Skip to content

fix(audio-input): open-source returns the actually-bound device (read-back)#650

Open
byrongamatos wants to merge 1 commit into
mainfrom
fix/audio-input-readback-only
Open

fix(audio-input): open-source returns the actually-bound device (read-back)#650
byrongamatos wants to merge 1 commit into
mainfrom
fix/audio-input-readback-only

Conversation

@byrongamatos

Copy link
Copy Markdown
Contributor

What & why

The companion core half of the macOS wrong-mic fix. The desktop half (stable name-based input identity + fail-loud open, so picking BlackHole can't silently fall back to the internal mic) is already on `main` (src/renderer/screen.js). This adds the matching core contract so a caller can see which device actually bound.

openInputSource() (static/capabilities/audio-session.js) now surfaces the provider's bound device on the command's return value as payload.bound = { type, name }, for the trusted in-process caller — enabling an honest "Now listening to: " readout and detection of a silent substitution.

How

  • A source.open handler may return payload: { boundType, boundName } (the merged desktop handler already does). openInputSource threads it onto the _handled(...) return only.
  • PII-safe: the raw device name is kept out of the emitted source-opened event and the diagnostics snapshot (both stay redacted) — mirroring how list-sources returns the device label verbatim to the UI but pseudonymizes it in diagnostics.
  • Purely additive — the open-session summary shape is unchanged, and bound is omitted when the provider reports nothing.

Scope note

This PR is read-back contract only — no input-setup meter. The live "we can hear you" meter that would consume bound is intentionally not included here: it surfaced an unrelated audio-quality regression on re-enable during tester runs and is being reworked separately. So bound currently has no in-tree consumer yet; it's groundwork + makes the desktop handler's read-back reachable.

Verification

  • node --test tests/js/audio_session_input.test.js → 39/39, incl. a new test asserting the read-back reaches the caller but is absent from the event + snapshot.
  • (Org Actions billing is blocked, so CI checks won't run — verified locally.)

Notes

  • Please do not merge without byron's sign-off.

🤖 Generated with Claude Code

…-back)

openInputSource() surfaces the provider's bound device on the command return
(payload.bound = { type, name }) for the trusted in-process caller, so a silent
wrong-device substitution can be detected. Kept out of the redacted source-opened
event + diagnostics snapshot (raw device names are PII). Purely additive.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant