[chat] Fire-and-forget sandbox setup on login

[sweetmantech]

Summary

Trigger sandbox provisioning on every login so customers always have a ready sandbox by the time they first use prompt_sandbox.

Changes

• New: lib/sandbox/triggerSandboxSetup.ts — fire-and-forget POST to /api/sandboxes/setup
• Edit: hooks/useUser.tsx — call triggerSandboxSetup() after account data loads
• New: lib/sandbox/__tests__/triggerSandboxSetup.test.ts (2 tests)

Notes

• The API handler is idempotent (early-exit if already provisioned)
• Race condition (user sends message before setup finishes) handled by existing fallback in promptSandboxStreaming

Linear

MYC-4419

🤖 Generated with Claude Code

Summary by CodeRabbit

Release Notes

• New Features
  • Sandbox environments are now automatically provisioned when users authenticate with their accounts.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
recoup-chat	Ready	Preview	Mar 5, 2026 5:15pm

[coderabbitai]

📝 Walkthrough

Walkthrough

Introduces automatic sandbox provisioning when users are fetched. A new utility function triggers a fire-and-forget API request to provision sandbox environments for accounts. The integration hooks into the user data fetch flow, initiating setup whenever an account ID is available.

Changes

Cohort / File(s)	Summary
User Hook Integration hooks/useUser.tsx	Modified to invoke triggerSandboxSetup(account_id) when user data containing an account ID is fetched, automating sandbox initialization.
Sandbox Setup Utility lib/sandbox/triggerSandboxSetup.ts	New module exporting a fire-and-forget function that POSTs account setup requests to /api/sandboxes/setup; errors are silently caught.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🏗️ Sandboxes bloom when users arrive,
A whisper of setup, no await required—
Idempotent and swift, the provisioning thrives,
Silent errors forgotten, the system inspired. ✨

🚥 Pre-merge checks | ✅ 1

✅ Passed checks (1 passed)

Check name	Status	Explanation
Solid & Clean Code	✅ Passed	PR demonstrates strong SOLID adherence with single responsibility in triggerSandboxSetup, open/closed principle compliance through composition, and clean code practices including descriptive naming and focused functions.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch sweetmantech/myc-4419-chat-fire-and-forget-sandbox-setup-on-login

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: c3cbe6dfd2

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

Call sandbox setup through an existing API path

This POST targets "/api/sandboxes/setup", but in this commit tree there is no matching Next.js handler under app/api and no rewrite in next.config.mjs/vercel.json to forward that path, so the request will return 404 on login and provisioning will never be triggered. Because fetch only .catches network failures (not non-2xx responses), this fails silently and defeats the new pre-warm behavior.

Useful? React with 👍 / 👎.

[coderabbitai]

🧹 Nitpick comments (1)

lib/sandbox/triggerSandboxSetup.ts (1)

7-12: Consider adding input validation for accountId.

The function accepts any string, including empty strings or whitespace, which would still fire a POST request to the API. Adding a guard clause would prevent unnecessary network calls.

🛡️ Proposed validation

 export function triggerSandboxSetup(accountId: string): void {
+  if (!accountId?.trim()) return;
+
   fetch("/api/sandboxes/setup", {
     method: "POST",
     headers: { "Content-Type": "application/json" },
     body: JSON.stringify({ account_id: accountId }),
   }).catch(() => {});
 }

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@lib/sandbox/triggerSandboxSetup.ts` around lines 7 - 12, The
triggerSandboxSetup function currently sends a POST for any accountId string;
add input validation at the top of triggerSandboxSetup to guard against empty or
whitespace-only values (e.g., if (!accountId || accountId.trim().length === 0)
return;) so the fetch("/api/sandboxes/setup", ...) is not invoked for invalid
input; ensure you reference the accountId parameter and keep the existing fetch
call unchanged otherwise (optionally log or warn before returning).

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@lib/sandbox/triggerSandboxSetup.ts`:
- Around line 7-12: The triggerSandboxSetup function currently sends a POST for
any accountId string; add input validation at the top of triggerSandboxSetup to
guard against empty or whitespace-only values (e.g., if (!accountId ||
accountId.trim().length === 0) return;) so the fetch("/api/sandboxes/setup",
...) is not invoked for invalid input; ensure you reference the accountId
parameter and keep the existing fetch call unchanged otherwise (optionally log
or warn before returning).

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 9b18f606-0130-4294-a118-ea8558485457

📥 Commits

Reviewing files that changed from the base of the PR and between eaeb579 and c3cbe6d.

⛔ Files ignored due to path filters (1)

• lib/sandbox/__tests__/triggerSandboxSetup.test.ts is excluded by !**/*.test.* and included by lib/**

📒 Files selected for processing (2)

• hooks/useUser.tsx
• lib/sandbox/triggerSandboxSetup.ts

[sweetmantech]

Closing — superseded by the post-cutover work in chat#1747.

This PR targets the pre-cutover POST /api/sandboxes/setup endpoint (one sandbox per user, prompted via prompt_sandbox). The current architecture (after chat#1748 + chat#1760) provisions sandboxes per session via POST /api/sandbox inside useNewChatBootstrap, so the integration point and endpoint here are both outdated.

The intent — front-load sandbox provisioning so the user doesn't wait at the chat input — is now tracked as a new open item in chat#1747: "defer bootstrap wait from spinner to send button". A fresh PR will reanimate the pattern against the new flow.