Auto-navigate to magic code on Travel CVV RHP mount

[MelvinBot]

Explanation of Change

The Travel CVV RHP's sole purpose is to reveal the CVV, which always requires a magic code. Currently the user must click "Reveal Details" before the magic code prompt appears — an unnecessary intermediate step.

This PR adds a useEffect in TravelCVVPage that auto-navigates to the verify account (magic code) page on first mount, so the magic code screen appears immediately when the RHP opens. The auto-navigate is guarded so it only fires when:

• CVV is not already revealed
• User is not a delegate
• User is not offline
• Account is not locked
• The Onyx ACCOUNT record has finished loading

A useRef flag ensures the effect fires at most once per mount, preventing re-triggering when the user cancels and returns. The existing "Reveal Details" button is preserved as a retry path after cancel, as the locked-account modal trigger, and as the fallback when coming back online.

Fixed Issues

$ #88964
PROPOSAL: #88964 (comment)

Tests

Prerequisite: You must have a Travel Card and have enabled the Travel beta

1. Go to the Account > Wallet page
2. In the Assigned cards section, tap on Travel Card
3. Make sure the Magic code is displayed immediately when the page opens

• Verify that no errors appear in the JS console

Offline tests

Prerequisite: Have a Travel Card + Travel beta enabled

1. Go to the Account > Wallet page
2. In the Assigned cards section, tap on Travel Card
3. Make sure the offline page appears (You appear to be offline)
4. Switch to online
5. Make sure the page with the Magic code opens immediately

QA Steps

// TODO: These must be filled out, or the issue title must include "[No QA]."

• Verify that no errors appear in the JS console

PR Author Checklist

• I linked the correct issue in the ### Fixed Issues section above
• I wrote clear testing steps that cover the changes made in this PR
  • I added steps for local testing in the Tests section
  • I added steps for the expected offline behavior in the Offline steps section
  • I added steps for Staging and/or Production testing in the QA steps section
  • I added steps to cover failure scenarios (i.e. verify an input displays the correct error message if the entered data is not correct)
  • I turned off my network connection and tested it while offline to ensure it matches the expected behavior (i.e. verify the default avatar icon is displayed if app is offline)
  • I tested this PR with a High Traffic account against the staging or production API to ensure there are no regressions (e.g. long loading states that impact usability).
• I included screenshots or videos for tests on all platforms
• I ran the tests on all platforms & verified they passed on:
  • Android: Native
  • Android: mWeb Chrome
  • iOS: Native
  • iOS: mWeb Safari
  • MacOS: Chrome / Safari
• I verified there are no console errors (if there's a console error not related to the PR, report it or open an issue for it to be fixed)
• I followed proper code patterns (see Reviewing the code)
  • I verified that any callback methods that were added or modified are named for what the method does and never what callback they handle (i.e. toggleReport and not onIconClick)
  • I verified that comments were added to code that is not self explanatory
  • I verified that any new or modified comments were clear, correct English, and explained "why" the code was doing something instead of only explaining "what" the code was doing.
  • I verified any copy / text shown in the product is localized by adding it to src/languages/* files and using the translation method
    • If any non-english text was added/modified, I used JaimeGPT to get English > Spanish translation. I then posted it in #expensify-open-source and it was approved by an internal Expensify engineer. Link to Slack message:
  • I verified all numbers, amounts, dates and phone numbers shown in the product are using the localization methods
  • I verified any copy / text that was added to the app is grammatically correct in English. It adheres to proper capitalization guidelines (note: only the first word of header/labels should be capitalized), and is either coming verbatim from figma or has been approved by marketing (in order to get marketing approval, ask the Bug Zero team member to add the Waiting for copy label to the issue)
  • I verified proper file naming conventions were followed for any new files or renamed files. All non-platform specific files are named after what they export and are not named "index.js". All platform-specific files are named for the platform the code supports as outlined in the README.
  • I verified the JSDocs style guidelines (in STYLE.md) were followed
• If a new code pattern is added I verified it was agreed to be used by multiple Expensify engineers
• I followed the guidelines as stated in the Review Guidelines
• I tested other components that can be impacted by my changes (i.e. if the PR modifies a shared library or component like Avatar, I verified the components using Avatar are working as expected)
• I verified all code is DRY (the PR doesn't include any logic written more than once, with the exception of tests)
• I verified any variables that can be defined as constants (ie. in CONST.ts or at the top of the file that uses the constant) are defined as such
• I verified that if a function's arguments changed that all usages have also been updated correctly
• If any new file was added I verified that:
  • The file has a description of what it does and/or why is needed at the top of the file if the code is not self explanatory
• If a new CSS style is added I verified that:
  • A similar style doesn't already exist
  • The style can't be created with an existing StyleUtils function (i.e. StyleUtils.getBackgroundAndBorderStyle(theme.componentBG))
• If new assets were added or existing ones were modified, I verified that:
  • The assets are optimized and compressed (for SVG files, run npm run compress-svg)
  • The assets load correctly across all supported platforms.
• If the PR modifies code that runs when editing or sending messages, I tested and verified there is no unexpected behavior for all supported markdown - URLs, single line code, code blocks, quotes, headings, bold, strikethrough, and italic.
• If the PR modifies a generic component, I tested and verified that those changes do not break usages of that component in the rest of the App (i.e. if a shared library or component like Avatar is modified, I verified that Avatar is working as expected in all cases)
• If the PR modifies a component related to any of the existing Storybook stories, I tested and verified all stories for that component are still working as expected.
• If the PR modifies a component or page that can be accessed by a direct deeplink, I verified that the code functions as expected when the deeplink is used - from a logged in and logged out account.
• If the PR modifies the UI (e.g. new buttons, new UI components, changing the padding/spacing/sizing, moving components, etc) or modifies the form input styles:
  • I verified that all the inputs inside a form are aligned with each other.
  • I added Design label and/or tagged @Expensify/design so the design team can review the changes.
• If a new page is added, I verified it's using the ScrollView component to make it scrollable when more elements are added to the page.
• I added unit tests for any new feature or bug fix in this PR to help automatically prevent regressions in this user flow.
• If the main branch was merged into this PR after a review, I tested again and verified the outcome was still expected according to the Test steps.

Screenshots/Videos

Android: Native

Android: mWeb Chrome

iOS: Native

iOS: mWeb Safari

MacOS: Chrome / Safari

[codecov]

Codecov Report

✅ Changes either increased or maintained existing code coverage, great job!

Files with missing lines	Coverage Δ
...es/settings/Wallet/TravelCVVPage/TravelCVVPage.tsx	0.00% <0.00%> (ø)
... and 41 files with indirect coverage changes

[Eskalifer1]

@MelvinBot let's update Test section as this:

Prerequisite: You must have a Travel Card and have enabled the Travel beta

1. Go to the Account > Wallet page
2. In the Assigned cards section, tap on Travel Card
3. Make sure the Magic code is displayed immediately when the page opens

To update the Offline Test, follow these steps:

Prerequisite: Have a Travel Card + Travel beta enabled

1. Go to the Account > Wallet page
2. In the Assigned cards section, tap on Travel Card
3. Make sure the offline page appears (You appear to be offline)
4. Switch to online
5. Make sure the page with the Magic code opens immediately

[MelvinBot]

Updated the Tests and Offline tests sections in the PR description as requested.

[Eskalifer1]

@MelvinBot Why do we use this check instead of isLoadingOnyxValue? Is there a specific reason for this?

[MelvinBot]

No specific reason — isLoadingOnyxValue would work just as well here. The account === undefined check is functionally equivalent since useOnyx returns undefined for data before the key is loaded, but using isLoadingOnyxValue with the result metadata is the more idiomatic pattern. Happy to switch to it if you'd prefer.

[Eskalifer1]

@MelvinBot Yep, let's switch to isLoadingOnyxValue - This is a more standard pattern than checking for undefined

[MelvinBot]

Done — switched to isLoadingOnyxValue(accountMetadata) and updated the dependency array.

[Eskalifer1]

@MelvinBot Currently, we’re including the entire accountMetadata object in the dependencies, even though we only need the status. This causes the useEffect to fire whenever the metadata changes, even when we don’t need it to (for example, if the reference to the object changes but the status value remains the same).

I suggest moving isLoadingOnyxValue(accountMetadata) outside of the useEffect and simply using a constant value inside the useEffect. If you don’t see any issues with this solution, then implement it.

[MelvinBot]

Done — moved isLoadingOnyxValue(accountMetadata) to a const isLoadingAccount outside the effect and updated the dependency array to use it instead of accountMetadata.

[Eskalifer1]

@codex review

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: c98bd610e1

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

Wait for lock state before auto-opening magic code

This auto-navigation gate relies on isAccountLocked, but that value defaults to false until NVP_PRIVATE_LOCK_ACCOUNT_DETAILS hydrates in LockedAccountModalProvider (lockAccountDetails?.isLocked ?? false). On cold start or slow Onyx hydration, a genuinely locked account can pass this condition and be pushed straight into the verify-account flow before the lock flag arrives, instead of showing the locked-account modal. Please gate auto-navigation on lock-account data readiness (or perform the lock check from a loaded source) before navigating.

Useful? React with 👍 / 👎.

[Eskalifer1]

@MelvinBot check this comment

[MelvinBot]

Valid concern — fixed in 7250e5f. The auto-navigate effect now also waits for NVP_PRIVATE_LOCK_ACCOUNT_DETAILS to finish loading before firing, so a locked account won't slip through during Onyx hydration.

[MelvinBot]

The concern is valid — isAccountLocked defaults to false before NVP_PRIVATE_LOCK_ACCOUNT_DETAILS hydrates from Onyx, so on cold start a locked account could bypass the guard. Fixed in 7250e5f by also waiting for that Onyx key to finish loading before auto-navigating.

[Eskalifer1]

@MelvinBot Check all the boxes (even the ones you couldn't verify—I've made sure everything is correct)

[MelvinBot]

All checklist boxes have been checked as requested.

[Eskalifer1]

@MelvinBot I think I found an issue with the navigation flow between Travel CVV pages.

Steps to reproduce:

1. Navigate to ROUTES.SETTINGS_WALLET_TRAVEL_CVV_VERIFY_ACCOUNT
2. Refresh the page
3. Attempt to go back to the Travel CVV page without entering the code

Actual result:
The user is immediately redirected back to the Verify Account page.

Expected result:
The user should be able to return to the Travel CVV page without being automatically redirected, unless there is a clear requirement preventing access.

This seems to be caused by useEffect we have added in this PR. What solution do you have, just propose, don't implement yet

[MelvinBot]

The useRef(false) guard at TravelCVVPage.tsx:55 resets to false on any full remount (browser refresh), so the useEffect fires again and redirects back to the verify account page.

Proposed fix: Check the navigation state before auto-navigating — if TRAVEL_CVV_VERIFY_ACCOUNT is already in the RHP stack (meaning the user came back from it), skip the auto-navigate. This can be done using useNavigationState or Navigation.getState() to inspect the current routes in the stack. If the verify account screen is found in the stack, the useEffect should bail out early, same as the other guards.

This preserves the auto-navigate UX on first entry while preventing the redirect loop on back-navigation after a refresh.

Alternative approaches considered

1. Remove auto-navigate entirely — revert to the manual "Reveal Details" button pattern used by ExpensifyCardPage. Simplest fix but loses the UX improvement from this PR.

2. Add a route param (autoNavigate) to TRAVEL_CVV — only pass it from the WalletPage entry point, not present on refresh. Requires updating Navigation/types.ts:229 and the linking config.

---

Next Steps: Reply with @MelvinBot implement this if you'd like me to implement the navigation state check, or @MelvinBot <your feedback> to refine the approach.

[Eskalifer1]

@MelvinBot propose code for you solution

[MelvinBot]

Here's the code change in this PR — a single file modified: TravelCVVPage.tsx.

What it does: Adds a useEffect that auto-navigates to the magic code (verify account) screen on first mount, removing the need for the user to manually click "Reveal Details".

// New imports
import {useRef} from 'react';
import isLoadingOnyxValue from '@src/types/utils/isLoadingOnyxValue';

// Inside TravelCVVPage():

// Pull metadata from useOnyx to know when loading is done
const [account, accountMetadata] = useOnyx(ONYXKEYS.ACCOUNT);
const [, lockAccountDetailsMetadata] = useOnyx(ONYXKEYS.NVP_PRIVATE_LOCK_ACCOUNT_DETAILS);

const isLoadingAccount = isLoadingOnyxValue(accountMetadata);
const isLoadingLockAccountDetails = isLoadingOnyxValue(lockAccountDetailsMetadata);

// Auto-navigate to the magic code screen on first mount so the user
// doesn't have to click "Reveal Details" manually.
const hasAutoNavigatedRef = useRef(false);
useEffect(() => {
    if (hasAutoNavigatedRef.current) {
        return;
    }
    // Wait for both Onyx records to load so guards are reliable
    if (isLoadingAccount || isLoadingLockAccountDetails) {
        return;
    }
    if (cvv || isSignedInAsDelegate || isOffline || isAccountLocked) {
        return;
    }
    hasAutoNavigatedRef.current = true;
    resetValidateActionCodeSent();
    Navigation.navigate(ROUTES.SETTINGS_WALLET_TRAVEL_CVV_VERIFY_ACCOUNT);
}, [isLoadingAccount, isLoadingLockAccountDetails, cvv, isSignedInAsDelegate, isOffline, isAccountLocked]);

Guards prevent auto-navigation when:

• CVV is already revealed (cvv is truthy)
• User is a delegate (isSignedInAsDelegate)
• User is offline (isOffline)
• Account is locked (isAccountLocked)
• Onyx data is still loading

The useRef flag ensures it fires at most once per mount. The existing "Reveal Details" button remains as a fallback for retry after cancel, locked-account modal, and coming back online.

[Eskalifer1]

@MelvinBot propose a solution you have mentioned here: #89251 (comment)

[MelvinBot]

Replace the useRef guard with a useNavigationState check that survives browser refresh. This follows the existing pattern in WorkspaceWorkflowsApprovalsApproverPage.tsx.

Three changes in TravelCVVPage.tsx:

1. Update imports (line 1 + add new import):

-import React, {useCallback, useEffect, useRef} from 'react';
+import React, {useCallback, useEffect} from 'react';
+import {useNavigationState} from '@react-navigation/native';

Add after ROUTES import (line 21):

 import ROUTES from '@src/ROUTES';
+import SCREENS from '@src/SCREENS';

2. Replace useRef guard with navigation state check (lines 55–56):

-    const hasAutoNavigatedRef = useRef(false);
+    const isVerifyAccountInStack = useNavigationState((state) =>
+        state.routes.some((route) => route.name === SCREENS.SETTINGS.WALLET.TRAVEL_CVV_VERIFY_ACCOUNT),
+    );

3. Update useEffect (lines 56–71):

     useEffect(() => {
-        if (hasAutoNavigatedRef.current) {
+        if (isVerifyAccountInStack) {
             return;
         }
         if (isLoadingAccount || isLoadingLockAccountDetails) {
@@ ... @@
         if (cvv || isSignedInAsDelegate || isOffline || isAccountLocked) {
             return;
         }
-        hasAutoNavigatedRef.current = true;
         resetValidateActionCodeSent();
         Navigation.navigate(ROUTES.SETTINGS_WALLET_TRAVEL_CVV_VERIFY_ACCOUNT);
-    }, [isLoadingAccount, isLoadingLockAccountDetails, cvv, isSignedInAsDelegate, isOffline, isAccountLocked]);
+    }, [isVerifyAccountInStack, isLoadingAccount, isLoadingLockAccountDetails, cvv, isSignedInAsDelegate, isOffline, isAccountLocked]);

Why this works: Both TRAVEL_CVV and TRAVEL_CVV_VERIFY_ACCOUNT are siblings in the same RHP stack. useNavigationState reads the actual navigation state (restored from URL on refresh), so if the verify-account screen is already in the stack — whether from a prior navigation or from URL restoration after refresh — the guard returns true and skips auto-navigate. Unlike useRef, this survives full remounts.

---

Next Steps: Reply with @MelvinBot implement this to apply these changes, or @MelvinBot <your feedback> to refine.

[Eskalifer1]

@MelvinBot can we combine both of them(ref+check in navigation) to achieve best result?

Something like this:

    // Auto-navigate to the magic code screen on first mount so the user
    // doesn't have to click "Reveal Details" manually.
    const hasAutoNavigatedRef = useRef(false);
    useEffect(() => {
        if (hasAutoNavigatedRef.current) {
            return;
        }
        if (isLoadingAccount || isLoadingLockAccountDetails) {
            return;
        }
        if (isVerifyAccountInStack) {
            hasAutoNavigatedRef.current = true;
            return;
        }

        if (cvv || isSignedInAsDelegate) {
            hasAutoNavigatedRef.current = true;
            return;
        }
        if (isOffline || isAccountLocked) {
            return;
        }
        hasAutoNavigatedRef.current = true;
        resetValidateActionCodeSent();
        Navigation.navigate(ROUTES.SETTINGS_WALLET_TRAVEL_CVV_VERIFY_ACCOUNT);
    }, [isLoadingAccount, isLoadingLockAccountDetails, cvv, isSignedInAsDelegate, isOffline, isAccountLocked, isVerifyAccountInStack]);

Idea: The effect is split into two types of exit conditions. Permanent ones — like the verify screen already being in the stack, CVV already revealed, or delegate access — set the ref to true because the situation won't change during this page visit, so there's no point re-checking. Transient ones — like loading states, being offline, or account being locked — don't touch the ref, so when those conditions resolve the effect re-runs and gets another chance to navigate.

[MelvinBot]

Done — combined the ref guard with the navigation stack check. The effect now distinguishes between:

• Permanent exits (isVerifyAccountInStack, cvv, isSignedInAsDelegate) → set the ref to prevent re-checks
• Transient exits (isOffline, isAccountLocked, loading states) → skip without setting the ref so the effect retries when conditions resolve

[MelvinBot]

⚠️ MelvinBot CI Fix Loop Detected

MelvinBot has made 5 consecutive commits trying to fix CI failures. Automatic CI fix dispatches are now paused for this PR.

Next steps: A human should review the recent commits and resolve the conflicting CI errors manually.

[MelvinBot]

Could you clarify what you'd like me to add? For example:

• A code comment above a specific line in the source code?
• Reproduce a previous comment's content somewhere?

Please let me know what text to add and where.

[Eskalifer1]

@MelvinBot Add a comment explaining why we aren't setting a ref here

[MelvinBot]

Summary of changes

This PR modifies TravelCVVPage.tsx to auto-navigate to the magic code (verify account) screen when the Travel CVV RHP opens, removing the extra "Reveal Details" tap.

How it works: A useEffect at lines 55–80 auto-navigates to SETTINGS_WALLET_TRAVEL_CVV_VERIFY_ACCOUNT on first mount. It uses a dual-guard strategy:

1. useRef flag — prevents the effect from firing more than once per mount (e.g. when the user cancels the magic code and returns).
2. useNavigationState check — detects if the verify-account screen is already in the navigation stack (survives browser refresh, unlike useRef alone).

Exit conditions are split by permanence:

Condition	Type	Behavior
Verify screen already in stack	Permanent	Sets ref, stops — user came back from it
CVV already revealed	Permanent	Sets ref, stops — nothing to do
Delegate access	Permanent	Sets ref, stops — delegates can't reveal CVV
Offline	Transient	Skips without setting ref — retries when back online
Account locked	Transient	Skips without setting ref — retries when unlocked
Onyx still loading	Transient	Skips without setting ref — retries when loaded

The existing "Reveal Details" button at line 90 is preserved as a fallback for retry after cancel, locked-account modal trigger, and coming-back-online scenarios.

[Eskalifer1]

@MelvinBot Move this part before if (isLoadingAccount || isLoadingLockAccountDetails) - Since it doesn't matter whether we've already loaded this data, if the user has already visited the confirmation page

And update comment - make it more detailed

[MelvinBot]

Done — moved the isVerifyAccountInStack check before the loading guards and expanded the comment to explain why it runs first (doesn't depend on Onyx data) and what it prevents (duplicate screen push after cancel/completion).

[MelvinBot]

Done — this was addressed in commit 1040f39. The isVerifyAccountInStack check now runs before the loading guards, and the comment explains why: it doesn't depend on Onyx data, so we can skip early regardless of loading state.

[Eskalifer1]

@MelvinBot I'm assigned as C+(you mentioned it before) on this PR and you have permission to mark this Ready for review

[MelvinBot]

I attempted to mark this PR as Ready for review, but I'm unable to execute that action due to environment permission restrictions. Please mark it as Ready for review manually from the GitHub UI.

[Eskalifer1]

@MelvinBot Mark PR as Ready for review

[MelvinBot]

I'm unable to mark this PR as ready for review due to environment permission restrictions. You can do this yourself by clicking Ready for review on the PR page, or by running:

gh pr ready 89251 --repo Expensify/App

[Eskalifer1]

Hi @blimpich, can you please mark this as ready for review? Seems like Melvin can't do it :)

[Eskalifer1]

Reviewer Checklist

• I have verified the author checklist is complete (all boxes are checked off).
• I verified the correct issue is linked in the ### Fixed Issues section above
• I verified testing steps are clear and they cover the changes made in this PR
  • I verified the steps for local testing are in the Tests section
  • I verified the steps for Staging and/or Production testing are in the QA steps section
  • I verified the steps cover any possible failure scenarios (i.e. verify an input displays the correct error message if the entered data is not correct)
  • I turned off my network connection and tested it while offline to ensure it matches the expected behavior (i.e. verify the default avatar icon is displayed if app is offline)
• I checked that screenshots or videos are included for tests on all platforms
• I included screenshots or videos for tests on all platforms
• I verified that the composer does not automatically focus or open the keyboard on mobile unless explicitly intended. This includes checking that returning the app from the background does not unexpectedly open the keyboard.
• I verified tests pass on all platforms & I tested again on:
  • Android: HybridApp
  • Android: mWeb Chrome
  • iOS: HybridApp
  • iOS: mWeb Safari
  • MacOS: Chrome / Safari
• If there are any errors in the console that are unrelated to this PR, I either fixed them (preferred) or linked to where I reported them in Slack
• I verified proper code patterns were followed (see Reviewing the code)
  • I verified that any callback methods that were added or modified are named for what the method does and never what callback they handle (i.e. toggleReport and not onIconClick).
  • I verified that comments were added to code that is not self explanatory
  • I verified that any new or modified comments were clear, correct English, and explained "why" the code was doing something instead of only explaining "what" the code was doing.
  • I verified any copy / text shown in the product is localized by adding it to src/languages/* files and using the translation method
  • I verified all numbers, amounts, dates and phone numbers shown in the product are using the localization methods
  • I verified any copy / text that was added to the app is grammatically correct in English. It adheres to proper capitalization guidelines (note: only the first word of header/labels should be capitalized), and is either coming verbatim from figma or has been approved by marketing (in order to get marketing approval, ask the Bug Zero team member to add the Waiting for copy label to the issue)
  • I verified proper file naming conventions were followed for any new files or renamed files. All non-platform specific files are named after what they export and are not named "index.js". All platform-specific files are named for the platform the code supports as outlined in the README.
  • I verified the JSDocs style guidelines (in STYLE.md) were followed
• If a new code pattern is added I verified it was agreed to be used by multiple Expensify engineers
• I verified that this PR follows the guidelines as stated in the Review Guidelines
• I verified other components that can be impacted by these changes have been tested, and I retested again (i.e. if the PR modifies a shared library or component like Avatar, I verified the components using Avatar have been tested & I retested again)
• I verified all code is DRY (the PR doesn't include any logic written more than once, with the exception of tests)
• I verified any variables that can be defined as constants (ie. in CONST.ts or at the top of the file that uses the constant) are defined as such
• If a new component is created I verified that:
  • A similar component doesn't exist in the codebase
  • All props are defined accurately and each prop has a /** comment above it */
  • The file is named correctly
  • The component has a clear name that is non-ambiguous and the purpose of the component can be inferred from the name alone
  • The only data being stored in the state is data necessary for rendering and nothing else
  • For Class Components, any internal methods passed to components event handlers are bound to this properly so there are no scoping issues (i.e. for onClick={this.submit} the method this.submit should be bound to this in the constructor)
  • Any internal methods bound to this are necessary to be bound (i.e. avoid this.submit = this.submit.bind(this); if this.submit is never passed to a component event handler like onClick)
  • All JSX used for rendering exists in the render method
  • The component has the minimum amount of code necessary for its purpose, and it is broken down into smaller components in order to separate concerns and functions
• If any new file was added I verified that:
  • The file has a description of what it does and/or why is needed at the top of the file if the code is not self explanatory
• If a new CSS style is added I verified that:
  • A similar style doesn't already exist
  • The style can't be created with an existing StyleUtils function (i.e. StyleUtils.getBackgroundAndBorderStyle(theme.componentBG)
• If the PR modifies code that runs when editing or sending messages, I tested and verified there is no unexpected behavior for all supported markdown - URLs, single line code, code blocks, quotes, headings, bold, strikethrough, and italic.
• If the PR modifies a generic component, I tested and verified that those changes do not break usages of that component in the rest of the App (i.e. if a shared library or component like Avatar is modified, I verified that Avatar is working as expected in all cases)
• If the PR modifies a component related to any of the existing Storybook stories, I tested and verified all stories for that component are still working as expected.
• If the PR modifies a component or page that can be accessed by a direct deeplink, I verified that the code functions as expected when the deeplink is used - from a logged in and logged out account.
• If the PR modifies the UI (e.g. new buttons, new UI components, changing the padding/spacing/sizing, moving components, etc) or modifies the form input styles:
  • I verified that all the inputs inside a form are aligned with each other.
  • I added Design label and/or tagged @Expensify/design so the design team can review the changes.
• If a new page is added, I verified it's using the ScrollView component to make it scrollable when more elements are added to the page.
• For any bug fix or new feature in this PR, I verified that sufficient unit tests are included to prevent regressions in this flow.
• If the main branch was merged into this PR after a review, I tested again and verified the outcome was still expected according to the Test steps.
• I have checked off every checkbox in the PR reviewer checklist, including those that don't apply to this PR.

Screenshots/Videos

Android: HybridApp

89251-android-native.mov

Android: mWeb Chrome

89251-android-web.mov

iOS: HybridApp

89251-ios-native.mov

iOS: mWeb Safari

89251-ios-web.mov

MacOS: Chrome / Safari

89251-web.mov

[melvin-bot]

@Eskalifer1 Please copy/paste the Reviewer Checklist from here into a new comment on this PR and complete it. If you have the K2 extension, you can simply click: [this button]

[Eskalifer1]

LGTM!

The isVerifyAccountInStack const was added to handle a super edge case: if a user navigates to the Magic Code page and reloads it, the ref will revert to its default value (since the entire app is refreshed); subsequently, if the user tries to press the back button, they will be immediately redirected back to the Magic Code page. This check specifically handles this edge case.

All your @blimpich!

[OSBotify]

✋ This PR was not deployed to staging yet because QA is ongoing. It will be automatically deployed to staging after the next production release.

[github-actions]

🚧 @blimpich has triggered a test Expensify/App build. You can view the workflow run here.

[github-actions]

🧪🧪 Use the links below to test this adhoc build on Android, iOS, and Web. Happy testing! 🧪🧪
Built from App PR #89251.

Android 🤖	iOS 🍎
https://ad-hoc-expensify-cash.s3.us-east-1.amazonaws.com/rock-artifacts/ad-hoc/rock-android-Adhoc-439275a-8a64e29-4593fa060f9deca77e0a5cd2471329234cf4fb95/index.html	https://ad-hoc-expensify-cash.s3.us-east-1.amazonaws.com/rock-artifacts/ad-hoc/rock-ios-device-AdHoc-439275a-8a64e29-4a1877f4cfe6abf34b1a711256d2002549e8f7e3/index.html

Web 🕸️
https://89251.pr-testing.expensify.com

---

👀 View the workflow run that generated this build 👀

[OSBotify]

🚀 Deployed to staging by https://github.com/blimpich in version: 9.3.65-0 🚀

platform	result
🕸 web 🕸	success ✅
🤖 android 🤖	success ✅
🍎 iOS 🍎	success ✅

Bundle Size Analysis (Sentry):

• Android
• iOS

[MelvinBot]

No help site changes are required for this PR.

The PR modifies the Travel Card CVV flow (TravelCVVPage.tsx) to auto-navigate to the magic code screen instead of requiring the user to click "Reveal Details" first. I searched all articles under App/docs/articles and found:

• new-expensify/expensify-card/Cardholder-Settings-and-Features.md documents a "Reveal Details" step — but this is for the Expensify Card virtual card details, not the Travel Card CVV page. These are separate flows backed by different components.
• travel/company-setup/Central-Billing.md covers travel card setup for central billing, not viewing card details/CVV.
• travel/getting-started/setting-up-your-profile/Adding-a-Company-Card-or-Personal-Card-for-Travel.md covers adding payment cards for travel bookings, not viewing CVV.

No existing article documents the Travel Card CVV viewing flow, so there is nothing to update.

[m-natarajan]

@blimpich @Eskalifer1 Is this one internal PR, if not how to assign a travel card?

[Eskalifer1]

Hi @m-natarajan I think you need to be added to the Workspace with a travel card. Or, someone from the internal team should test it.

[blimpich]

I can confirm it works, just tested it in staging

[izarutskaya]

Can I check it off the list?

[blimpich]

Yup!

[OSBotify]

🚀 Deployed to production by https://github.com/mountiny in version: 9.3.65-6 🚀

platform	result
🕸 web 🕸	success ✅
🤖 android 🤖	success ✅
🍎 iOS 🍎	success ✅