feat: Add GitHub Account Binding, One-click Sync & Security Updates

[Che-Zhu]

Summary

This PR introduces full GitHub integration capabilities, enabling users to bind their GitHub accounts via OAuth and synchronize their project code to a remote GitHub repository with a single click. It also includes critical security updates and UX improvements for a seamless authentication flow.

It addresses the need for users to easily backup their work and manage version control without leaving the application interface or manually using the command line.

Key Features

1. GitHub Account Binding (OAuth) & UX Improvements

• Account Linking: Implemented GitHub OAuth flow allowing logged-in users to bind their GitHub account to their existing identity.
• [NEW] Auto-prompt for Binding: Improved the UX by implementing a strict check for GitHub identity. If a user attempts to sync or commit without binding, the Settings Dialog automatically pops up and navigates to the GitHub tab, guiding the user to connect immediately.
• Security: Used state parameter with CSRF protection to prevent unauthorized binding attempts.
• Settings UI: Added a new "GitHub" tab in the Settings dialog to view binding status and unlink accounts.

2. One-click Repository Synchronization

• Auto Initialization: Automated the git init and GitHub repository creation process.
• AI-Enhanced Commits: Integrated claude CLI to automatically generate descriptive commit messages for staged changes.
• Remote Execution: Built a secure WebSocket-based execution pipeline (ttyd-exec) to run git commands directly in the user's sandbox environment.
• Status Indicator: Added a real-time repository status indicator in the bottom status bar, supporting instant sync and linking to the remote repo.

Security Updates

• Critical Dependency Update: Bumped next to 16.0.10 to address security vulnerabilities CVE-2025-55184 (DoS via malicious HTTP request) and CVE-2025-55183 (Source code exposure).
• Error Propagation: Enhanced repoService to strictly propagate GITHUB_NOT_BOUND error codes, ensuring precise frontend handling and preventing silent failures.

Technical Details

• Remote Execution (ttyd-exec): reliable command execution via WebSocket connection to the sandbox's ttyd instance, handling authentication and output parsing.
• Service Layer (RepoService): Encapsulates all git logic including createGithubRepo (via GitHub API) and pushToGithub (via git remote operations).
• Security: IDOR protection is enforced in getTtydContext, ensuring users can only execute commands on projects they explicitly own.

Verification Plan

• Account Binding: Verified that a user can successfully link and unlink a GitHub account.
• [NEW] Unbound UX: Verified that clicking "Sync to GitHub" without an account correctly triggers the Settings Dialog.
• Repo Creation: Verified that clicking "Sync to GitHub" creates a new private repository on the user's GitHub.
• Code Push: Verified that local changes are correctly committed (with AI messages) and pushed to the remote branch.
• Security: Verified that accessing another user's project execution context throws an unauthorized error, and verified the application build with the new Next.js version.

[Che-Zhu]

Please hold off on merging this PR. I have one more change to make.

It's missing one edge case: attempting to sync a project to GitHub without a linked GitHub account.

[github-actions]

✅ PR Check Results: Passed

Build Checks

Check	Status
Lint & Build	✅ Passed
Docker Build	✅ Passed

✨ Great work!

All checks passed successfully. Your PR is ready for review.

Details:

• ✅ Code quality verified (linting passed)
• ✅ Build successful
• ✅ Docker image build verified (linux/amd64)
  Commit: 90fdc60e39ff422918139a9acff68b8ed19e1299
  Branch: feat/github-account-binding

🔗 View Details:

• Lint & Build
• Docker Build

[Copilot]

Pull request overview

This PR introduces comprehensive GitHub integration features including OAuth account binding, one-click repository synchronization, and AI-enhanced git commits. It also addresses critical security vulnerabilities by updating Next.js from 16.0.7 to 16.0.10 to patch CVE-2025-55184 (DoS) and CVE-2025-55183 (source code exposure).

Key changes include:

• GitHub OAuth binding flow with CSRF protection for secure account linking
• Automated repository creation and code synchronization via WebSocket-based command execution
• UI improvements with auto-prompt for GitHub binding and real-time repository status indicator
• Security-focused error propagation for GITHUB_NOT_BOUND states

Reviewed changes

Copilot reviewed 9 out of 10 changed files in this pull request and generated 13 comments.

Show a summary per file

File	Description
pnpm-lock.yaml	Updates Next.js and related packages from 16.0.7 to 16.0.10 for security patches
package.json	Specifies Next.js version 16.0.10 as dependency
lib/util/ttyd-exec.ts	Adds optional timeout parameter to execCommand for longer-running git operations
lib/services/repoService.ts	New service implementing git repository initialization, GitHub repo creation, commit/push operations with ownership validation
components/layout/status-bar.tsx	Integrates RepoStatusIndicator component and makes project prop required
components/layout/repo-status-indicator.tsx	New component providing GitHub sync UI with loading states and Settings dialog integration
components/dialog/settings-dialog.tsx	Adds GitHub tab for account binding/unbinding with OAuth popup flow
app/api/user/github/route.ts	New API endpoints for retrieving GitHub binding status and unbinding accounts
app/api/user/github/bind/route.ts	Initiates GitHub OAuth flow with state parameter for CSRF protection
app/api/auth/github/callback/route.ts	Handles OAuth callback, validates state, exchanges code for token, and creates UserIdentity

Files not reviewed (1)

• pnpm-lock.yaml: Language not supported

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.