Fix:File Formatting and bug fix

[akshajtiwari]

Summary

Repo-wide prettier formatting pass and bug fixes from the previous PR.#1268

Description

• Ran npx prettier . --write across the entire repo to enforce consistent code style
• Removed the v prefix from the version-matching regex so it correctly matches version strings
• Removed the v from the .deb download URL to align with the corrected version format
• Fixed the incorrect file path in PKGBUILD

Summary by CodeRabbit

• Documentation

  • Enhanced setup guide with clearer installation steps and verification instructions
  • Updated code of conduct formatting for improved readability
  • Improved code snippet formatting across multiple documentation guides
  • Refined documentation styling and layout adjustments

• Chores

  • Enabled early access and reorganized chat/review-related configuration
  • Tweaked CI/workflow and publishing automation settings and permissions
  • Minor linting/config formatting updates and assorted config cleanups

[github-actions]

⚠️ No issue was linked in the PR description.
Please make sure to link an issue (e.g., 'Fixes #issue_number')

[coderabbitai]

Walkthrough

This PR reorganizes CodeRabbit review config (.coderabbit.yaml) with early_access and chat.auto_reply, updates GitHub Actions (AUR publish version handling and permissions plus minor workflow formatting), restructures setup/community docs, and applies formatting changes across frontend docs, OpenAPI JSON, and stylesheet presentation.

Changes

Repository Configuration and Documentation Updates

Layer / File(s)	Summary
CodeRabbit AI Review Configuration .coderabbit.yaml	Enabled early_access: true, moved auto_reply into chat:, reaffirmed issue_enrichment and auto-planning rules, and expanded reviews with labeling and path-scoped instructions.
GitHub Actions: AUR publish workflow .github/workflows/aur-publish.yml	Added workflow-level permissions: contents: write; changed version extraction to drop leading v, download artifacts using non-v version, compute/validate sha256, and update publishing/PKGBUILD and AUR commit message accordingly.
Workflow formatting and minor CI edits .github/.markdownlint-cli2.jsonc, .github/workflows/build-and-release.yml, .github/workflows/duplicate_issue_detector.yaml	Added trailing commas in JSONC globs and MD024 block, re-indented publish-tauri env entries, and changed python-version quoting to double quotes.
Community and Setup Documentation CODE_OF_CONDUCT.md, docs/Manual_Setup_Guide.md	Switched CODE_OF_CONDUCT bullets from * to - and adjusted wrapping; restructured Manual_Setup_Guide to add explicit Miniconda download/install and verify steps and reflow markdown blocks.
API and Frontend Documentation docs/backend/backend_python/openapi.json, docs/frontend/memories.md, docs/frontend/state-management.md, docs/index.md	Collapsed many multi-line arrays in OpenAPI to single-line arrays (formatting-only); updated memories snippets to use double quotes and template literals; added trailing commas in state-management selectors; minor index whitespace edit.
Screenshots and Stylesheet Presentation docs/frontend/screenshots.md, docs/stylesheets/extra.css	Converted screenshot captions to underscore-wrapped italic lines and reformatted several CSS selector blocks across the stylesheet without changing declarations.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• AOSSIE-Org/PictoPy#1189: Related changes to .coderabbit.yaml (chat/auto_reply and review settings).
• AOSSIE-Org/PictoPy#1266: Modifies the same .github/.markdownlint-cli2.jsonc configuration for JSONC formatting consistency.
• AOSSIE-Org/PictoPy#971: Also touches the Manual Setup Guide and Miniconda installation steps.

Suggested labels

Documentation, Linter

Suggested reviewers

• rohan-pandeyy

Poem

🐰 A rabbit hops through config and docs,
Rewrites a comma, untangles the block,
Early-access whispers in a YAML line,
Workflows hum versions without the v sign,
Hooray — small fixes and tidy docs, hop hop!

🚥 Pre-merge checks | ✅ 3 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title 'Fix:File Formatting and bug fix' is vague and generic, using non-descriptive terms that don't convey meaningful information about the changeset.	Improve the title to be more specific and descriptive. Consider: 'Apply Prettier formatting and fix version regex in AUR workflow' or similar to highlight the main technical changes.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

⚠️ No issue was linked in the PR description.
Please make sure to link an issue (e.g., 'Fixes #issue_number')

[github-actions]

⚠️ No issue was linked in the PR description.
Please make sure to link an issue (e.g., 'Fixes #issue_number')

[coderabbitai]

Actionable comments posted: 6

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

docs/backend/backend_python/openapi.json (1)

1-3218: ⚠️ Potential issue | 🟠 Major

Update OpenAPI 401 responses for hidden-album password checks (securitySchemes omission is consistent)

• docs/backend/backend_python/openapi.json correctly omits top-level security/components.securitySchemes; backend doesn’t use FastAPI HTTP auth schemes—its 401s come from handler-level permission/password checks.
• OpenAPI is still missing 401 for password-protected hidden albums: PUT /albums/{album_id} and POST /albums/{album_id}/images/get (backend raises status.HTTP_401_UNAUTHORIZED when current_password/password is missing or incorrect).

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@docs/backend/backend_python/openapi.json` around lines 1 - 3218, Add a 401
response for the hidden-album password checks on the two endpoints:
update_album_albums__album_id__put and
get_album_images_albums__album_id__images_get_post; specifically, update the
OpenAPI paths for PUT /albums/{album_id} (operationId
update_album_albums__album_id__put) and POST /albums/{album_id}/images/get
(operationId get_album_images_albums__album_id__images_get_post) to include a
"401" response entry that returns the same error schema used by other
album/folder error responses (e.g. reference the existing
app__schemas__folders__ErrorResponse or the appropriate project error schema) so
the spec documents the backend's status.HTTP_401_UNAUTHORIZED behavior when
current_password/password is missing or incorrect.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/aur-publish.yml:
- Around line 84-93: The "Publish to AUR" job uses the mutable action reference
KSXGitHub/github-actions-deploy-aur@v4.1.3; update that reference to the
action's immutable full 40-character commit SHA (replace `@v4.1.3` with
@<full-commit-sha>) so the workflow pins the exact release, and while editing
the same workflow also consider pinning actions/checkout@v4,
actions/upload-artifact@v4, and actions/download-artifact@v4 to their respective
full commit SHAs to avoid future breakage.
- Around line 46-48: Validate the VERSION from
steps.check_version.outputs.latest_version before using it: ensure VERSION
matches an allowlist/expected semver or regex (e.g.,
^v?\d+\.\d+\.\d+(-[A-Za-z0-9.-]+)?$) and fail the job early if not, then only
construct DEB_URL and run sed -i "s/^pkgver=.*/pkgver=$VERSION/" PKGBUILD after
validation; likewise validate SHA after computing it by checking it is a
64-character hex string (/[0-9a-fA-F]{64}/) and fail fast if it does not match
before running sed -i "s/sha256sums=.*/sha256sums=('$SHA')/" PKGBUILD so no
substitution occurs with malformed values.

In `@docs/backend/backend_python/openapi.json`:
- Line 1480: The operation's tags array contains a duplicate "Shutdown" entry;
locate the tags property that currently reads ["Shutdown", "Shutdown"] and
remove the redundant element so the array contains a single "Shutdown" string
(i.e., change to ["Shutdown"]); also scan the surrounding OpenAPI operation
object (the tags field) to ensure no other duplicate tag arrays remain.

In `@docs/frontend/memories.md`:
- Around line 281-283: The JSX example is invalid due to an extraneous semicolon
inside the expression block; update the snippet using the conditional rendering
expression with no trailing semicolon so it returns the element (e.g.,
{!showMediaView && <div onClick={handleCloseViewer>{/* Grid content */}</div>})
— locate the example referencing showMediaView and handleCloseViewer and remove
the semicolon and any superfluous braces so the JSX is valid when copied.

In `@docs/Manual_Setup_Guide.md`:
- Line 104: Update the sentence that currently reads "In test mode," to "In
development mode" within the docs section that describes running the backend
with "fastapi dev" (the sentence that starts "The server will start on
`http://localhost:52123` by default. In test mode,..."). Ensure the phrase "In
development mode" replaces "In test mode" so the documentation correctly
reflects the development (fastapi dev) run instructions and matches project
guidelines.

In `@docs/stylesheets/extra.css`:
- Line 14: Remove the stray blank line before the CSS declaration to satisfy
stylelint's declaration-empty-line-before rule: edit docs/stylesheets/extra.css
and ensure the padding-right: 0; declaration immediately follows the previous
token (e.g., previous declaration or the opening brace) within the same rule
block so there is no empty line before padding-right.

---

Outside diff comments:
In `@docs/backend/backend_python/openapi.json`:
- Around line 1-3218: Add a 401 response for the hidden-album password checks on
the two endpoints: update_album_albums__album_id__put and
get_album_images_albums__album_id__images_get_post; specifically, update the
OpenAPI paths for PUT /albums/{album_id} (operationId
update_album_albums__album_id__put) and POST /albums/{album_id}/images/get
(operationId get_album_images_albums__album_id__images_get_post) to include a
"401" response entry that returns the same error schema used by other
album/folder error responses (e.g. reference the existing
app__schemas__folders__ErrorResponse or the appropriate project error schema) so
the spec documents the backend's status.HTTP_401_UNAUTHORIZED behavior when
current_password/password is missing or incorrect.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 70cd6c4d-8e20-45f2-880b-c398a29ccff8

📥 Commits

Reviewing files that changed from the base of the PR and between a20c1bb and 5427a86.

📒 Files selected for processing (14)

• .coderabbit.yaml
• .github/.markdownlint-cli2.jsonc
• .github/ISSUE_TEMPLATE/feature.yml
• .github/workflows/aur-publish.yml
• .github/workflows/build-and-release.yml
• .github/workflows/duplicate_issue_detector.yaml
• CODE_OF_CONDUCT.md
• docs/Manual_Setup_Guide.md
• docs/backend/backend_python/openapi.json
• docs/frontend/memories.md
• docs/frontend/screenshots.md
• docs/frontend/state-management.md
• docs/index.md
• docs/stylesheets/extra.css

💤 Files with no reviewable changes (1)

• .github/ISSUE_TEMPLATE/feature.yml

[github-actions]

⚠️ No issue was linked in the PR description.
Please make sure to link an issue (e.g., 'Fixes #issue_number')

[github-actions]

⚠️ No issue was linked in the PR description.
Please make sure to link an issue (e.g., 'Fixes #issue_number')

[coderabbitai]

♻️ Duplicate comments (1)

.github/workflows/aur-publish.yml (1)

30-33: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Normalize tag_name before using it as pkgver and in the .deb URL.

Line 46 uses raw latest_version for both release-tag path and filename. If GitHub returns tag_name=vX.Y.Z, this can produce PictoPy_vX.Y.Z_amd64.deb and pkgver=vX.Y.Z, which conflicts with the PKGBUILD source contract (.../download/v${pkgver}/PictoPy_${pkgver}_amd64.deb) and can break AUR updates.

Suggested fix

-          LATEST_VERSION=$(curl -fsSL https://api.github.com/repos/AOSSIE-Org/PictoPy/releases/latest \
-            | grep -oP '(?<="tag_name": ")[^"]+')
+          TAG_NAME=$(curl -fsSL https://api.github.com/repos/AOSSIE-Org/PictoPy/releases/latest \
+            | grep -oP '(?<="tag_name": ")[^"]+')
+          LATEST_VERSION="${TAG_NAME#v}"
+          if ! echo "$LATEST_VERSION" | grep -qP '^[0-9]+\.[0-9]+\.[0-9]+([.-][A-Za-z0-9]+)*$'; then
+            echo "ERROR: Invalid release version: $LATEST_VERSION"
+            exit 1
+          fi
...
-          VERSION="${{ steps.check_version.outputs.latest_version }}"
-          DEB_URL="https://github.com/AOSSIE-Org/PictoPy/releases/download/${VERSION}/PictoPy_${VERSION}_amd64.deb"
+          VERSION="${{ steps.check_version.outputs.latest_version }}"
+          DEB_URL="https://github.com/AOSSIE-Org/PictoPy/releases/download/v${VERSION}/PictoPy_${VERSION}_amd64.deb"

Also applies to: 46-47, 61-61

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/aur-publish.yml around lines 30 - 33, The fetched
LATEST_VERSION may include a leading "v" (e.g., "v1.2.3") which must be
normalized before using as pkgver or in .deb download paths; change the flow so
after extracting LATEST_VERSION you create a normalized variable (e.g.,
STRIPPED_VERSION) by removing a leading "v" or any non-numeric prefix, use that
normalized value for CURRENT_VERSION/pkgver and in the .deb filename and
download URL (references: LATEST_VERSION, CURRENT_VERSION, the .deb filename
construction and download URL usage).

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Duplicate comments:
In @.github/workflows/aur-publish.yml:
- Around line 30-33: The fetched LATEST_VERSION may include a leading "v" (e.g.,
"v1.2.3") which must be normalized before using as pkgver or in .deb download
paths; change the flow so after extracting LATEST_VERSION you create a
normalized variable (e.g., STRIPPED_VERSION) by removing a leading "v" or any
non-numeric prefix, use that normalized value for CURRENT_VERSION/pkgver and in
the .deb filename and download URL (references: LATEST_VERSION, CURRENT_VERSION,
the .deb filename construction and download URL usage).

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: c4765350-6b78-4007-be38-f6dbed114a8d

📥 Commits

Reviewing files that changed from the base of the PR and between 5427a86 and 03dcbc1.

📒 Files selected for processing (2)

• .github/workflows/aur-publish.yml
• docs/frontend/memories.md

✅ Files skipped from review due to trivial changes (1)

• docs/frontend/memories.md

[akshajtiwari]

@rohan-pandeyy , PR is ready for review
Please have a look at the resolved coderabbit as well , since I intentionally ignored some of them.
So based on your feedback I can make the changes if needed.