wip: checkpoint before workflow fixes

[lalalune]

Relates to

Risks

Background

What does this PR do?

What kind of change is this?

Documentation changes needed?

Testing

Where should a reviewer start?

Detailed testing steps

Greptile Summary

A wide-ranging brand/design checkpoint that touches 86 files across the cloud-frontend, os-homepage, homepage, and ui packages. The primary theme is a global radius system update (zero-radius → 2–4 px tokens), removal of backdrop-blur from UI surfaces, and a full visual refresh of the os-homepage hero (cloud video), installer layout (tile cards), and hardware section (grid tiles).

• Brand system: packages/ui/src/styles/base.css updates all --radius-* tokens, affecting every component that uses Tailwind rounded-sm/md/lg; dozens of cloud-frontend files were updated to use rounded-sm explicitly.
• os-homepage redesign: Hero replaced with a cloud video section; download rows replaced with install-card tiles showing inline shell commands; hardware rows replaced with a responsive hw-grid tile layout; social links (GitHub, X) added to footer.
• New packages/tooling: packages/ui-stories introduced as a Storybook-style visual catalog; three new Playwright specs add error-capture and title-validation infrastructure; several scripts (knip-workspaces.mjs, personality-bench-bridge.mjs, route-catalog.ts) are deleted.

Confidence Score: 3/5

The Android install card links to a raw JSON manifest file, which is a regression for users who click it. The new Playwright auth mocking uses a cookie domain that won't match a localhost test server, making those tests unreliable. The radius and visual changes are widespread but low-risk.

Two defects stand out: the os-homepage Android install card changed its href from the cloud URL to a .json manifest file (users will land on raw JSON), and the brand-flows Playwright spec mocks authentication with a cookie whose domain (127.0.0.1) will not be sent to a localhost origin, meaning those dashboard-redirect assertions are not actually testing what they claim to test. The rest of the PR — radius token standardisation, backdrop-blur removal, ui-stories bootstrap, improved user-menu fetch hardening — is straightforward and low-risk.

packages/os-homepage/src/App.tsx (Android install href regression) and packages/cloud-frontend/tests/e2e/brand-flows.spec.ts (cookie domain mismatch in auth mocking)

Important Files Changed

Filename	Overview
packages/os-homepage/src/App.tsx	Large homepage redesign — switched hero from static blue band to cloud video, hardware from row layout to tile grid, and added social links to footer. Android install card regressed to link to a JSON manifest file instead of a download/cloud URL.
packages/cloud-frontend/tests/e2e/brand-flows.spec.ts	New Playwright spec covering landing CTA, checkout, and authenticated dashboard routes. Mock auth cookie uses domain 127.0.0.1 which won't match a localhost test server, and the login-page heading assertion is fragile.
packages/cloud-frontend/tests/e2e/cloud-routes-live.spec.ts	New opt-in live smoke test for public routes; skipped unless CLOUD_E2E_LIVE_URL is set. Minor issue: test.use({ baseURL: undefined }) called unconditionally.
packages/cloud-frontend/tests/e2e/cloud-routes.spec.ts	Existing route smoke tests extended with page-error/console-error/network-failure collectors and per-route title assertions. Solid improvement.
packages/cloud-shared/src/db/repositories/eliza-room-characters.ts	Replaced console.log statements with structured logger.debug calls; minor improvement to logging hygiene.
packages/ui-stories/package.json	New @elizaos/ui-stories package for visual component catalog. Dependencies are plausible; no structural issues.
packages/ui/src/styles/base.css	Global radius tokens updated from 0/0.125rem/0.25rem to 2px/3px/4px across all theme surfaces, aligning design system to slight-xs rounding brand guideline.
scripts/knip-workspaces.mjs	Deleted workspace-scoped Knip runner script. Removal may break CI jobs that reference this file; no replacement visible in this diff.
packages/cloud-frontend/src/components/layout/user-menu.tsx	Profile fetch hardened: added Accept: application/json header and content-type guard before parsing, preventing JSON parse errors on HTML redirect responses.
packages/cloud-frontend/src/components/chat/eliza-chat-interface.tsx	Cosmetic: rounded-2xl/rounded-xl replaced with rounded-sm, and backdrop-blur-md removed from dropdown menus, consistent with the radius token update.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[User visits os-homepage /] --> B[CloudHero section\ncloud video background]
    B --> C{User action}
    C -->|Click Download| D[#download section\ninstall-cards: Linux, Mac, Android]
    C -->|Click Hardware| E[#hardware section\nhw-grid tiles]
    D --> D1[Linux PC → betaManifestUrl JSON]
    D --> D2[Mac/Windows/Linux → appUrl]
    D --> D3[Android → betaManifestUrl JSON ⚠️]
    E --> F[Individual hw-tile\nlinks to /hardware/:slug]
    F --> G[ProductDetail page\nHeader solid=true]

Loading

_{Reviews (1): Last reviewed commit: "wip: checkpoint before workflow fixes" | Re-trigger Greptile}

Greptile also left 4 inline comments on this PR.

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 4b0bbfb4-3a7b-409c-8675-6370e3066777

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/pr-7714-7715-review-issues

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[claude]

Claude encountered an error after 0s —— View job

---

I'll analyze this and get back to you.

[greptile-apps]

Android install card links to JSON manifest

The Android install-card now links to betaManifestUrl (/downloads/elizaos-beta-manifest.json), a raw JSON file. Before this PR, the Android link pointed to cloudUrl (https://elizacloud.ai/login?intent=launch). Clicking the card will serve raw JSON in the browser rather than initiating a download or directing users to a download page, which is a regression from the previous behaviour.

[greptile-apps]

Mock auth cookie uses 127.0.0.1 domain instead of localhost

The cookie domain is hardcoded to "127.0.0.1". Playwright's dev server typically listens on localhost, and browsers treat localhost and 127.0.0.1 as distinct origins for cookie matching. The cookie will not be sent with requests to localhost, making the mock authentication ineffective and causing the dashboard non-redirect assertion to pass for the wrong reason.

[greptile-apps]

Fragile title assertion on login page

toContainText(/sign in/i) assumes the login page's h1 always includes the phrase "sign in". If the heading reads "Log in", "Welcome back", or anything without "sign in", this test will fail as a false negative rather than catching a real regression. Consider asserting the URL (/login) alone, or matching a more stable selector.

[greptile-apps]

test.use({ baseURL: LIVE_URL }) called with a potentially undefined value

test.use({ baseURL: LIVE_URL }) executes unconditionally even when LIVE_URL is undefined (the skip-guard only prevents the test bodies from running). Passing undefined as baseURL can override the default base URL, causing test helpers that rely on it to resolve paths incorrectly if tests are ever partially unskipped. Guard this call or move it inside a conditional setup.