fix(desktop): improve Niri AppImage and remote environment

[mwolson]

Summary

• Supersedes fix(desktop): standard Linux AppImage icons for AppImageLauncher #2332 by keeping the Linux AppImage hicolor icon fix and adding a second Niri/AppImage integration fix found while testing remote environments.
• Generates standard Linux icon sizes for AppImage builds so AppImageLauncher and desktop shells can resolve the installed app icon.
• Selects Electron's Linux secret-storage backend more reliably on desktop environments Electron does not recognize, such as Niri, while still allowing explicit user preference through desktop-settings.json.

Closes #2331.
Fixes #2539.

Repro

For the icon issue:

1. Install the Linux AppImage with AppImageLauncher under Niri.
2. Inspect the installed launcher entry or application menu.
3. The app can appear without a usable T3 Code icon when the AppImage only contains the large source icon.

For the credential-store issue:

1. Run the Linux AppImage under Niri without adding --password-store=gnome-libsecret to the desktop launcher.
2. Add a remote environment.
3. T3 Code reaches the point where it needs to persist the saved environment bearer token.
4. Electron can fail to provide an encrypted secret store, and credential persistence fails.

Diagnosis

Electron chooses the Linux safeStorage backend from the desktop environment or from --password-store. Niri is not one of Electron's recognized desktop names, so the app needed a launcher workaround to force gnome-libsecret.

This PR moves that into the app startup path:

• desktop-settings.json now accepts linuxPasswordStore.
• The default auto mode leaves Electron alone for known GNOME and KDE desktops.
• For unrecognized Linux desktops, auto appends --password-store=gnome-libsecret.
• If encryption is still unavailable, the app reports an actionable GNOME Keyring or KWallet remediation instead of surfacing a generic saved credential failure.

The icon fix from #2332 stages standard Linux icon sizes and points electron-builder at the generated icon directory.

Scope

This is intentionally Linux desktop only.

The two fixes are combined because they were both found while testing the same Linux AppImage flow under Niri, and because this PR is intended to replace the narrower icon-only PR #2332.

Test plan

• bun fmt
• bun lint
• bun typecheck
• bun run test
• bun dist:desktop:linux
• Built a local AppImage and launched it under Niri with the launcher password-store workaround removed.
• Confirmed the desktop log reports safe storage backend=gnome_libsecret encryptionAvailable=true.
• Confirmed adding and connecting to a remote environment works from another computer using this build.
• Verified the AppImage icon fix from fix(desktop): standard Linux AppImage icons for AppImageLauncher #2332 by extracting AppImages and confirming hicolor icon entries for 16, 22, 24, 32, 48, 64, 128, 256, and 512.

---

Note

Medium Risk
Medium risk because it changes Linux desktop startup flags and secret-storage error handling, and updates the Linux build pipeline to require ImageMagick for icon generation, which could affect packaging/runtime behavior on Linux.

Overview
Improves Linux AppImage integration by generating and packaging a full hicolor icon set (16–512px) during desktop artifact builds, updating electron-builder to use an icons/ directory instead of a single PNG, and installing ImageMagick in the Linux release workflow to support icon resizing.

Adds a new Linux-only linuxPasswordStore setting in desktop-settings.json (default auto) and introduces heuristics to append Electron’s --password-store switch on unrecognized desktops (e.g. Niri) while honoring explicit user choices.

Tightens saved-environment credential persistence: the desktop app now fails early with actionable GNOME Keyring/KWallet remediation messages when safeStorage encryption is unavailable, logs the selected backend on Linux, and the web runtime refactors bearer-token persistence to ensure registry rollback while preserving original error details.

^{Reviewed by Cursor Bugbot for commit bfc4a7c. Bugbot is set up for automated code reviews on this repo. Configure here.}

Note

Improve Niri AppImage integration with Linux secret storage and multi-size icons

• Adds linuxPasswordStore to DesktopSettings, allowing users to configure the Electron password-store backend; on Linux startup, applies the appropriate --password-store switch based on the setting and detected desktop environment.
• Adds resolveLinuxSecretStorageUnavailableMessage to surface tailored GNOME Keyring or KDE KWallet remediation messages when encryption is unavailable, and fails early in the SET_SAVED_ENVIRONMENT_SECRET IPC handler instead of attempting a write.
• Extracts persistSavedEnvironmentBearerTokenOrRollback in service.ts so registry rollback and original error propagation are guaranteed on token persistence failure.
• Linux builds now generate a full icon set at standard sizes (16–512px) using ImageMagick via build-desktop-artifact.ts, pointing electron-builder at the icons directory instead of a single PNG.
• Risk: Linux builds now require ImageMagick to be installed; the CI workflow installs it via apt if missing.

^{Macroscope summarized bfc4a7c.}

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: cf233046-5a0e-47f4-aba6-95484e4c09c7

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

• Generate code and open pull requests
• Plan features and break down work
• Investigate incidents and troubleshoot customer tickets together
• Automate recurring tasks and respond to alerts with triggers
• Summarize progress and report instantly

Built for teams:

• Shared memory across your entire org—no repeating context
• Per-thread sandboxes to safely plan and execute work
• Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[macroscopeapp]

Approvability

Verdict: Needs human review

This PR introduces new Linux desktop environment detection logic, a new user-configurable linuxPasswordStore setting, and changes runtime behavior by forcing password store switches for unrecognized desktops. The scope constitutes new feature capability rather than a simple bug fix, warranting human review.

^{You can customize Macroscope's approvability policy. Learn more.}