging yet because QA is ongoing. It will be automatically deployed to staging after the next production release.

[OSBotify]

🚀 Deployed to staging by https://github.com/francoisl in version: 9.3.58-0 🚀

platform	result
🕸 web 🕸	success ✅
🤖 android 🤖	success ✅
🍎 iOS 🍎	success ✅

Bundle Size Analysis (Sentry):

• Android
• iOS

[MelvinBot]

No help site changes are required for this PR.

The change corrects the internal default value of isAttendeeTrackingEnabled from false to true. I reviewed all attendee-related help articles under App/docs/articles:

• Workspace-Rules.md / Create-expense-categories.md — Document "Require attendees" as a category rule option but don't reference the toggle's default state
• Adding-Attendees.md — Describes how to add attendees; no mention of the toggle
• Fringe-Benefits.md — Covers FBT attendee count tags, unrelated to this toggle

None of these articles describe the default on/off state of the Attendee Tracking toggle, so the default value change creates no inaccuracy in the docs.