Merge branch 'main' into dev

[nathanialhenniges]

Summary by CodeRabbit

• New Features

  • Native Twitch device-code auth UI (dialog/window) and streamlined authorization flow
  • Redesigned Settings with sidebar, accessibility improvements, and advanced reset controls
  • Updated Twitch integration UI (reauth, connection states) and Twitch bot command support for current/last song
  • Menu bar Now Playing improvements and settings window enhancements

• Bug Fixes

  • More resilient Twitch networking, reconnection, rate-limiting and credential handling
  • Safer Keychain error reporting and credential persistence

• Documentation

  • Accessibility and UI text refinements across settings and Twitch screens

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Caution

Review failed

The pull request is closed.

Walkthrough

Adds centralized AppConstants, expanded Twitch OAuth/device-code flow and UI (dialogs/window controller), improved TwitchChatService thread-safety/rate-limit handling, Keychain error handling, large SettingsView/Twitch UI refactors, AppDelegate-based lifecycle/menu integration, and entitlements for keychain access.

Changes

Cohort / File(s)	Summary
Core Constants src/wolfwave/Core/AppConstants.swift	New centralized AppConstants enum with nested namespaces for app identity, notifications, UserDefaults keys, dock visibility, Keychain service, music/Twitch constants, dispatch queue labels, UI/timing/menu constants, and settings defaults.
Keychain & Entitlements src/wolfwave/Core/KeychainService.swift, src/wolfwave/wolfwave.entitlements, src/wolfwave/wolfwave.dev.entitlements	KeychainService adds KeychainError: LocalizedError and enhanced docs; entitlements files add com.apple.security.keychain-access-groups.
Logging & Monitoring src/wolfwave/Core/Logger.swift, src/wolfwave/Monitors/MusicPlaybackMonitor.swift	Logger: debug logging gated by isDebugLoggingEnabled (DEBUG builds) and moved to nonisolated static funcs; MusicPlaybackMonitor: reduced logging/doc cleanup, behavior preserved.
Twitch Device Auth & UI src/wolfwave/Services/Twitch/TwitchDeviceAuth.swift, src/wolfwave/Views/Twitch/DeviceCodeView.swift, src/wolfwave/Views/Twitch/TwitchDeviceAuthDialog.swift, src/wolfwave/Views/Twitch/TwitchDeviceAuthWindowController.swift	Adds TwitchDeviceCodeResponse, TwitchDeviceAuthError, improved requestDeviceCode()/pollForToken() (structured errors, backoff, progress); new DeviceCode UI, dialog, and window controller with copy/open actions and feedback.
Twitch Chat Service src/wolfwave/Services/Twitch/TwitchChatService.swift	Converts class to @unchecked Sendable, adds locks, NWPathMonitor reconnection, rate-limit scaffolding/queuing, credential/reconnect handling, message validation/truncation, and safer EventSub parsing.
Twitch Commands src/wolfwave/Services/Twitch/Commands/*	Expanded docs; dispatcher trims/guards messages (rejects empty/>500 chars), assigns song callbacks; SongCommand/LastSongCommand default messages and 500-char truncation.
Settings & Widgets src/wolfwave/Views/SettingsView.swift, src/wolfwave/Views/*SettingsView.swift	Large SettingsView refactor (sidebar List, NavigationSplitView, SettingsSection enum), wired to AppConstants, keyboard/escape handling, reset consolidation; accessibility tweaks across AppVisibility, MusicMonitor, Advanced (adds @Binding showingResetAlert), WebSocket view marked WIP/disabled inputs.
Twitch Settings & ViewModel src/wolfwave/Views/Twitch/TwitchSettingsView.swift, src/wolfwave/Views/Twitch/TwitchViewModel.swift, src/wolfwave/Views/Twitch/TwitchReauthView.swift	TwitchSettingsView reorganized into authCard states; SignedInView and StatusChip refactor; channel validation and disconnect confirmation. TwitchViewModel adds IntegrationState, oAuthTask, cached service handling, loadSavedCredentials() and cancelOAuth(), and stronger OAuth/credential lifecycle. TwitchReauthView refactor to dialog-style flow.
App Entry / AppDelegate src/wolfwave/WolfWaveApp.swift	Adds AppDelegate managing lifecycle, menu bar now-playing menu, settings window/toolbar, dock visibility modes, music tracking integration, Twitch callbacks for bot commands, and uses AppConstants throughout.
Docs & Misc CHANGELOG.md, README.md, docs/app/(home)/page.tsx	Updated changelog to v1.0.0, condensed README copy, and landing page content/branding adjustments.

Sequence Diagram(s)

sequenceDiagram
    actor User
    participant SettingsView
    participant TwitchViewModel
    participant TwitchDeviceAuth
    participant TwitchChatService

    User->>SettingsView: Tap "Get Started with Twitch"
    SettingsView->>TwitchViewModel: startOAuth()
    TwitchViewModel->>TwitchDeviceAuth: requestDeviceCode()
    TwitchDeviceAuth-->>TwitchViewModel: TwitchDeviceCodeResponse
    TwitchViewModel->>SettingsView: set auth state => authorizing
    SettingsView->>User: show DeviceCodeView

    User->>DeviceCodeView: Copy code / Open activation URL
    User->>TwitchDeviceAuth: Authorize via Twitch (external)

    par Polling loop
        TwitchViewModel->>TwitchDeviceAuth: pollForToken(deviceCode, interval, expiresIn)
        TwitchDeviceAuth-->>TwitchViewModel: token or OAuth error (authorization_pending / slow_down / access_denied / expired_token)
    end

    TwitchViewModel->>TwitchChatService: connect(with: token)
    TwitchChatService->>TwitchChatService: establish connection, join channel
    TwitchChatService-->>TwitchViewModel: connection state -> connected
    TwitchViewModel->>SettingsView: update UI -> connected

Loading

Estimated code review effort

🎯 5 (Critical) | ⏱️ ~120 minutes

Possibly related PRs

• Merge branch 'main' into dev #3 — Overlaps AppConstants, Keychain, Logger, Twitch services and SettingsView; likely the same or closely overlapping changes.
• Changed the UI a little bit plus make some improvements. #1 — Adds/edits AppConstants.swift and related settings/Twitch wiring; strong code-level overlap.
• Dev #2 — Touches TwitchViewModel.swift (deinit/cleanup) and may interact with the new OAuth/lifecycle changes here.

Poem

🐰 I bundled constants neat and tight,
I hopped through OAuth late at night,
Copied codes, opened doors wide,
Bot commands sing from the menu-side,
WolfWave hums — hop, authorize, delight!

🚥 Pre-merge checks | ✅ 1 | ❌ 2

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Title check	⚠️ Warning	The PR title 'Merge branch 'main' into dev' does not accurately reflect the actual changes—it's a generic merge commit message. The changeset implements substantial features including AppConstants, enhanced Twitch device auth, TwitchChatService thread-safety, settings UI refactoring, and multiple new components, none of which are conveyed by this generic title.	Replace with a descriptive title summarizing the main changes, such as 'Add AppConstants, enhance Twitch auth flow, and refactor settings UI' or similar to clearly communicate the primary work.
Docstring Coverage	⚠️ Warning	Docstring coverage is 70.21% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 8

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (4)

src/wolfwave/Services/Twitch/TwitchChatService.swift (1)

383-389: Reset isProcessingDisconnect on reconnect to avoid dropping all messages.

Line 616 sets isProcessingDisconnect = true, and handleEventSubMessage early‑returns while it’s true. There’s no reset when a new connection is established, so future messages are ignored after a disconnect/reconnect cycle.

🐛 Proposed fix (clear the flag on join)

-        self.botUsername = nil
-        hasSentConnectionMessage = false
+        self.botUsername = nil
+        disconnectLock.withLock { isProcessingDisconnect = false }
+        hasSentConnectionMessage = false

Also applies to: 616-639

src/wolfwave/Monitors/MusicPlaybackMonitor.swift (1)

209-211: Duplicate MARK comment.

There are two consecutive // MARK: - Setup & Scheduling comments on lines 209 and 211. Remove the duplicate.

Proposed fix

     // MARK: - Setup & Scheduling
     
-    // MARK: - Setup & Scheduling
-    
     /// Subscribes to distributed notifications from Music.app.

src/wolfwave/Views/Twitch/TwitchViewModel.swift (2)

188-225: Guard against duplicate NotificationCenter observers.

loadSavedCredentials() registers observers each time it's called. Since it's triggered by .onAppear in TwitchSettingsView, repeated view presentations will register duplicate observers, causing redundant callbacks during the object's lifetime despite proper cleanup in deinit.

Add a guard flag to register observers only once:

Suggested fix

    /// Cached reference to the Twitch chat service
    private var cachedTwitchService: TwitchChatService?
+   private var observersRegistered = false

    func loadSavedCredentials() {
        if let username = KeychainService.loadTwitchUsername() {
            botUsername = username
        }
        if let token = KeychainService.loadTwitchToken() {
            oauthToken = token
            credentialsSaved = true
        }
        if let channel = KeychainService.loadTwitchChannelID() {
            channelID = channel
        }
        
        // Load reauth needed flag from UserDefaults
        reauthNeeded = UserDefaults.standard.bool(forKey: AppConstants.UserDefaults.twitchReauthNeeded)
+
+       guard !observersRegistered else { return }
+       observersRegistered = true

        NotificationCenter.default.addObserver(
            self,
            selector: `#selector`(reAuthStatusChanged),
            name: NSNotification.Name(AppConstants.Notifications.twitchReauthNeededChanged),
            object: nil
        )

---

271-342: Handle CancellationError in the outer catch block to prevent error UI on OAuth cancellation.

When oAuthTask is cancelled during requestDeviceCode() (line 295), the outer catch block (lines 336–342) will catch the CancellationError and display an error state. The inner polling task already handles this correctly by checking if !(error is CancellationError) before showing errors (line 327). Apply the same pattern to the outer catch to avoid surfacing error messages when cancellation is intentional.

🛠️ Proposed fix

             } catch {
+                if error is CancellationError {
+                    await MainActor.run { self.oAuthTask = nil }
+                    return
+                }
                 updateAuthState(.error(error.localizedDescription))
                 statusMessage = "❌ OAuth setup failed: \(error.localizedDescription)"
                 await MainActor.run {
                     self.oAuthTask = nil
                 }
             }

🤖 Fix all issues with AI agents

In `@src/wolfwave/Services/Twitch/TwitchChatService.swift`:
- Around line 95-99: The boolean hasSentConnectionMessage is accessed from
multiple threads and must be protected by the existing connectionLock; update
all reads and writes of hasSentConnectionMessage (including where it is set in
joinChannel() and where it is read on the main thread around lines referenced)
to perform the access inside connectionLock.sync (or the same locking pattern
used elsewhere in TwitchChatService) so the property is always read/modified
under connectionLock; ensure the declaration stays private and remove
unsynchronized accesses in methods that currently reference
hasSentConnectionMessage directly.

In `@src/wolfwave/Views/Twitch/TwitchDeviceAuthDialog.swift`:
- Around line 168-179: The two delayed resets in TwitchDeviceAuthDialog.swift
are mismatched: isCodeCopied is reset at 1.5s while showCopyFeedback is
dismissed at 2.0s, causing the button icon to revert before the toast hides;
change the isCodeCopied reset to use the same delay as showCopyFeedback (use
.now() + 2.0) or move the isCodeCopied = false assignment inside the same
DispatchQueue.main.asyncAfter block that hides showCopyFeedback so both state
and UI dismiss in sync.
- Around line 148-155: The deviceCode is interpolated directly into the URL in
TwitchDeviceAuthDialog (within the DispatchQueue.main.asyncAfter closure) and
must be URL-encoded to avoid malformed URLs; change the URL construction to
percent-encode deviceCode (e.g., via
addingPercentEncoding(withAllowedCharacters: .urlQueryAllowed) or by building
the URL with URLComponents/URLQueryItem) and only call
NSWorkspace.shared.open(url) if encoding/URL construction succeeds, otherwise
handle the failure (e.g., log or call onAuthorizePressed without opening).

In `@src/wolfwave/Views/Twitch/TwitchDeviceAuthWindowController.swift`:
- Around line 57-58: Doc says the controller should follow macOS system
appearance but the code forces window.appearance = NSAppearance(named: .aqua);
update the behavior by removing or clearing the forced appearance (remove the
assignment to window.appearance or set it to nil) in
TwitchDeviceAuthWindowController so the window inherits the system light/dark
setting, or alternatively update the class doc comment to reflect the forced
.aqua appearance if keeping it intentionally.
- Around line 80-87: The show() method creates a local
TwitchDeviceAuthWindowController that is not retained and can be deallocated
while its window is open; fix this by adding a stored property (e.g., var
retainedTwitchController: TwitchDeviceAuthWindowController?) on the same class
and assign the newly created TwitchDeviceAuthWindowController to that property
inside show(), then clear the property when the window closes (observe the
controller/window close via windowWillClose, completion handler, or
NSWindowDelegate) so the controller is retained while visible and released
afterward.

In `@src/wolfwave/Views/Twitch/TwitchReauthView.swift`:
- Around line 93-117: The copy button in TwitchReauthView's authorizingContent
currently only sets viewModel.statusMessage and doesn't actually copy the device
code; update the Button(action:) closure to write viewModel.authState.userCode
to the macOS pasteboard using NSPasteboard (same approach as
DeviceCodeView.swift and TwitchDeviceAuthDialog.swift), ensure you clear and set
the pasteboard contents (e.g., declare pasteboard = NSPasteboard.general;
pasteboard.clearContents(); pasteboard.setString(...)), then set
viewModel.statusMessage = "Code copied to clipboard!" after the pasteboard write
so the behavior matches the other implementations.

In `@src/wolfwave/Views/Twitch/TwitchViewModel.swift`:
- Around line 454-497: The joinChannel() flow currently uses optional chaining
on self.twitchService so connectToChannel(...) can be skipped when twitchService
is nil, yet channelConnected is still set true; add an explicit guard let
service = self.twitchService (or early return) before setting
service?.shouldSendConnectionMessageOnSubscribe and calling try await
service.connectToChannel(...), and only set self.channelConnected = true after a
successful connectToChannel call on the non-optional service; ensure the same
ConnectionError/Error handling remains but references the unwrapped service
variable instead of self.twitchService.

In `@src/wolfwave/Views/WebSocket/WebSocketSettingsView.swift`:
- Around line 67-74: The hover handlers using onContinuousHover are repeatedly
calling NSCursor.pointingHand.push() and causing unmatched pushes; replace each
onContinuousHover { phase in ... } block with an onHover { isInside in ... }
handler so you call NSCursor.pointingHand.push() once when isInside is true and
NSCursor.pop() when isInside is false; update the four occurrences in
WebSocketSettingsView.swift (the closures that currently reference
NSCursor.pointingHand.push() / NSCursor.pop()) so the push/pop are paired by
onHover rather than the repeated .active events from onContinuousHover.

🧹 Nitpick comments (10)

src/wolfwave/Monitors/MusicPlaybackMonitor.swift (1)

42-57: Consider using centralized AppConstants.

The local Constants enum duplicates values that exist in AppConstants.Music (bundleIdentifier, playerInfoNotification) and AppConstants.DispatchQueues (musicPlaybackMonitor). While the current approach is functional, consider referencing AppConstants for consistency across the codebase.

src/wolfwave/Core/KeychainService.swift (3)

63-78: Unused error case invalidData.

KeychainError.invalidData is defined but never thrown anywhere in the codebase. Either remove it or add it to load operations that encounter corrupted data.

Option 1: Remove unused case

 enum KeychainError: LocalizedError {
     /// Failed to save data to Keychain with given Security framework status code.
     case saveFailed(OSStatus)
-        
-    /// Invalid or corrupted data read from Keychain.
-    case invalidData

     var errorDescription: String? {
         switch self {
         case .saveFailed(let status):
             return "Failed to save token to Keychain (status: \(status))"
-        case .invalidData:
-            return "Invalid token data"
         }
     }
 }

---

225-239: Inconsistent error logging across save methods.

saveTwitchBotUserID and saveTwitchChannelID don't log errors before throwing, unlike saveToken, saveTwitchToken, and saveTwitchUsername. Consider adding Log.error calls for consistency.

Proposed fix for saveTwitchBotUserID

     guard status == errSecSuccess else {
+        Log.error("Failed to save Twitch bot user ID - OSStatus \(status)", category: "Keychain")
         throw KeychainError.saveFailed(status)
     }

Proposed fix for saveTwitchChannelID

     guard status == errSecSuccess else {
+        Log.error("Failed to save Twitch channel ID - OSStatus \(status)", category: "Keychain")
         throw KeychainError.saveFailed(status)
     }

Also applies to: 268-282

---

39-58: Consider referencing AppConstants.Keychain.service.

The local service constant duplicates AppConstants.Keychain.service. For consistency with the centralized constants pattern, consider using the shared constant.

src/wolfwave/Views/Twitch/TwitchDeviceAuthDialog.swift (2)

157-179: Duplicate copy logic with DeviceCodeView.

This copyDeviceCode() function is nearly identical to the one in DeviceCodeView.swift (lines 110-132). Consider extracting a shared utility to reduce duplication.

---

120-138: Redundant copy feedback UI.

Both an inline indicator inside DeviceCodeEntryView (lines 235-248) and a toast overlay (lines 121-138) show "Copied to clipboard" simultaneously. Consider using only one feedback mechanism for a cleaner UX.

Also applies to: 234-248

src/wolfwave/Views/Twitch/DeviceCodeView.swift (2)

22-22: Remove redundant nil initialization.

Optionals default to nil; explicit initialization is unnecessary.

Proposed fix

-    var onActivate: (() -> Void)? = nil
+    var onActivate: (() -> Void)?

---

122-131: Combine asyncAfter calls with the same delay.

Both showCopyFeedback = false and isCodeCopied = false are scheduled at 1.3 seconds. Merge them into a single dispatch for clarity.

Proposed fix

-        // Auto-dismiss feedback and reset state
-        DispatchQueue.main.asyncAfter(deadline: .now() + 1.3) {
-            withAnimation(.easeInOut(duration: 0.18)) {
-                showCopyFeedback = false
-            }
-        }
-
-        DispatchQueue.main.asyncAfter(deadline: .now() + 1.3) {
-            isCodeCopied = false
-        }
+        // Auto-dismiss feedback and reset state
+        DispatchQueue.main.asyncAfter(deadline: .now() + 1.3) {
+            withAnimation(.easeInOut(duration: 0.18)) {
+                showCopyFeedback = false
+            }
+            isCodeCopied = false
+        }

src/wolfwave/Core/AppConstants.swift (2)

141-144: Consider renaming UI to a more descriptive name.

SwiftLint flags UI as too short. More importantly, there's also SettingsUI with overlapping concerns. Consider consolidating or renaming to Dimensions or WindowSizes for clarity.

---

15-15: Unused import.

AppKit is imported but not used in this constants-only file. Consider removing it.

Proposed fix

 import Foundation
-import AppKit

[coderabbitai]

Actionable comments posted: 2

🤖 Fix all issues with AI agents

In `@src/wolfwave/Services/Twitch/TwitchChatService.swift`:
- Around line 141-143: The three nonisolated(unsafe) vars reconnectChannelName,
reconnectToken, and reconnectClientID are being accessed from multiple threads
without synchronization; change their storage so accesses are protected by the
existing reconnectionLock (or move them into the actor scope) by removing
nonisolated(unsafe) and routing all reads/writes through synchronized accessors
that acquire reconnectionLock (or convert the fields into actor-isolated
properties and update the network monitor callback to call the actor method),
ensuring every use-site of reconnectChannelName/reconnectToken/reconnectClientID
uses the protected getters/setters.

In `@src/wolfwave/Views/WebSocket/WebSocketSettingsView.swift`:
- Around line 48-73: The WIP banner's onHover closure currently pushes
NSCursor.pointingHand which wrongly suggests interactivity; update the onHover
block in WebSocketSettingsView (the closure attached to the VStack) to push
NSCursor.operationNotAllowed instead of NSCursor.pointingHand when isInside is
true, and keep the existing NSCursor.pop() call when leaving so the cursor state
is restored.

♻️ Duplicate comments (1)

src/wolfwave/Services/Twitch/TwitchChatService.swift (1)

720-728: TOCTOU race in sendConnectionMessage() – read and write should be atomic.

The flag is read (Line 722) and written (Line 726) under separate lock acquisitions, allowing two concurrent calls to both pass the guard and send duplicate messages.

🔒 Proposed fix: single atomic check-and-set

     func sendConnectionMessage() {
         DispatchQueue.main.asyncAfter(deadline: .now() + 1.5) { [weak self] in
             guard let self = self else { return }
-            let hasSent = self.connectionLock.withLock { self.hasSentConnectionMessage }
-            if hasSent {
-                return
-            }
-            self.connectionLock.withLock { self.hasSentConnectionMessage = true }
+            let shouldSend = self.connectionLock.withLock {
+                guard !self.hasSentConnectionMessage else { return false }
+                self.hasSentConnectionMessage = true
+                return true
+            }
+            guard shouldSend else { return }
             self.sendMessage("WolfWave Application is connected! 🎵")
         }
     }

🧹 Nitpick comments (4)

src/wolfwave/Views/Twitch/TwitchDeviceAuthDialog.swift (2)

148-160: URL encoding and error logging issues from previous review addressed.

The device code is now properly URL-encoded (Line 151). However, Line 156 uses Logger.shared.log(...) while the rest of the codebase uses Log.error(...). Consider using the consistent Log utility.

Use consistent logging utility

             } else {
                 // Log failure if encoding/URL construction fails
-                Logger.shared.log("Failed to encode device code or construct authorization URL", level: .error, category: "TwitchDeviceAuth")
+                Log.error("Failed to encode device code or construct authorization URL", category: "TwitchDeviceAuth")
             }

---

236-249: Dual copy feedback (toast + inline) may be intentional but redundant.

Both the toast overlay (Lines 120-138) and the inline feedback (Lines 236-249) appear when isCodeCopied is true. If both are intentional for emphasis, consider documenting this choice; otherwise, one could be removed for cleaner UX.

src/wolfwave/Views/Twitch/TwitchDeviceAuthWindowController.swift (1)

36-48: Minor: Style mask set twice.

styleMask is set in the initializer (Line 37) and again after super.init (Line 45). The second assignment is redundant.

Remove redundant style mask assignment

         // Configure window properties for macOS system dialog appearance
         window.title = "Reconnect to Twitch"
-        window.styleMask = [.titled, .closable]
         window.isReleasedWhenClosed = false

src/wolfwave/Views/Twitch/TwitchReauthView.swift (1)

110-117: Copy button lacks visual feedback compared to TwitchDeviceAuthDialog.

In TwitchDeviceAuthDialog, the copy button shows a checkmark icon after copying (isCodeCopied state). This view only updates statusMessage. Consider adding similar visual feedback for consistency.

Add visual feedback state

+    `@State` private var isCodeCopied = false
+
     private func copyDeviceCode() {
         let pasteboard = NSPasteboard.general
         pasteboard.clearContents()
         pasteboard.setString(viewModel.authState.userCode, forType: .string)
+        isCodeCopied = true
         viewModel.statusMessage = "Code copied to clipboard!"
+        
+        DispatchQueue.main.asyncAfter(deadline: .now() + 2.0) {
+            isCodeCopied = false
+        }
     }

Then update the button icon:

                         Button(action: { copyDeviceCode() }) {
-                            Image(systemName: "doc.on.doc")
+                            Image(systemName: isCodeCopied ? "checkmark.circle.fill" : "doc.on.doc")
                                 .font(.body)
+                                .foregroundColor(isCodeCopied ? .green : nil)
                         }