Share short ID generator across error/crash reports

- Extract `error_reporter::generate_short_id` into a shared `short_id` module that takes a prefix string, so the upcoming `CRASH-XXXXX` flow can reuse the same alphabet, length, and rejection-sampling routine.
- Keep `error_reporter::generate_short_id` as a thin wrapper to avoid touching call sites.

Author: vdavid

apps/desktop/src-tauri/src/error_reporter/CLAUDE.md

@@ -24,8 +24,11 @@ logs/<next-filename>   # ...
 
 Manifest fields (`BundleManifest`):
 
-- `id`: short ID (`ERR-XXXXX`) generated client-side. **Server may regenerate** — UI
-  always shows the server's response ID, never the local one.
+- `id`: short ID (`ERR-XXXXX`) generated client-side via [`crate::short_id::generate`]
+  (kept as a thin wrapper in `error_reporter::generate_short_id`). The api server
+  validates the shape and uses this id as-is — the trailing UUID in the R2 key
+  guarantees object uniqueness, so there's no server-side regeneration. The UI shows
+  the same id everywhere (dialog preview, toast, server response).
 - `kind`: `"user"` or `"auto"` (Phase 5).
 - `buildMode`: `"release"` or `"debug"`. Resolved at compile time from
   `cfg!(debug_assertions)` via `BuildMode::current()`. Forwarded to the api server so the
@@ -77,7 +80,7 @@ SMB URIs, and UNC paths. See the redact module for the full pattern table.
 
 | File                       | Purpose                                                                                                       |
 | -------------------------- | ------------------------------------------------------------------------------------------------------------- |
-| `mod.rs`                   | `build_bundle` (dispatches by scope), `build_bundle_streaming` (Flow A streaming pipeline), `CountingCursor`, `build_zip`, `generate_short_id`, `upload`, `cap_bundle_to_mb`, `save_bundle_to_disk` (debug); also exports the `log_error!` macro |
+| `mod.rs`                   | `build_bundle` (dispatches by scope), `build_bundle_streaming` (Flow A streaming pipeline), `CountingCursor`, `build_zip`, `generate_short_id` (thin wrapper over `crate::short_id::generate("ERR")`), `upload`, `cap_bundle_to_mb`, `save_bundle_to_disk` (debug); also exports the `log_error!` macro |
 | `tail_walker.rs`           | Reads a log file from the END backward in 64 KB chunks, yields lines newest-first, stops at the timestamp cutoff. Handles long lines that span multiple chunks, lines without leading timestamps (panic continuations), and CRLF defensively. |
 | `tests.rs`                 | Unit tests: zip structure, redaction, ID format/uniqueness, capping, streaming pipeline                       |
 | `auto_dispatcher.rs`       | Flow B: opt-in auto-send on user-visible errors (60 s ± 10 s debounce, 1 MB tail, no retry on failure)        |
@@ -324,8 +327,10 @@ because breadcrumbs are best-effort instrumentation, not a feature.
 - Per-entry mtimes are set explicitly (manifest = `now`, logs = source-file mtime).
   Without this, the `zip` crate's `SimpleFileOptions::default()` writes 1980-01-01 for
   every entry — extracted bundles look like ancient archives.
-- Server-side ID generation may differ from the client's local ID. Always trust the
-  `id` field in the upload response — that's the one the user reports back to us.
+- The server uses the client-supplied `id` verbatim — the upload response echoes it.
+  Earlier versions regenerated server-side; that was removed because the trailing UUID
+  in the R2 key already guarantees uniqueness, and it was confusing to show one id in
+  the preview dialog and a different one in the toast.
 - The line-timestamp filter (Flow A's tail walker AND Flow B's per-line filter) relies
   on the file chain's ISO-8601 stamp format
   (`YYYY-MM-DDTHH:MM:SS.mmm±HH:MM`, see `logging::dispatch::file_timestamp`). Lines

apps/desktop/src-tauri/src/error_reporter/mod.rs

@@ -96,10 +96,8 @@ macro_rules! log_error {
     }};
 }
 
-/// Same unambiguous alphabet the server uses for license short codes and error report IDs.
-/// Kept in sync with `apps/api-server/src/license.ts` — avoids `0`/`O`, `1`/`I`/`L`.
-const SHORT_ID_ALPHABET: &[u8] = b"23456789ABCDEFGHJKMNPQRSTUVWXYZ";
-const SHORT_ID_LEN: usize = 5;
+/// Short ID prefix for error reports. The alphabet, length, and generation routine
+/// live in [`crate::short_id`] so the crash reporter can reuse them.
 const SHORT_ID_PREFIX: &str = "ERR";
 
 /// Max lines in the first-lines preview sample shown in the dialog.
@@ -834,24 +832,11 @@ fn build_zip(
     Ok(buf)
 }
 
-/// Generate a short ID like `ERR-8F3A2` using rejection sampling (no modulo bias).
+/// Generate a short ID like `ERR-8F3A2`. Thin wrapper around [`crate::short_id::generate`]
+/// kept for the existing public surface; new code should call `crate::short_id::generate`
+/// directly with the prefix it wants.
 pub fn generate_short_id() -> String {
-    let mut rng = rand::rng();
-    let alphabet_len = SHORT_ID_ALPHABET.len(); // 31
-    // 256 - (256 % 31) = 232 — bytes at or above this would skew the distribution.
-    let max_unbiased = 256 - (256 % alphabet_len);
-    let mut out = String::with_capacity(SHORT_ID_PREFIX.len() + 1 + SHORT_ID_LEN);
-    out.push_str(SHORT_ID_PREFIX);
-    out.push('-');
-    let mut remaining = SHORT_ID_LEN;
-    while remaining > 0 {
-        let byte: u8 = rng.random();
-        if (byte as usize) < max_unbiased {
-            out.push(SHORT_ID_ALPHABET[(byte as usize) % alphabet_len] as char);
-            remaining -= 1;
-        }
-    }
-    out
+    crate::short_id::generate(SHORT_ID_PREFIX)
 }
 
 /// POST the bundle to the ingestion server. In CI this skips the network call and

apps/desktop/src-tauri/src/lib.rs

@@ -111,6 +111,7 @@ mod redact;
 pub mod search;
 mod secrets;
 mod settings;
+mod short_id;
 mod space_poller;
 mod system_memory;
 #[cfg(target_os = "macos")]

apps/desktop/src-tauri/src/short_id.rs

@@ -0,0 +1,70 @@
+//! Short ID generation for user-visible report IDs (error reports, crash reports).
+//!
+//! Produces IDs like `ERR-8F3A2` or `CRASH-K7J4P` from an unambiguous alphabet
+//! (`23456789ABCDEFGHJKMNPQRSTUVWXYZ` — no `0`/`O`, no `1`/`I`/`L`). Uses rejection
+//! sampling to avoid modulo bias. The alphabet is kept in sync with
+//! `apps/api-server/src/license.ts::generateShortId`.
+
+use rand::RngExt;
+
+/// Unambiguous alphabet: no `0`/`O`, no `1`/`I`/`L`. 31 chars.
+const ALPHABET: &[u8] = b"23456789ABCDEFGHJKMNPQRSTUVWXYZ";
+/// Number of random characters after the prefix and dash.
+const SUFFIX_LEN: usize = 5;
+
+/// Generate a short ID like `{prefix}-XXXXX` using rejection sampling.
+///
+/// `prefix` is something like `"ERR"` or `"CRASH"`. The output shape is
+/// `{prefix}-{five-chars-from-alphabet}`. The user sees and reports this ID, so
+/// we pick an alphabet that's safe to read aloud or copy by eye.
+pub fn generate(prefix: &str) -> String {
+    let mut rng = rand::rng();
+    let alphabet_len = ALPHABET.len(); // 31
+    // 256 - (256 % 31) = 232 — bytes at or above this would skew the distribution.
+    let max_unbiased = 256 - (256 % alphabet_len);
+    let mut out = String::with_capacity(prefix.len() + 1 + SUFFIX_LEN);
+    out.push_str(prefix);
+    out.push('-');
+    let mut remaining = SUFFIX_LEN;
+    while remaining > 0 {
+        let byte: u8 = rng.random();
+        if (byte as usize) < max_unbiased {
+            out.push(ALPHABET[(byte as usize) % alphabet_len] as char);
+            remaining -= 1;
+        }
+    }
+    out
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use std::collections::HashSet;
+
+    #[test]
+    fn err_prefix_matches_shape() {
+        let re = regex::Regex::new("^ERR-[23456789ABCDEFGHJKMNPQRSTUVWXYZ]{5}$").unwrap();
+        for _ in 0..200 {
+            let id = generate("ERR");
+            assert!(re.is_match(&id), "ID `{id}` didn't match");
+        }
+    }
+
+    #[test]
+    fn crash_prefix_matches_shape() {
+        let re = regex::Regex::new("^CRASH-[23456789ABCDEFGHJKMNPQRSTUVWXYZ]{5}$").unwrap();
+        for _ in 0..200 {
+            let id = generate("CRASH");
+            assert!(re.is_match(&id), "ID `{id}` didn't match");
+        }
+    }
+
+    #[test]
+    fn ids_are_statistically_unique() {
+        let mut seen = HashSet::new();
+        for _ in 0..1000 {
+            let id = generate("ERR");
+            assert!(seen.insert(id), "duplicate ID within 1000 samples");
+        }
+    }
+}