docs: translate CLAUDE.md to English

Per the committed=English rule.

.gitea/workflows/update-pkgver.yaml

@@ -1,22 +1,22 @@
-# ABOUTME: Updates pkgver in moonarch-pkgbuilds after a push to main.
-# ABOUTME: Ensures paru detects new versions of this package.
+# ABOUTME: Updates pkgver in moonarch-pkgbuilds when a new moonset tag is pushed.
+# ABOUTME: Reads the latest version tag and bumps the PKGBUILD + .SRCINFO.
 
 name: Update PKGBUILD version
 
 on:
   push:
-    branches:
-      - main
+    tags:
+      - 'v*'
 
 jobs:
   update-pkgver:
     runs-on: moonarch
     steps:
-      - name: Checkout source repo
+      - name: Determine pkgver from latest tag
         run: |
           git clone --bare http://gitea:3000/nevaforget/moonset.git source.git
           cd source.git
-          PKGVER=$(git describe --long --tags | sed 's/^v//;s/-/.r/;s/-/./')
+          PKGVER=$(git describe --tags --abbrev=0 | sed 's/^v//')
           echo "New pkgver: $PKGVER"
           echo "$PKGVER" > /tmp/pkgver
 
@@ -26,18 +26,18 @@ jobs:
           git clone http://gitea:3000/nevaforget/moonarch-pkgbuilds.git pkgbuilds
           cd pkgbuilds
 
-          OLD_VER=$(grep '^pkgver=' moonset-git/PKGBUILD | cut -d= -f2)
+          OLD_VER=$(grep '^pkgver=' moonset/PKGBUILD | cut -d= -f2)
           if [ "$OLD_VER" = "$PKGVER" ]; then
             echo "pkgver already up to date ($PKGVER)"
             exit 0
           fi
 
-          sed -i "s/^pkgver=.*/pkgver=$PKGVER/" moonset-git/PKGBUILD
-          sed -i "s/^\tpkgver = .*/\tpkgver = $PKGVER/" moonset-git/.SRCINFO
+          sed -i "s/^pkgver=.*/pkgver=$PKGVER/" moonset/PKGBUILD
+          sed -i "s/^\tpkgver = .*/\tpkgver = $PKGVER/" moonset/.SRCINFO
           echo "Updated pkgver: $OLD_VER → $PKGVER"
 
           git config user.name "pkgver-bot"
           git config user.email "gitea@moonarch.de"
-          git add moonset-git/PKGBUILD moonset-git/.SRCINFO
-          git commit -m "chore(moonset-git): bump pkgver to $PKGVER"
+          git add moonset/PKGBUILD moonset/.SRCINFO
+          git commit -m "chore(moonset): bump pkgver to $PKGVER"
           git -c http.extraHeader="Authorization: token ${{ secrets.PKGBUILD_TOKEN }}" push

CLAUDE.md

@@ -1,57 +1,57 @@
 # Moonset
 
-## Projekt
+## Project
 
-Moonset ist ein Wayland Session Power Menu, gebaut mit Rust + gtk4-rs + gtk4-layer-shell.
-Teil des Moonarch-Ökosystems. Per Keybind aufrufbares Overlay mit 5 Aktionen:
+Moonset is a Wayland session power menu, built with Rust + gtk4-rs + gtk4-layer-shell.
+Part of the Moonarch ecosystem. A keybind-invoked overlay with 5 actions:
 Lock, Logout, Hibernate, Reboot, Shutdown.
 
-## Tech-Stack
+## Tech Stack
 
-- Rust (Edition 2024), gtk4-rs 0.11, glib 0.22
-- gtk4-layer-shell 0.8 für Wayland Layer Shell (OVERLAY Layer)
-- `cargo test` für Unit-Tests
+- Rust (edition 2024), gtk4-rs 0.11, glib 0.22
+- gtk4-layer-shell 0.8 for the Wayland Layer Shell (OVERLAY layer)
+- `cargo test` for unit tests
 
-## Projektstruktur
+## Project Structure
 
-- `src/` — Rust-Quellcode (main.rs, power.rs, i18n.rs, config.rs, users.rs, panel.rs)
-- `resources/` — GResource-Assets (style.css, default-avatar.svg)
-- `config/` — Beispiel-Konfigurationsdateien
+- `src/` — Rust source code (main.rs, power.rs, i18n.rs, config.rs, users.rs, panel.rs)
+- `resources/` — GResource assets (style.css, default-avatar.svg)
+- `config/` — example configuration files
 
-## Kommandos
+## Commands
 
 ```bash
-# Tests ausführen
+# Run tests
 cargo test
 
-# Release-Build
+# Release build
 cargo build --release
 
-# Power-Menu starten (in Niri-Session)
+# Start the power menu (in a Niri session)
 LD_PRELOAD=/usr/lib/libgtk4-layer-shell.so ./target/release/moonset
 ```
 
-## Architektur
+## Architecture
 
-- `main.rs` — Entry Point, GTK App, Layer Shell Setup, Multi-Monitor, systemd-Journal-Logging, Debug-Level per `MOONSET_DEBUG` Env-Var, zentrale `GRESOURCE_PREFIX`-Konstante
-- `power.rs` — 5 Power-Action-Wrapper mit absoluten Pfaden und 30s Timeout (lock, logout, hibernate, reboot, shutdown)
-- `i18n.rs` — Locale-Erkennung und String-Tabellen (DE/EN)
-- `config.rs` — TOML-Config + Wallpaper-Fallback
-- `panel.rs` — GTK4 UI (Action-Buttons, Inline-Confirmation, WallpaperWindow)
-- `users.rs` — User-Erkennung, Avatar-Loading (AccountsService, ~/.face, GResource-Fallback)
-- `resources/style.css` — GTK-Theme-Colors für Konsistenz mit dem aktiven Desktop-Theme
+- `main.rs` — entry point, GTK app, Layer Shell setup, multi-monitor, systemd journal logging, debug level via the `MOONSET_DEBUG` env var, central `GRESOURCE_PREFIX` constant
+- `power.rs` — 5 power-action wrappers with absolute paths and a 30s timeout (lock, logout, hibernate, reboot, shutdown)
+- `i18n.rs` — locale detection and string tables (DE/EN)
+- `config.rs` — TOML config + wallpaper fallback
+- `panel.rs` — GTK4 UI (action buttons, inline confirmation, WallpaperWindow)
+- `users.rs` — user detection, avatar loading (AccountsService, ~/.face, GResource fallback)
+- `resources/style.css` — GTK theme colors for consistency with the active desktop theme
 
 ## Design Decisions
 
-Siehe `DECISIONS.md` für das vollständige Entscheidungsprotokoll.
+See `DECISIONS.md` for the full decision log.
 
-Kurzfassung der wichtigsten Entscheidungen:
-- **OVERLAY statt TOP Layer**: Waybar liegt auf TOP, moonset muss darüber
-- **Niri-spezifischer Logout** (`niri msg action quit`): Moonarch setzt fest auf Niri
-- **Einmal-Start per Keybind**: Kein Daemon, GTK `application_id` verhindert Doppelstart
-- **System-Icons**: Adwaita/Catppuccin liefern alle benötigten symbolischen Icons
-- **Lock ohne Confirmation**: Lock ist sofort reversibel, braucht kein Confirm
-- **Absolute Pfade für Binaries**: `/usr/bin/systemctl` etc. statt relativer Pfade (Security)
-- **GResource-Bundle**: CSS und Default-Avatar sind in die Binary kompiliert (Wallpaper kommt vom Dateisystem)
-- **Async Power Actions**: `glib::spawn_future_local` + `gio::spawn_blocking` mit 30s Timeout
-- **Journal-Logging**: `systemd-journal-logger` statt File-Logging — `journalctl -t moonset`, Debug-Level per `MOONSET_DEBUG` Env-Var
+Summary of the most important decisions:
+- **OVERLAY instead of TOP layer**: Waybar sits on TOP, moonset must be above it
+- **Niri-specific logout** (`niri msg action quit`): Moonarch commits firmly to Niri
+- **Single launch per keybind**: no daemon, the GTK `application_id` prevents double launch
+- **System icons**: Adwaita/Catppuccin provide all required symbolic icons
+- **Lock without confirmation**: lock is immediately reversible, needs no confirm
+- **Absolute paths for binaries**: `/usr/bin/systemctl` etc. instead of relative paths (security)
+- **GResource bundle**: CSS and default avatar are compiled into the binary (the wallpaper comes from the filesystem)
+- **Async power actions**: `glib::spawn_future_local` + `gio::spawn_blocking` with a 30s timeout
+- **Journal logging**: `systemd-journal-logger` instead of file logging — `journalctl -t moonset`, debug level via the `MOONSET_DEBUG` env var

Cargo.lock

@@ -616,7 +616,7 @@ dependencies = [
 
 [[package]]
 name = "moonset"
-version = "0.8.4"
+version = "0.8.5"
 dependencies = [
  "dirs",
  "gdk-pixbuf",

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "moonset"
-version = "0.8.4"
+version = "0.8.5"
 edition = "2024"
 description = "Wayland session power menu with GTK4 and Layer Shell"
 license = "MIT"

DECISIONS.md

@@ -2,6 +2,13 @@
 
 Architectural and design decisions for Moonset, in reverse chronological order.
 
+## 2026-04-24 – Audit LOW fixes: dead uid field, home_dir warn, clippy sweep, debug value (v0.8.5)
+
+- **Who**: ClaudeCode, Dom
+- **Why**: Five LOW findings cleared in one pass. (1) `User::uid` was populated from `getuid()` but never read — a compiler `dead_code` warning for a field on the public API. (2) Falling back to a synthetic user when `get_current_user()` returned None used `uid: u32::MAX`, an undocumented sentinel that became moot once uid was removed. (3) `dirs::home_dir().unwrap_or_default()` silently yielded `PathBuf::new()` on failure; avatars would then look for `.face` in the current working directory. (4) `cargo clippy` flagged three suggestions (two collapsible `if`, one redundant closure) that had crept in. (5) `MOONSET_DEBUG` promoted log verbosity on mere presence, leaking path information into the journal.
+- **Tradeoffs**: Dropping `uid` from `User` is a minor API break for any internal caller expecting the field — none existed. The synthetic fallback now surfaces `log::warn!` when home resolution fails, which should be rare outside of pathological sandbox environments.
+- **How**: (1) Remove `pub uid: u32` from `User` and the `uid: uid.as_raw()` assignment in `get_current_user`. (2) Panel fallback drops the `uid` field entirely. (3) `dirs::home_dir().unwrap_or_else(|| { log::warn!(...); PathBuf::new() })`. (4) `cargo clippy --fix` for the two collapsible ifs, manual collapse of `if-let` + `&&` chain, redundant closure replaced with the function itself. (5) `MOONSET_DEBUG` now requires the literal value `"1"` to escalate to Debug.
+
 ## 2026-04-24 – Audit MEDIUM fixes: timeout guard, POSIX locale, button desensitize, wallpaper allowlist (v0.8.4)
 
 - **Who**: ClaudeCode, Dom

src/main.rs

@@ -88,10 +88,12 @@ fn setup_logging() {
             eprintln!("Failed to create journal logger: {e}");
         }
     }
-    let level = if std::env::var("MOONSET_DEBUG").is_ok() {
-        log::LevelFilter::Debug
-    } else {
-        log::LevelFilter::Info
+    // Require MOONSET_DEBUG=1 to raise verbosity so mere presence (empty
+    // value in a session script) cannot escalate journal noise with path
+    // information an attacker could use.
+    let level = match std::env::var("MOONSET_DEBUG").ok().as_deref() {
+        Some("1") => log::LevelFilter::Debug,
+        _ => log::LevelFilter::Info,
     };
     log::set_max_level(level);
 }

src/panel.rs

@@ -7,7 +7,7 @@ use glib::clone;
 use gtk4::prelude::*;
 use gtk4::{self as gtk, gio};
 use std::cell::RefCell;
-use std::path::Path;
+use std::path::{Path, PathBuf};
 use std::rc::Rc;
 use std::time::Duration;
 
@@ -208,11 +208,16 @@ pub fn create_panel_window(texture: Option<&gdk::Texture>, blur_radius: Option<f
     window.add_css_class("panel");
 
     let strings = load_strings(None);
-    let user = users::get_current_user().unwrap_or_else(|| users::User {
+    let user = users::get_current_user().unwrap_or_else(|| {
+        let home = dirs::home_dir().unwrap_or_else(|| {
+            log::warn!("Could not resolve HOME — using an empty path");
+            PathBuf::new()
+        });
+        users::User {
             username: "user".to_string(),
             display_name: "User".to_string(),
-        home: dirs::home_dir().unwrap_or_default(),
-        uid: u32::MAX,
+            home,
+        }
     });
     log::debug!("User: {} ({})", user.display_name, user.username);
 
@@ -571,7 +576,7 @@ fn execute_action(
         #[weak]
         button_box,
         async move {
-            let result = gio::spawn_blocking(move || action_fn()).await;
+            let result = gio::spawn_blocking(action_fn).await;
 
             match result {
                 Ok(Ok(())) => {

src/users.rs

@@ -12,7 +12,6 @@ pub struct User {
     pub username: String,
     pub display_name: String,
     pub home: PathBuf,
-    pub uid: u32,
 }
 
 /// Get the currently logged-in user's info from the system.
@@ -37,7 +36,6 @@ pub fn get_current_user() -> Option<User> {
         username: nix_user.name,
         display_name,
         home: nix_user.dir,
-        uid: uid.as_raw(),
     })
 }
 
@@ -65,8 +63,9 @@ pub fn get_avatar_path_with(
     }
 
     // AccountsService icon fallback
-    if let Some(name) = username {
-        if accountsservice_dir.exists() {
+    if let Some(name) = username
+        && accountsservice_dir.exists()
+    {
         let icon = accountsservice_dir.join(name);
         if let Ok(meta) = icon.symlink_metadata() {
             if meta.file_type().is_symlink() {
@@ -77,7 +76,6 @@ pub fn get_avatar_path_with(
             }
         }
     }
-    }
 
     None
 }