Fix zbus API changes in coldvox-text-injection

[Coldaine]

User description

The atspi-common crate changed ObjectRef from a struct with direct name and path fields to an enum with Null/Owned/Borrowed variants. Use the new accessor methods name_as_str() and path_as_str() instead of direct field access.

Description

Type of Change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation update
• Refactoring (no functional changes)
• Performance improvement
• Dependency update

Changelog

• CHANGELOG.md updated - This PR includes user-visible changes (see docs/standards.md Changelog Rubric)
• No changelog needed - This PR contains only internal changes (refactoring, tests, CI/CD, tooling)

If changelog updated: Confirm entry follows Keep a Changelog format and is under ## [Unreleased] section with appropriate category (Added/Changed/Deprecated/Removed/Fixed/Security/Documentation/Dependencies).

If no changelog: Briefly explain why this change is not user-visible:

Documentation

• Documentation updated (if applicable)
• All new/modified docs have proper frontmatter metadata (see docs/MasterDocumentationPlaybook.md)
• Documentation is placed in correct location per playbook structure
• No documentation changes needed

Testing

• Existing tests pass
• New tests added (if applicable)
• Manual testing performed

Test details:

Checklist

• Code follows project style guidelines (cargo fmt, cargo clippy)
• Self-review completed
• Comments added for complex/non-obvious code
• No new warnings introduced
• Related documentation updated
• Changelog updated (if user-visible changes)

Related Issues

Additional Context

---

PR Type

Bug fix

---

Description

• Update ObjectRef API usage for atspi-common 0.13.0 compatibility

• Replace direct field access with new accessor methods

• Handle ObjectRef enum variants properly with Option types

---

Diagram Walkthrough

flowchart LR
  A["ObjectRef struct<br/>direct field access"] -- "atspi-common 0.13.0<br/>API change" --> B["ObjectRef enum<br/>with variants"]
  B -- "use accessor methods" --> C["name_as_str()"]
  B -- "use accessor methods" --> D["path_as_str()"]
  C -- "returns Option" --> E["Handle None case"]
  D -- "returns Option" --> E

Loading

File Walkthrough

Relevant files

Bug fix

manager.rs Update ObjectRef field access to use accessor methods        crates/coldvox-text-injection/src/manager.rs Replace obj_ref.name direct access with obj_ref.name_as_str() method call Handle Option return type with pattern matching Replace obj_ref.path direct access with obj_ref.path_as_str() method call Add null-safety checks for the new accessor methods +5/-3      prewarm.rs Migrate to ObjectRef accessor methods in prewarm                  crates/coldvox-text-injection/src/prewarm.rs Replace obj_ref.name with obj_ref.name_as_str() and map to Option Replace obj_ref.path with obj_ref.path_as_str() for accessor method usage Update variable assignments to handle Option return types +2/-2

---

[chatgpt-codex-connector]

You have reached your Codex usage limits for code reviews. You can see your limits in the Codex usage dashboard.

[qodo-free-for-open-source-projects]

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
🟢	No security concerns identified No security vulnerabilities detected by AI analysis. Human verification advised for critical code.
Ticket Compliance
⚪	🎫 No ticket provided Create ticket/issue
Codebase Duplication Compliance
⚪	Codebase context is not defined Follow the guide to enable codebase context checks.
Custom Compliance
🟢	Generic: Comprehensive Audit Trails Objective: To create a detailed and reliable record of critical system actions for security analysis and compliance. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Meaningful Naming and Self-Documenting Code Objective: Ensure all identifiers clearly express their purpose and intent, making code self-documenting Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Robust Error Handling and Edge Case Management Objective: Ensure comprehensive error handling that provides meaningful context and graceful degradation Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Error Handling Objective: To prevent the leakage of sensitive system information through error messages while providing sufficient detail for internal debugging. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Logging Practices Objective: To ensure logs are useful for debugging and auditing without exposing sensitive information like PII, PHI, or cardholder data. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Security-First Input Validation and Data Handling Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent vulnerabilities Status: Passed Learn more about managing compliance generic rules or creating your own custom rules

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

[qodo-code-review]

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
🟢	No security concerns identified No security vulnerabilities detected by AI analysis. Human verification advised for critical code.
Ticket Compliance
⚪	🎫 No ticket provided Create ticket/issue
Codebase Duplication Compliance
⚪	Codebase context is not defined Follow the guide to enable codebase context checks.
Custom Compliance
🟢	Generic: Meaningful Naming and Self-Documenting Code Objective: Ensure all identifiers clearly express their purpose and intent, making code self-documenting Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Error Handling Objective: To prevent the leakage of sensitive system information through error messages while providing sufficient detail for internal debugging. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
⚪	Generic: Comprehensive Audit Trails Objective: To create a detailed and reliable record of critical system actions for security analysis and compliance. Status: No auditing: The new logic returning focused object names/paths performs potentially critical UI selection actions without emitting any audit logs for who/what triggered it or the outcome. Referred Code let mut rule = ObjectMatchRule::default(); rule.states = State::Focused.into(); rule.states_mt = MatchType::All; if let Ok(mut matches) = collection .get_matches(rule, SortOrder::Canonical, 1, false) .await { if let Some(obj_ref) = matches.pop() { if let Some(name) = obj_ref.name_as_str() { if !name.is_empty() { return Ok(name.to_string()); } } if let Some(last) = obj_ref.path_as_str().rsplit('/').next() { if !last.is_empty() { return Ok(last.to_string()); } } Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Robust Error Handling and Edge Case Management Objective: Ensure comprehensive error handling that provides meaningful context and graceful degradation Status: Option handling: Mapping name_as_str() directly to target_app may produce None without fallback or context, and path_as_str().to_string() assumes non-empty path without checking edge cases. Referred Code target_app = obj_ref.name_as_str().map(|s| s.to_string()); window_id = Some(obj_ref.path_as_str().to_string()); // Simplified editable text check - assume it's editable if we found a focused element has_editable_text = true; } Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Logging Practices Objective: To ensure logs are useful for debugging and auditing without exposing sensitive information like PII, PHI, or cardholder data. Status: Potential PII: Storing or later logging target_app from object names and window_id from object paths could expose user/application identifiers if logged elsewhere; no explicit safeguards are added here. Referred Code target_app = obj_ref.name_as_str().map(|s| s.to_string()); window_id = Some(obj_ref.path_as_str().to_string()); Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Security-First Input Validation and Data Handling Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent vulnerabilities Status: Input validation: The code consumes external object metadata (name/path) without validating content (e.g., empty, unusual characters), which may later be used unsafely in other contexts. Referred Code if let Some(name) = obj_ref.name_as_str() { if !name.is_empty() { return Ok(name.to_string()); } } if let Some(last) = obj_ref.path_as_str().rsplit('/').next() { if !last.is_empty() { return Ok(last.to_string()); } } Learn more about managing compliance generic rules or creating your own custom rules

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

[qodo-free-for-open-source-projects]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
General	Align app identification logic with manager To ensure consistent application identification, update the logic in prewarm.rs to match manager.rs by using the object path as a fallback when the application name is empty. crates/coldvox-text-injection/src/prewarm.rs [216-217] -target_app = obj_ref.name_as_str().map(|s| s.to_string()); +let name = obj_ref.name_as_str().filter(|s| !s.is_empty()); +target_app = name.map(|s| s.to_string()).or_else(|| { + obj_ref + .path_as_str() + .rsplit('/') + .next() + .filter(|s| !s.is_empty()) + .map(|s| s.to_string()) +}); window_id = Some(obj_ref.path_as_str().to_string()); Apply / Chat Suggestion importance[1-10]: 7 __ Why: The suggestion correctly identifies an important logical inconsistency between prewarm.rs and manager.rs for determining the target application, and the proposed fix aligns the behavior, improving the code's robustness and correctness.	Medium
More

[qodo-code-review]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
Possible issue	Add fallback for app identification Implement a fallback for target_app identification in prewarm.rs to use the object path when the name is unavailable, mirroring the logic in manager.rs for consistency. crates/coldvox-text-injection/src/prewarm.rs [212-221] if let Some(obj_ref) = matches.first() { // Store the focused node focused_node = Some("focused".to_string()); - target_app = obj_ref.name_as_str().map(|s| s.to_string()); + target_app = obj_ref + .name_as_str() + .filter(|s| !s.is_empty()) + .map(|s| s.to_string()) + .or_else(|| { + obj_ref + .path_as_str() + .rsplit('/') + .next() + .filter(|s| !s.is_empty()) + .map(|s| s.to_string()) + }); window_id = Some(obj_ref.path_as_str().to_string()); // Simplified editable text check - assume it's editable if we found a focused element has_editable_text = true; } [To ensure code accuracy, apply this suggestion manually] Suggestion importance[1-10]: 7 __ Why: The suggestion correctly identifies an inconsistency between prewarm.rs and manager.rs and proposes to align them, which improves the robustness of the pre-warming logic.	Medium
More

[kiloconnect]

✅ No Critical Issues Found

2 files reviewed | Confidence: 95% | Recommendation: Fix one warning before merge

Review Details

Files:

• crates/coldvox-text-injection/src/manager.rs (correctly updated)
• crates/coldvox-text-injection/src/prewarm.rs (1 warning)

Checked: Security, bugs, performance, error handling, API compatibility

Summary

The PR successfully migrates from direct field access to the new atspi-common 0.13.0 API with accessor methods. The changes in manager.rs are implemented correctly with proper null safety handling.

Issues Found:

• WARNING in prewarm.rs: path_as_str() could return None, causing a panic when calling .to_string() directly. The suggested fix adds proper Option handling.

Positive Changes:

• Manager.rs properly uses pattern matching for safe Option handling
• Prewarm.rs correctly uses .map() for the name field
• Both files now use the recommended accessor methods from atspi-common 0.13.0

The migration follows the new API requirements and maintains backward compatibility while improving type safety.

[kiloconnect]

✅ GOOD: Properly handles the Option return type with pattern matching, ensuring null safety for the name field.

[kiloconnect]

✅ GOOD: Correctly uses the accessor method and handles the Option return type properly for the path field.

[kiloconnect]

⚠️ WARNING: Potential null pointer

path_as_str() returns Option<&str> and could be None, causing a panic when calling .to_string() on None. Fix:

Suggested change

	target_app = obj_ref.name().map(|n| n.to_string());
	window_id = Some(obj_ref.path().to_string());
	target_app = obj_ref.name_as_str().map(|s| s.to_string());
	if let Some(path) = obj_ref.path_as_str() {
	window_id = Some(path.to_string());
	} else {
	window_id = None;
	}

[kiloconnect]

✅ GOOD: Correctly handles the Option return type with .map() for the name field, avoiding potential null pointer dereference.

[Copilot]

Pull request overview

This PR adapts the coldvox-text-injection crate to handle breaking API changes in the atspi-common dependency, where ObjectRef was refactored from a struct with direct name and path fields to an enum requiring accessor methods name_as_str() and path_as_str().

Key changes:

• Updated ObjectRef field access to use new accessor methods in AT-SPI code paths
• Properly handles name_as_str() returning Option<&str> (name can be absent)
• Properly handles path_as_str() returning &str (path is always present)

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.

File	Description
crates/coldvox-text-injection/src/prewarm.rs	Updated AT-SPI pre-warming to use name_as_str() and path_as_str() accessor methods when extracting application and window identifiers from focused elements
crates/coldvox-text-injection/src/manager.rs	Updated application ID detection to use new accessor methods with proper Option handling for optional name field and string manipulation for path field

[Coldaine]

Closing as already fixed - the ObjectRef API migration from direct field access to method calls is already in main.

Current main uses obj_ref.name() and obj_ref.path() methods, which resolve the same atspi-common 0.13.0 API changes this PR addressed.

The fix was likely applied as part of PR #296 (feat: upgrade PyO3 0.27, stabilize CI, and fix real injection tests).