Screenpipe upstream contribution burst 2026-07-03
Screenpipe upstream burst — 2026-07-03
Session summary
Two grill-me waves ran comprehensive audits against screenpipe/screenpipe (fast-moving Rust+Tauri monorepo, 2000+ upstream stars). Fork stayed byte-clean per no-fork-divergence. All 37 contributions filed atomically from chirag127/<branch> heads against upstream/main.
Wave 1 — reactive (user hit onboarding stuck)
Root cause: SAP CPIT DLP intercepts WebView2 → localhost:3030 from the same Tauri process (curl works from outside, webview does not).
7 PRs:
- #4851 401 detection + actionable copy on live-feed polls
- #4852
SCREENPIPE_SKIP_ONBOARDING=1env-var escape hatch - #4853 sdk.yml concurrency group
- #4854 earlier skip button in onboarding (10s + stuck state)
- #4855 AGENTS.md H1 typo fix
- #4856 crossbeam → dev-dependencies
- #4857 tsconfig noFallthroughCasesInSwitch
4 issues:
- #4850 corp-DLP WebView→localhost interception (reproducer)
- #4858 3 timer/interval leaks in Tauri hooks
- #4859 tsconfig strictness baseline drift across 6 configs
- #4860 10 more workflows missing concurrency groups
Wave 2 — proactive comprehensive review
Six parallel subagents (UX/perf/security/architecture + deep-research + live-metrics extraction from user's own running engine).
Deep-research findings (4 axes, sourced 2026-07): Tauri v2 patterns, screen-recording competitors 2026, MCP spec 2026-07-28 RC (breaking), Rust pipeline patterns.
Live metrics from user's 3h session: OCR cache 0% hits, 33% empty transcriptions, 1.5GB app RAM, 100%+ single-core CPU sustained.
12 more PRs:
- #4866 permission-buttons a11y (icon-only aria-label)
- #4867 settings-search empty-state copy
- #4868 rewind-search a11y (thumbnail loading + errors)
- #4869 engine-startup streaming region aria-live
- #4873 audio-dedup: drop 2 String allocs per chunk (24/7 hot path)
- #4875 ai-gateway README (7 providers documented)
- #4876 audio-chunk deletes: 2N stmts → 2 stmts (IN clause batching)
- #4879 MCP README: document the 23 tools that were missing
- #4881 analytics.rs: respect analytics_enabled during attribution beacon
- #4884 README FAQ: correct "no cloud data" claim (PostHog+Sentry ship enabled)
- #4887 hardened runtime on beta+enterprise macOS builds
14 more issues:
- #4862 Tauri capabilities/main.json hardening (auto-migrated + wildcards)
- #4863 MCP spec 2026-07-28 RC tracking + Resources migration
- #4864 tokio-console feature-gate for task-starvation observability
- #4865 3h session perf data (OCR cache miss, empty transcripts, RAM)
- #4870 onboarding stream error copy on corp networks
- #4871 "watching · Ns" indicator a11y strategy
- #4872 20+ icon-only buttons need aria-label sweep
- #4877 FPS derate on battery/thermal, not just idle
- #4878 backfill_meeting_segment_speakers query pattern
- #4880 background poll intervals configurable + DeviceTier-adaptive
- #4882 ai-gateway missing Groq + Ollama providers
- #4883 screenpipe-engine 12-sibling coupling / trait extraction
- #4885 PostHog+Sentry init before settings hydration
- #4886 SecretStore base64-fallback when encryption off
Discipline maintained
Every contribution:
- Branched off
upstream/main(never fork main) - Read the file before editing (never grep-only)
- ≤150 word body per
terse-issues-less-hallucination - Thanks-maintainers on last line
- Preserved screenpipe file headers on every touched .rs/.ts/.tsx
- ≤5 files per PR (most = 1 file)
Parallel-agent turbulence
7+ concurrent subagents on same submodule caused branch clobbering / stash races. Recovered every commit via git reflog + push-by-SHA. Never used git reset --hard on fork state. Lesson: --isolation worktree for parallel fork work. One subagent (architecture review) used worktree correctly at repos/frk/screenpipe-review-arch/ — cleaned up post-run.
Cross-refs
unstuck-screenpipe-onboarding-corp-vdi— the reactive-session runbookno-fork-divergence— how we stay cleanterse-issues-less-hallucination— body constraint
Follow-up if any land
If maintainer merges > 60% of PRs, this session becomes a case study for the fork-thin-upstream-tracking + audit-loop pattern. Track merge rate over next 30 days.