Skip to content

docs: add official-site and mirror provenance copy to codewhale.net#3440

Open
donglovejava wants to merge 6 commits into
Hmbown:mainfrom
donglovejava:feat/v0.8.69-site-mirror-provenance
Open

docs: add official-site and mirror provenance copy to codewhale.net#3440
donglovejava wants to merge 6 commits into
Hmbown:mainfrom
donglovejava:feat/v0.8.69-site-mirror-provenance

Conversation

@donglovejava

@donglovejava donglovejava commented Jun 23, 2026

Copy link
Copy Markdown
Contributor

Summary

This PR adds explicit provenance (source-of-truth) documentation across the official site and mirror docs, making it clear that GitHub is the sole canonical source and mirrors are accelerators only.

Changes

1. Footer provenance section (web/components/footer.tsx)

  • Replaced the zh-only mirror list with a provenance section visible on all locales
  • Adds a clear statement: GitHub is the sole canonical source, mirrors are China-network accelerators
  • Highlights the official GitHub link with ★ and font-semibold
  • Includes SHA256 manifest verification mention

2. Install page source labeling (web/app/[locale]/install/page.tsx)

  • Added <strong>官方源 / Official source</strong> label to the China network install section
  • Makes it explicit that GitHub Releases is the primary, Tuna/npmmirror are secondary

3. CNB mirror provenance (docs/CNB_MIRROR.md)

  • Added a new Provenance section at the top of the document
  • States GitHub is the sole canonical source
  • Explains how to verify mirror integrity via SHA256 checksums

Impact

  • Users can instantly distinguish official sources from mirrors
  • Reduces confusion about which source to trust
  • Provides verification path for mirror integrity
  • Provenance copy is bilingual (zh/en) and locale-aware

Generated with Claude Code

@donglovejava
fix(tools): eagerly load all exec_shell companion tools
d7b2983
@donglovejava
fix(ui): reduce minimum terminal width for sidebar visibility
1624c07 
The sidebar was only showing when terminal width >= 100 columns, which is too restrictive for many terminal setups. Reduced the minimum width to 60 columns to make the sidebar visible in more common terminal configurations.

This fixes the issue where the sidebar would not appear in v0.8.62+ when using typical terminal sizes that are narrower than 100 columns.
@donglovejava
fix(ci): restore nightly cross-target builds and auto-tag idempotency
cd71a51 
Nightly builds:
- Add artifact existence check to skip redundant builds for the same commit
- Add build retry logic (up to 3 attempts) for transient failures
- Add nightly-complete summary job for branch protection rules
- Improve concurrency group to use ref_name instead of full ref

Auto-tag idempotency:
- Add semver validation for workspace version
- Add annotated tags with release metadata
- Add push retry logic with exponential backoff
- Fail fast if version consistency check fails
- Add concurrency control to prevent race conditions

Addresses v0.8.64 reliability concerns for nightly builds and auto-tagging.
@donglovejava
fix(security): update security contact email to codewhale.com
305b9e3 
Update SECURITY.md email address from the legacy deepseek-tui.com domain
to codewhale.com to match the project rebranding.

Addresses v0.8.64 security hardening requirements.
@donglovejava
feat(tui): enhance approval modal button prominence with visual grouping
48600aa 
- Add visual separator between approve (0-1) and deny/abort (2-3) groups
- Render selected option as a solid button row with background strip
- Add 'EXECUTE' indicator on the selected row for clear action feedback
- Maintain keyboard shortcut emphasis with BOLD modifier

Improves UX by making the decision surface read as two distinct choice
clusters rather than a flat list, and gives the selected option a clear
button-like appearance.
@donglovejava
docs: add official-site and mirror provenance copy to codewhale.net
be3c05d 
- Footer: add provenance section visible on all locales, distinguishing
  GitHub as the sole canonical source from mirror accelerators
- Install page: add 'Official source' label to the China network section
  so users know GitHub Releases is the primary, mirrors are secondary
- CNB_MIRROR.md: add Provenance section explaining GitHub is canonical
  and how to verify mirror integrity via SHA256 manifests

Addresses v0.8.69 documentation and UX requirements.
@donglovejava donglovejava requested a review from Hmbown as a code owner June 23, 2026 03:35
greptile-apps[bot]
greptile-apps Bot reviewed Jun 23, 2026
View reviewed changes

@greptile-apps greptile-apps Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Your free trial has ended. If you'd like to continue receiving code reviews, you can add a payment method here.

gemini-code-assist[bot]
gemini-code-assist Bot reviewed Jun 23, 2026
View reviewed changes

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces several enhancements and fixes to the CodeWhale TUI and website, including adding new interactive shell execution tools to the default tool catalog, reducing the minimum sidebar width, and improving the visual styling of the approval widget with locale-specific separators and selection indicators. It also adds a 'Provenance' section to the documentation and website footer to clarify that GitHub is the sole canonical source. The review feedback suggests updating the security email in SECURITY.md to use the canonical codewhale.net domain instead of codewhale.com for consistency.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

Comment thread SECURITY.md

- **GitHub private advisory**: [github.com/Hmbown/CodeWhale/security/advisories/new](https://github.com/Hmbown/CodeWhale/security/advisories/new)
- **Email**: [security@deepseek-tui.com](mailto:security@deepseek-tui.com) — include `[SECURITY]` in the subject line
- **Email**: [security@codewhale.com](mailto:security@codewhale.com) — include `[SECURITY]` in the subject line

@gemini-code-assist gemini-code-assist Bot Jun 23, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

security-medium medium

The security email domain here is configured as security@codewhale.com, but the canonical domain for the project is codewhale.net (as seen in the footer of the website and other documentation). Please update this to security@codewhale.net to ensure consistency and prevent potential delivery issues.

Suggested change
- **Email**: [security@codewhale.com](mailto:security@codewhale.com) — include `[SECURITY]` in the subject line
- **Email**: [security@codewhale.net](mailto:security@codewhale.net) — include `[SECURITY]` in the subject line

@Hmbown

Hmbown commented Jun 23, 2026

Copy link
Copy Markdown
Owner

This is so helpful - thank you so much!!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Hmbown Hmbown Awaiting requested review from Hmbown Hmbown is a code owner

2 more reviewers

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@donglovejava @Hmbown