Bump version to 0.0.31

when I start a new browser use desktop instance, I shouldnt get a "wi… (

#398)

* when I start a new browser use desktop instance, I shouldnt get a "window already opened error".

also, when I need to update and double click a new dmg or something if I install a separate one, then it should auto-update current window.

* fix prerelease path

* Prefer predictable duplicate-launch focus

The version-aware handoff depended on a newer app process reliably reaching Electron's second-instance path, which is not guaranteed for normal macOS app launches. Keep duplicate launches simple: the lock loser exits, and the primary instance restores or recreates the appropriate window.

Constraint: macOS may activate the existing app instead of starting a second packaged app process
Rejected: Newer-binary handoff | relies on launch behavior we cannot prove with unit tests
Confidence: high
Scope-risk: narrow
Directive: Keep duplicate-launch handling version-agnostic unless packaged two-version smoke tests cover takeover behavior
Tested: npm run typecheck
Tested: npm run lint
Tested: npm run test

Set windowsVerbatimArguments on all cmd.exe spawns to fix #394 regres…

…sion

PR #394 added an outer pair of quotes around the cmd.exe /s /c cmdline
to handle paths containing spaces. The intent is right (cmd.exe /s /c
"<x>" strips the outer pair, leaving the inner quoted tokens parseable),
but it interacts badly with Node's libuv quote_cmd_arg: every spawn
arg containing whitespace gets re-wrapped in a SECOND quote pair with
internal " escaped as \". cmd.exe doesn't recognize \" as an escape,
so it sees `"\"<path> <args>\""`, treats the whole blob as one program
name, and fails with "is not recognized as an internal or external
command". Verified on Win11 GH Actions (windows-spawn smoke job).

Fix: resolveCliSpawn now returns a spawnOptions object carrying
windowsVerbatimArguments: true whenever it builds a cmd.exe cmdline.
Every spawn site spreads it. With verbatim mode, Node passes our args
through unchanged and PR #394's outer-quote logic actually works as
designed for both space-containing and space-free paths.

Updates 6 spawn sites (runEngine, both engine adapters' runCli probes,
two apiKeyIpc sites, two onboardingHandlers sites) plus the smoke test.

Merge branch 'main' into reagan/windows-fixes

Release v0.0.30

Release v0.0.29

Restore packaged updater metadata

The installed 0.0.26 app failed update checks because electron-updater attempted to read Contents/Resources/app-update.yml during download setup and the Forge package did not include it. Ship the generic feed config as an extra resource, add release guards that fail macOS/Linux packaging when the file is missing, and harden updater retries by clearing cached downloads on errors while deduplicating install clicks.

Constraint: electron-updater reads process.resourcesPath/app-update.yml even when runtime setFeedURL supplies the feed URL.

Rejected: Rely only on setFeedURL | verified installed 0.0.26 logged ENOENT for app-update.yml during update checks.

Confidence: high

Scope-risk: moderate

Directive: Do not remove app-update.yml packaging without testing a packaged app update from an older version to a newer version.

Tested: yarn test tests/unit/updater/updater.spec.ts tests/unit/updater/updateFeed.spec.ts; yarn typecheck; yarn lint --quiet; local macOS package includes Contents/Resources/app-update.yml

Not-tested: Real signed packaged app update from 0.0.28 to a later release; requires published successor release.

Make shortcut labels obey platform conventions

Shortcut hints were split across onboarding, hub settings, overlays, and the pill footer, which made it easy for macOS glyphs to leak into Linux and Windows. Centralizing platform-aware formatting keeps shortcut strings neutral until the renderer formats them with the cached preload platform.

Constraint: Linux and Windows shortcut labels must use text labels such as Ctrl and Alt, while macOS may use glyphs.

Rejected: Per-component platform checks | repeats conditionals and risks future drift.

Confidence: high

Scope-risk: moderate

Directive: Route all user-visible shortcut labels and shortcut capture normalization through src/shared/hotkeys.ts; do not add ad hoc glyph or platform checks in components.

Tested: npm run test -- tests/unit/shared/hotkeys.test.ts; npm run typecheck; npm run lint; npm run test

Not-tested: Manual Electron onboarding flow on Hyprland

Make update install prompts visible and traceable

The updater could reach a downloaded-update state while the Settings button stayed disabled, and native update prompts could attach to utility windows such as the logs panel. Packaged updater diagnostics also went to console output that is hard to inspect for Finder-launched apps.

This routes updater lifecycle events to main.log, uses the raw updater check so our own status/dialog flow is authoritative, anchors install prompts to the main app window, and keeps restart-to-install clickable once an update is ready. The app version is bumped to 0.0.27 for the release containing these fixes.

Constraint: electron-updater only prompts after an update has downloaded, so startup verification depends on a newer published release asset.

Rejected: Commit local mock-update branches | release builds must only use real updater events.

Rejected: Parent dialogs to the focused window | focused utility panels can make native sheets appear attached to the wrong surface.

Confidence: high

Scope-risk: moderate

Directive: Keep updater simulations in unit tests or local-only runtime flags; do not ship mock update branches.

Tested: yarn typecheck

Tested: yarn lint --quiet

Tested: yarn test tests/unit/updater/updater.spec.ts tests/unit/updater/updateFeed.spec.ts

Not-tested: Real packaged 0.0.26-to-0.0.27 auto-update before release assets exist

Release v0.0.26