Replace Pages landing site with mailbox shell#55
Merged
bdtran2002 merged 9 commits intomainfrom Apr 28, 2026
Merged
Conversation
|
Warning Rate limit exceeded
To keep reviews running without waiting, you can enable usage-based add-on for your organization. This allows additional reviews beyond the hourly cap. Account admins can enable it under billing. ⌛ How to resolve this issue?After the wait time has elapsed, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout. Please see our FAQ for further information. ℹ️ Review info⚙️ Run configurationConfiguration used: Organization UI Review profile: ASSERTIVE Plan: Pro Run ID: 📒 Files selected for processing (2)
📝 WalkthroughWalkthroughConverts a static marketing site to a dynamic Mail.tm temporary mailbox web application, adding a complete front-end controller (app.js) that manages session state, inbox fetching, message display, verification link extraction, and API interactions. Also updates Firefox addon build artifacts with new hashed bundle references. Changes
Sequence Diagram(s)sequenceDiagram
participant Client as Client (Browser)
participant Storage as localStorage
participant API as Mail.tm API
participant DOM as DOM/UI
Client->>+Storage: Load session token on startup
Storage-->>-Client: Restore cached token
rect rgba(100, 150, 255, 0.5)
Note over Client: Mailbox Initialization
Client->>+API: GET /domains (list available domains)
API-->>-Client: Return domain list
Client->>Client: Generate random credentials
Client->>+API: POST /accounts (create mailbox)
API-->>-Client: Return account & token
Client->>Storage: Cache new token
end
rect rgba(100, 200, 150, 0.5)
Note over Client: Inbox Polling
Client->>+API: GET /messages (fetch inbox)
API-->>-Client: Return message summaries
Client->>DOM: Render message list (unread states)
Client->>Storage: Update last-checked timestamp
end
rect rgba(200, 150, 100, 0.5)
Note over Client: Message Detail View
Client->>+API: GET /messages/{id} (fetch full content)
API-->>-Client: Return full message body
Client->>Client: Extract verification links/codes via regex
Client->>Client: Sanitize HTML (remove unsafe tags/attrs)
Client->>DOM: Render message detail + verification actions
Client->>API: PATCH /messages/{id} (mark as seen)
end
Estimated code review effort🎯 4 (Complex) | ⏱️ ~45 minutes Possibly related PRs
Suggested reviewers
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 3
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@docs/app.js`:
- Around line 761-793: refreshInbox currently allows concurrent requests so
slow/stale responses can overwrite newer state; modify refreshInbox to serialize
calls and ignore stale async responses by creating an epoch/requestId (e.g.,
increment state.inboxEpoch or create localRequestId) before the API call,
capture it in a local variable, and after each await (especially after
api('/messages') and after openMessage) verify the epoch/requestId still matches
state.inboxEpoch and bail out if not; also set a simple in-flight flag or store
a Promise (e.g., state.refreshInboxInFlight) to serialize simultaneous
invocations (await the existing in-flight Promise or replace it when starting a
new refresh) and apply the same epoch/guard pattern to the other similar
method(s) referenced around lines 862-864 so late responses cannot mutate
state.selectedMessage, state.messages, state.unreadIds, or state.lastCheckedAt.
- Around line 696-702: The session object currently persists
credentials.password into state.session (the assignment that sets accountId,
address, password, token, createdAt); remove the password property so the
generated mailbox password is not stored in session/localStorage, and audit any
subsequent reads of state.session.password (remove or replace them to use the
issued token such as token.token or other secure flows). Update the session
assignment to only include accountId, address, token (token.token) and
createdAt, and ensure no other code relies on the removed credentials.password
property.
In `@docs/styles.css`:
- Around line 35-40: The stylelint rule is failing because font-family names are
using single quotes; update the font declarations to follow the configured
quoting style by replacing single quotes with double quotes for multi-word
families and removing quotes for single-word families: in the "font" shorthand
change 'Figtree' to Figtree (no quotes) and change 'Segoe UI' to "Segoe UI", and
apply the same change to the other occurrence of 'Figtree'/'Segoe UI' later in
the file so the font and background declarations comply with
font-family-name-quotes.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: ASSERTIVE
Plan: Pro
Run ID: 66fd6df0-f71a-4cc9-ab30-22dcae22fa11
📒 Files selected for processing (18)
docs/app.jsdocs/index.htmldocs/styles.cssfirefox-addon/assets/settings-Dj5O1ufp.cssfirefox-addon/chunks/mailbox-D7TplG1-.jsfirefox-addon/chunks/mailbox-app-B46xbCzH.jsfirefox-addon/chunks/mailbox-rendering-BS6ps4ro.jsfirefox-addon/chunks/options-BLhumBH5.jsfirefox-addon/chunks/popup-BK7dL13P.jsfirefox-addon/chunks/popup-Dhx6oSf8.jsfirefox-addon/chunks/settings-BRO6b84y.jsfirefox-addon/chunks/settings-CSfJ1QfQ.jsfirefox-addon/chunks/sidepanel-BEBJmFqu.jsfirefox-addon/chunks/sidepanel-BemESDTs.jsfirefox-addon/mailbox.htmlfirefox-addon/options.htmlfirefox-addon/popup.htmlfirefox-addon/sidepanel.html
💤 Files with no reviewable changes (2)
- firefox-addon/chunks/popup-BK7dL13P.js
- firefox-addon/chunks/sidepanel-BemESDTs.js
Comment on lines
+35
to
+40
| font: | ||
| 14px/1.4 'Figtree', | ||
| 'Segoe UI', | ||
| system-ui, | ||
| sans-serif; | ||
| background: linear-gradient(180deg, #131111 0%, #111010 100%); |
There was a problem hiding this comment.
Fix stylelint font-family-name-quotes violations before merge.
Line 36 and Line 119 use quoted font-family names that violate the configured lint rule and can fail CI.
🛠️ Proposed fix
font:
- 14px/1.4 'Figtree',
+ 14px/1.4 Figtree,
'Segoe UI',
system-ui,
sans-serif;
@@
.brand-copy strong,
.column-head h1,
.detail-empty h2,
.detail-view h2 {
display: block;
- font-family: 'Fraunces', Georgia, 'Iowan Old Style', serif;
+ font-family: Fraunces, Georgia, 'Iowan Old Style', serif;
letter-spacing: -0.02em;
}Also applies to: 119-120
🧰 Tools
🪛 Stylelint (17.9.0)
[error] 36-36: Expected no quotes around "Figtree" (font-family-name-quotes)
(font-family-name-quotes)
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In `@docs/styles.css` around lines 35 - 40, The stylelint rule is failing because
font-family names are using single quotes; update the font declarations to
follow the configured quoting style by replacing single quotes with double
quotes for multi-word families and removing quotes for single-word families: in
the "font" shorthand change 'Figtree' to Figtree (no quotes) and change 'Segoe
UI' to "Segoe UI", and apply the same change to the other occurrence of
'Figtree'/'Segoe UI' later in the file so the font and background declarations
comply with font-family-name-quotes.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Verification
Summary by CodeRabbit