[codex] Refactor desktop settings Effect services

[juliusmarminge]

Summary

• Inlines the desktop settings and connection-catalog service contracts on their Context.Service tags.
• Removes standalone settings shape aliases and updates consumers to namespace imports, qualified access, and Service["Service"] types.
• Exports canonical effectful make values and layer constants for all four services without synthetic wrappers.
• Models filesystem, document-decode, secret-decode, write, and migration failures as distinct schema errors with structured operation, path, stage, environment, and field attributes.
• Preserves existing settings persistence, encryption, migration, and server-exposure behavior.

Scope

The final diff is limited to the desktop settings and connection-catalog services plus focused error-classification tests. There are no orchestration, MCP, or server-exposure changes.

Validation

• Four relevant desktop suites — 4 files / 41 tests passed
• vp check — passed; 20 pre-existing unrelated warnings
• vp run typecheck — passed
• git diff --check origin/main...HEAD — passed
• Structured-error audit — no raw Schema.Defect() causes or message-discriminating switches in the four services
• Stale shape and named service-import audits — no violations
• Review-thread audit — no unresolved threads before the final push

---

Note

Medium Risk
Changes error typing and wiring across encrypted catalogs, saved-environment secrets, and on-disk settings writes—security-sensitive persistence paths—but scope is refactor-only with broad test coverage and no described behavior changes.

Overview
Refactors four desktop Effect persistence services—app settings, client settings, saved environments, and the connection catalog—so each exposes an exported make factory and layer = Layer.effect(..., make), with the service API defined inline on Context.Service instead of separate *Shape interfaces.

Tagged errors move from generic Data.TaggedError + opaque cause to Schema.TaggedErrorClass payloads with operation, affected path (or catalog/registry path), and a safe detail string. Read vs JSON/document decode vs encrypted-payload decode are split into distinct error types; migration failures record which legacy step failed (and optional environmentId for secret reads). Invalid base64/secret material is reported without echoing raw secret bytes in messages.

Persistence, encryption, legacy migration, and server-exposure semantics are intended unchanged; tests were updated and extended to assert the new error shapes and failure stages.

^{Reviewed by Cursor Bugbot for commit c9ad561. Bugbot is set up for automated code reviews on this repo. Configure here.}

Note

Refactor desktop settings error classes to use structured fields for operation, path, and detail

• Converts error classes in DesktopAppSettings, DesktopClientSettings, DesktopSavedEnvironments, and DesktopConnectionCatalogStore from Data.TaggedError to Schema.TaggedErrorClass with structured operation, path/catalogPath/registryPath, and detail fields.
• Each write and read stage now emits a specific operation tag (e.g. create-directory, replace-settings-file, read-legacy-registry) so callers can distinguish failure modes without parsing error messages.
• Decode errors (JSON document and base64 secret) are separated into their own error classes (DesktopConnectionCatalogStoreDocumentDecodeError, DesktopSavedEnvironmentsDocumentDecodeError, DesktopSavedEnvironmentSecretDecodeError) rather than being lumped into read errors.
• Secret-related error messages are constructed to avoid exposing raw secret content.
• Layer construction for each service is refactored from a direct Layer definition into a make factory consumed via Layer.effect.

^{Macroscope summarized c9ad561.}

[coderabbitai]

Important

Review skipped

Auto reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 0cc0c5d8-9bfb-4642-b290-a5afcbb9206d

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch codex/effect-service-desktop-settings

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

🚀 Expo continuous deployment is ready!

• Project → t3-code
• Platforms → android, ios
• Scheme → t3code-preview

	🤖 Android	🍎 iOS
Fingerprint	fe5a51f2e189da69dfc4c2cd458e6cfb5fdff2ea	ae3bd597809dfd7771d0898f735d172973d4c1c8
Build Details	Build Permalink Details Distribution: INTERNAL Build profile: preview:dev Runtime version: fe5a51f2e189da69dfc4c2cd458e6cfb5fdff2ea App version: 0.1.0 Git commit: f30c72047f910d3c63edf84887f4c6392d72a650	Build Permalink Details Distribution: INTERNAL Build profile: preview:dev Runtime version: ae3bd597809dfd7771d0898f735d172973d4c1c8 App version: 0.1.0 Git commit: b4706aa685da92ae179e34c97839c2a0e9840f09
Update Details	Update Permalink Details Branch: pr-3188 Runtime version: fe5a51f2e189da69dfc4c2cd458e6cfb5fdff2ea Git commit: 148d7607b1c2c383f8bc419c9f7f8167f206b496	Update Permalink Details Branch: pr-3188 Runtime version: ae3bd597809dfd7771d0898f735d172973d4c1c8 Git commit: 148d7607b1c2c383f8bc419c9f7f8167f206b496
Update QR

[macroscopeapp]

Approvability

Verdict: Approved

Mechanical refactor converting error classes to use Schema.TaggedErrorClass with structured fields for better error reporting. No runtime behavior changes - the same operations execute with the same logic, just with more informative error messages. Comprehensive tests added for the new error structure.

^{You can customize Macroscope's approvability policy. Learn more.}

Dismissing prior approval to re-evaluate 3236e4a

Dismissing prior approval to re-evaluate a17e8af

Dismissing prior approval to re-evaluate d83af36

Dismissing prior approval to re-evaluate d84fb7e

Dismissing prior approval to re-evaluate c9ad561