chore(bootstrap): scaffold Tauri 2 + cleanup samples

[mpiton]

Summary

Adds complete Tauri 2 (React 19 + TypeScript + Vite 7) scaffold with minimal cleanup: removed sample components, custom Rust entry point without .expect() violations, and configuration aligned to Forgent hexagonal layout. Blocks frontend tooling (T06 Tailwind) and backend setup (T07 cargo add).

Why

Task 05 is the foundation for all subsequent sprint work. Provides working dev environment (pnpm exec tauri dev) and CI-ready build pipeline. Custom configurations avoid template footguns: single tsconfig.json (no composite artifacts), proper error handling via Result<>, correct beforeDevCommand to avoid infinite loops.

Changes

• Tauri 2 scaffold: Full src-tauri/ backend with Rust 2021 edition, AGPL-3.0 license, minimal lib.rs (4 lines returning Result) and main.rs (8 lines with proper error propagation via eprintln + exit(1))
• Frontend: React 19 entry (main.tsx), minimal App.tsx placeholder div, strict TypeScript with noEmit: true
• Vite 7 + React plugin: Port 1420 fixed, HMR support for TAURI_DEV_HOST, ignores src-tauri/ in watch
• Single consolidated tsconfig.json: No composite project or tsconfig.node.json (avoids emitting vite.config.d.ts/.js pollution)
• Dependencies: react@^19.2.5, react-dom@^19.2.5, @tauri-apps/api@^2.11.0 (runtime); @tauri-apps/cli@^2.11.0, @types/node, @vitejs/plugin-react, typescript, vite (devDeps)
• Configuration: Customized tauri.conf.json (identifier: com.forgent.app, productName: Forgent, version 0.0.1, 1280×800 window, bundle targets [appimage, deb, rpm, dmg, msi])
• Capabilities: Removed unused "opener:default", kept only "core:default"
• Icons: All 12 platform-specific Tauri icons included
• Cleanup: Removed Welcome component, greet IPC sample, Counter, CSS samples, all references to removed components
• CHANGELOG.md: Added comprehensive [Unreleased]/Added entry documenting all files and rationale

Testing

• ✅ cargo build (src-tauri/) succeeds zero warnings
• ✅ cargo clippy -- -D warnings passes
• ✅ pnpm exec tsc -b (strict mode) passes, no errors
• ✅ pnpm exec tauri dev launches Tauri window with "Forgent" placeholder (verified Linux)
• ✅ pnpm exec tauri info confirms: framework React, bundler Vite, Rust toolchain valid
• ✅ grep -r "greet\|Welcome\|Counter" src/ returns no matches (zero sample code)
• ✅ tauri.conf.json contains identifier, productName, version as spec
• ✅ index.html title is "Forgent"
• ✅ src-tauri/src/main.rs is 8 lines
• ✅ Cargo.toml license field is AGPL-3.0-only
• ✅ pnpm exec vite build produces valid bundle (193kB / 60kB gzip)

Related Issues

• Implements Sprint 0 Task 05 per ARCHI.md §21
• Depends on Task 04 (pnpm + package.json)
• Blocks Task 06 (Tailwind setup) and Task 07 (cargo add base crates)

Notes for Reviewer

Key architectural choices:

• Error handling: Result<(), tauri::Error> at boundary (lib.rs) propagated to main.rs with eprintln + exit(1). Avoids .expect() per CLAUDE.md ban.
• tsconfig consolidation: Removed composite project and separate tsconfig.node.json because tsc -b would emit vite.config.d.ts / vite.config.js artifacts. Single config with noEmit: true is cleaner.
• beforeDevCommand: Must be pnpm vite (not pnpm dev) to avoid calling tauri dev recursively.
• @ts-expect-error: Replaced with proper @types/node typing in compilerOptions.
• Capability cleanup: Removed "opener:default" because tauri-plugin-opener was not listed as dep (template included but unused).

Checklist

• All acceptance criteria from task 05 verified
• No .expect() or .unwrap() in lib.rs / main.rs (proper Result types)
• No sample components remain (greet, Welcome, Counter removed)
• CHANGELOG.md updated (comprehensive Added section)
• No manual Cargo.toml or package.json edits (all via cargo add / pnpm add)
• CI will verify: cargo build, clippy, tsc, oxlint/oxfmt, audit
• Self-reviewed diff

Summary by CodeRabbit

• New Features
  • Initial app UI with a bootstrapped entry point that renders a centered "Forgent" placeholder.
• Chores
  • Added project scaffolding: React 19 + Vite frontend and Tauri 2 desktop backend.
  • Configured tooling and dev environment (TypeScript, Vite, dev server/HMR, build/bundle settings) for cross-platform desktop builds.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 0e9c358a-33e2-40fd-8243-38068c28428b

📥 Commits

Reviewing files that changed from the base of the PR and between d312490 and ef9f551.

📒 Files selected for processing (2)

• CHANGELOG.md
• src-tauri/Cargo.toml

✅ Files skipped from review due to trivial changes (1)

• CHANGELOG.md

🚧 Files skipped from review as they are similar to previous changes (1)

• src-tauri/Cargo.toml

---

📝 Walkthrough

Walkthrough

Adds a Tauri 2 desktop app scaffold with a Rust backend and a React 19 + Vite frontend, including entrypoints, build/config files, tooling manifests, and changelog updates.

Changes

Cohort / File(s)	Summary
Changelog CHANGELOG.md	Added Unreleased → Added entries documenting the new Tauri + React/Vite scaffold.
Frontend HTML & Package Config index.html, package.json	New HTML entrypoint and explicit frontend runtime/dev dependency declarations (React, Vite, TypeScript, Tauri API/CLI).
Frontend Source src/App.tsx, src/main.tsx, src/vite-env.d.ts	Created minimal React App component, React entrypoint mounting to #root, and Vite client type reference.
TypeScript Config tsconfig.json	Added strict TypeScript configuration targeting ES2020/ESNext, JSX runtime, and project includes.
Vite Config vite.config.ts	Configured Vite for Tauri: React plugin, fixed dev port 1420, HMR host/port, clearScreen false, ignore src-tauri.
Tauri Project Files src-tauri/tauri.conf.json, src-tauri/capabilities/default.json, src-tauri/.gitignore	Added Tauri config (dev/build hooks, devUrl, frontendDist, window and bundling settings), default capability, and Cargo-related gitignore.
Rust Crate Config src-tauri/Cargo.toml, src-tauri/build.rs	New Cargo.toml for forgent crate with tauri/serde deps and library crate-types; added build.rs invoking tauri_build::build().
Rust Entrypoints src-tauri/src/lib.rs, src-tauri/src/main.rs	Added pub fn run() -> Result<(), tauri::Error> and a main() that invokes it with Windows subsystem handling and startup error exit.

Sequence Diagram(s)

sequenceDiagram
  participant Dev as Developer
  participant Vite as Vite Dev Server
  participant Tauri as Tauri Runtime (Rust)
  participant App as Application Window

  Dev->>Vite: start dev server (port 1420)
  Dev->>Tauri: tauri dev (beforeDevCommand -> devUrl)
  Tauri->>Vite: load frontend from devUrl
  Vite-->>App: serve JS/HTML
  App->>Tauri: runtime APIs (`@tauri-apps/api`) calls
  Tauri->>App: window creation & native integration

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 Soft paws on keys, a scaffold springs to be,
Rust hums in backend, Vite paints the sea,
React hops in circles, mounting root with grace,
Tauri opens windows to the project's new place —
A tiny rabbit cheers: "Forgent, set the pace!"

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 25.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'chore(bootstrap): scaffold Tauri 2 + cleanup samples' accurately summarizes the main change—setting up a complete Tauri 2 project scaffold (with React, TypeScript, and Vite) and removing sample components.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch chore/task-05-scaffold-tauri

---

_{Review rate limit: 3/5 reviews remaining, refill in 18 minutes and 6 seconds.}

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@src-tauri/tauri.conf.json`:
- Around line 20-22: Replace the insecure "csp": null in tauri.conf.json with a
restrictive CSP object that explicitly lists trusted sources for each directive
(e.g., default-src, connect-src, font-src, img-src, style-src) so CSP is
enforced in production; update the "csp" key to an object (not null), include
'self' and your app-specific schemes (e.g., asset:, customprotocol:, ipc:) and
trusted external hosts (e.g., fonts.googleapis.com, fonts.gstatic.com) as
needed, and ensure you adjust script-src/style-src for nonce/hash injection or
add flags like 'wasm-unsafe-eval' or dangerousDisableAssetCspModification only
if required by your build; also mirror this CSP in your dev server
(vite.config.ts) via response headers to surface CSP issues early.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 9090e85b-9b1e-4be3-aa38-a17a2a195bd1

📥 Commits

Reviewing files that changed from the base of the PR and between 1c94f71 and d312490.

⛔ Files ignored due to path filters (17)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml
• src-tauri/Cargo.lock is excluded by !**/*.lock
• src-tauri/icons/128x128.png is excluded by !**/*.png
• src-tauri/icons/128x128@2x.png is excluded by !**/*.png
• src-tauri/icons/32x32.png is excluded by !**/*.png
• src-tauri/icons/Square107x107Logo.png is excluded by !**/*.png
• src-tauri/icons/Square142x142Logo.png is excluded by !**/*.png
• src-tauri/icons/Square150x150Logo.png is excluded by !**/*.png
• src-tauri/icons/Square284x284Logo.png is excluded by !**/*.png
• src-tauri/icons/Square30x30Logo.png is excluded by !**/*.png
• src-tauri/icons/Square310x310Logo.png is excluded by !**/*.png
• src-tauri/icons/Square44x44Logo.png is excluded by !**/*.png
• src-tauri/icons/Square71x71Logo.png is excluded by !**/*.png
• src-tauri/icons/Square89x89Logo.png is excluded by !**/*.png
• src-tauri/icons/StoreLogo.png is excluded by !**/*.png
• src-tauri/icons/icon.ico is excluded by !**/*.ico
• src-tauri/icons/icon.png is excluded by !**/*.png

📒 Files selected for processing (16)

• CHANGELOG.md
• index.html
• package.json
• src-tauri/.gitignore
• src-tauri/Cargo.toml
• src-tauri/build.rs
• src-tauri/capabilities/default.json
• src-tauri/icons/icon.icns
• src-tauri/src/lib.rs
• src-tauri/src/main.rs
• src-tauri/tauri.conf.json
• src/App.tsx
• src/main.tsx
• src/vite-env.d.ts
• tsconfig.json
• vite.config.ts

[cubic-dev-ai]

2 issues found across 33 files

Prompt for AI agents (unresolved issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name="src-tauri/tauri.conf.json">

<violation number="1" location="src-tauri/tauri.conf.json:21">
P1: `csp: null` disables Content Security Policy for the app. Define a restrictive CSP instead of leaving it disabled.</violation>
</file>

<file name="package.json">

<violation number="1" location="package.json:29">
P1: The new dependency scaffold omits CLI packages used by existing scripts (`vitest`, `tsx`, `oxlint`, `oxfmt`), which can break CI/local script execution in clean installs.</violation>
</file>

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.}