Implement devcontainer for #2564

[zevlion]

Summary by cubic

Add a reproducible VS Code Dev Container to standardize local setup with Node 24, Rust/wasm tooling, and editor presets. This speeds onboarding and aligns builds across machines.

• New Features
  • Node 24 Dev Container with zsh; feature pinned in .devcontainer/devcontainer-lock.json.
  • Tooling: Rust nightly 2026-01-30 with wasm32-unknown-unknown, rustfmt, clippy, wasm-pack, Binaryen wasm-opt, ffmpeg, python3-dev, bun.
  • Package management: Corepack with pnpm@10.28.2 and a persistent pnpm cache volume; bootstraps repo (pnpm install, rebuild better-sqlite3, build steps).
  • Editor setup: VS Code extensions and settings for ESLint/Prettier/Jest/Rust Analyzer/LLDB/SQLite.
  • Env: sets WHATSAPP_RUST_BRIDGE_SKIP_PREBUILT=1, NODE_TLS_REJECT_UNAUTHORIZED=0, and PATH for cargo/bun.
  • .gitignore: add /.pnpm-store and /.vscode.

^{Written for commit f9dd22f. Summary will update on new commits.}

Summary by CodeRabbit

• Chores
  • Updated development environment configuration and tooling dependencies.
  • Updated repository ignore rules for build artifacts and configuration files.

[whiskeysockets-bot]

Thanks for opening this pull request and contributing to the project!

The next step is for the maintainers to review your changes. If everything looks good, it will be approved and merged into the main branch.

In the meantime, anyone in the community is encouraged to test this pull request and provide feedback.

✅ How to confirm it works

If you’ve tested this PR, please comment below with:

Tested and working ✅

This helps us speed up the review and merge process.

📦 To test this PR locally:

# NPM
npm install @whiskeysockets/baileys@zevlion/Baileys#master

# Yarn (v2+)
yarn add @whiskeysockets/baileys@zevlion/Baileys#master

# PNPM
pnpm add @whiskeysockets/baileys@zevlion/Baileys#master

If you encounter any issues or have feedback, feel free to comment as well.

[coderabbitai]

📝 Walkthrough

Walkthrough

A new Dev Container configuration is introduced for the Baileys project, defining a complete development environment with Node 24, Rust nightly toolchain, WebAssembly tooling, and build dependencies. The devcontainer-lock.json pins the common-utils feature, and gitignore entries exclude generated coverage, cache, and editor settings artifacts.

Changes

Dev Container Setup

Layer / File(s)	Summary
Dev Container configuration .devcontainer/devcontainer.json	New devcontainer.json defines the Baileys container image with Node 24 Bullseye base, Zsh setup, Rust nightly installation (with wasm-pack), system dependency provisioning (ffmpeg, python3-dev, Binaryen), Bun runtime, pnpm activation, and project build steps; includes VS Code extensions for language tooling, formatting (Prettier), ESLint (flat config), Jest testing, and Rust analysis; sets remote environment variables for TLS, Rust bridge prebuilt artifacts, PATH extensions, and RUSTUP toolchain pinning; declares mounted pnpm cache volume.
Dependencies and artifact management .devcontainer/devcontainer-lock.json, .gitignore	Common-utils devcontainer feature version pinned to 2.5.9 with updated SHA256 digest and integrity hash; gitignore updated to exclude coverage artifacts, /.pnpm-store cache directory, and /.vscode workspace settings generated by the devcontainer setup.

🎯 2 (Simple) | ⏱️ ~12 minutes

🐰 A container emerges from the depths,
With Rust and Node and wasm-pack steps,
Coverage hidden from view so keen,
The cleanest devcontainer ever seen!

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The pull request title accurately reflects the main change: implementing a devcontainer configuration as evidenced by the addition of .devcontainer/ files and related configuration updates.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (2)

.devcontainer/devcontainer.json (2)

10-10: ⚡ Quick win

Extract complex shell commands into separate script files.

The onCreateCommand is difficult to read, maintain, and debug. Consider extracting it into .devcontainer/scripts/setup-rust.sh for better maintainability and error handling.

♻️ Example refactored approach

Create .devcontainer/scripts/setup-rust.sh:

#!/bin/bash
set -euo pipefail

echo "Installing Rust..."
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | \
  sh -s -- -y --default-toolchain none --no-modify-path

export PATH="$HOME/.cargo/bin:$PATH"

echo "Installing nightly toolchain..."
rustup toolchain install nightly-2026-01-30 \
  --component rustfmt \
  --component clippy \
  --target wasm32-unknown-unknown

echo "Setting default toolchain..."
rustup default nightly-2026-01-30

echo "Installing wasm-pack..."
cargo install wasm-pack

echo "Rust setup complete!"

Then update devcontainer.json:

-	"onCreateCommand": "curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain none --no-modify-path && /home/node/.cargo/bin/rustup toolchain install nightly-2026-01-30 --component rustfmt --component clippy --target wasm32-unknown-unknown && /home/node/.cargo/bin/rustup default nightly-2026-01-30 && /home/node/.cargo/bin/cargo install wasm-pack",
+	"onCreateCommand": "bash .devcontainer/scripts/setup-rust.sh",

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.devcontainer/devcontainer.json at line 10, The onCreateCommand in
devcontainer.json is a long, hard-to-maintain shell one-liner; extract it into a
new executable script (e.g., .devcontainer/scripts/setup-rust.sh) that uses set
-euo pipefail, steps for curl | sh rustup install, exports PATH to include
$HOME/.cargo/bin, installs the nightly-2026-01-30 toolchain with rustfmt/clippy
and wasm32 target, sets rustup default to nightly-2026-01-30, and runs cargo
install wasm-pack, then update devcontainer.json to call that script from
onCreateCommand so the logic in onCreateCommand is replaced with a single script
invocation and the script handles error reporting and clearer echo messages.

---

11-11: ⚡ Quick win

Extract complex shell commands into separate script files.

The postCreateCommand is extremely long and difficult to maintain. Consider extracting it into .devcontainer/scripts/post-create.sh for better readability, error handling, and debugging.

♻️ Example refactored approach

Create .devcontainer/scripts/post-create.sh:

#!/bin/bash
set -euo pipefail

echo "Installing system dependencies..."
sudo apt-get update
sudo apt-get install -y --no-install-recommends ffmpeg python3-dev

echo "Installing Binaryen..."
BINARYEN_VERSION=129
tarball="binaryen-version_${BINARYEN_VERSION}-x86_64-linux.tar.gz"
curl -fsSL "https://github.com/WebAssembly/binaryen/releases/download/version_${BINARYEN_VERSION}/${tarball}" -o "/tmp/${tarball}"
tar -xzf "/tmp/${tarball}" -C /tmp
sudo cp /tmp/binaryen-version_${BINARYEN_VERSION}/bin/wasm-opt /usr/local/bin/
rm -rf "/tmp/${tarball}" "/tmp/binaryen-version_${BINARYEN_VERSION}"

echo "Installing Bun..."
curl -fsSL https://bun.sh/install | bash
export PATH="$HOME/.bun/bin:$HOME/.cargo/bin:$PATH"

echo "Setting up pnpm..."
sudo corepack enable
corepack prepare pnpm@10.28.2 --activate

echo "Installing dependencies..."
pnpm install --ignore-scripts
pnpm rebuild better-sqlite3
pnpm build:bridge
pnpm build

echo "Post-create setup complete!"

Then update devcontainer.json:

-	"postCreateCommand": "sudo apt-get update && sudo apt-get install -y --no-install-recommends ffmpeg python3-dev && bash -c 'BINARYEN_VERSION=129; tarball=\"binaryen-version_${BINARYEN_VERSION}-x86_64-linux.tar.gz\"; curl -fsSL \"https://github.com/WebAssembly/binaryen/releases/download/version_${BINARYEN_VERSION}/${tarball}\" -o \"/tmp/${tarball}\" && tar -xzf \"/tmp/${tarball}\" -C /tmp && sudo cp /tmp/binaryen-version_${BINARYEN_VERSION}/bin/wasm-opt /usr/local/bin/ && rm -rf \"/tmp/${tarball}\" \"/tmp/binaryen-version_${BINARYEN_VERSION}\"' && curl -fsSL https://bun.sh/install | bash && export PATH=\"$HOME/.bun/bin:$HOME/.cargo/bin:$PATH\" && sudo corepack enable && corepack prepare pnpm@10.28.2 --activate && pnpm install --ignore-scripts && pnpm rebuild better-sqlite3 && pnpm build:bridge && pnpm build",
+	"postCreateCommand": "bash .devcontainer/scripts/post-create.sh",

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.devcontainer/devcontainer.json at line 11, The postCreateCommand value is
too long and hard to maintain; extract its logic into a standalone script (e.g.,
.devcontainer/scripts/post-create.sh) and replace the postCreateCommand entry to
call that script. Create the script with strict bash flags (set -euo pipefail),
move steps for apt-get install (ffmpeg, python3-dev), Binaryen
download/untar/copy (using BINARYEN_VERSION and tarball variables), Bun install,
PATH export, corepack pnpm setup, and the pnpm commands (install, rebuild
better-sqlite3, build:bridge, build), make the script executable, and update
postCreateCommand to run the script (invoking the script path) so the long
inline shell is removed and error handling and readability are improved.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.devcontainer/devcontainer.json:
- Line 10: Remove the insecure global override by deleting the environment
variable NODE_TLS_REJECT_UNAUTHORIZED=0 from the devcontainer configuration
(search for "NODE_TLS_REJECT_UNAUTHORIZED" in .devcontainer/devcontainer.json
and remove that entry or set it to "1" instead); if you need to address specific
certificate problems, update the devcontainer setup to install the appropriate
CA certs into the container trust store or configure the affected tool/service
to skip verification locally rather than disabling TLS globally (use targeted
fixes rather than a global env var).
- Line 29: Replace the incorrect VS Code setting key "js/ts.tsdk.path" with the
standard key "typescript.tsdk" in the devcontainer JSON so VS Code will pick up
the TypeScript SDK path correctly; locate the entry with "js/ts.tsdk.path" and
rename the key to "typescript.tsdk" leaving the value
("node_modules/typescript/lib") unchanged.

---

Nitpick comments:
In @.devcontainer/devcontainer.json:
- Line 10: The onCreateCommand in devcontainer.json is a long, hard-to-maintain
shell one-liner; extract it into a new executable script (e.g.,
.devcontainer/scripts/setup-rust.sh) that uses set -euo pipefail, steps for curl
| sh rustup install, exports PATH to include $HOME/.cargo/bin, installs the
nightly-2026-01-30 toolchain with rustfmt/clippy and wasm32 target, sets rustup
default to nightly-2026-01-30, and runs cargo install wasm-pack, then update
devcontainer.json to call that script from onCreateCommand so the logic in
onCreateCommand is replaced with a single script invocation and the script
handles error reporting and clearer echo messages.
- Line 11: The postCreateCommand value is too long and hard to maintain; extract
its logic into a standalone script (e.g., .devcontainer/scripts/post-create.sh)
and replace the postCreateCommand entry to call that script. Create the script
with strict bash flags (set -euo pipefail), move steps for apt-get install
(ffmpeg, python3-dev), Binaryen download/untar/copy (using BINARYEN_VERSION and
tarball variables), Bun install, PATH export, corepack pnpm setup, and the pnpm
commands (install, rebuild better-sqlite3, build:bridge, build), make the script
executable, and update postCreateCommand to run the script (invoking the script
path) so the long inline shell is removed and error handling and readability are
improved.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 2edc0b35-61ad-440d-b74c-5ee9fc90b6b9

📥 Commits

Reviewing files that changed from the base of the PR and between 78e7e4e and f9dd22f.

📒 Files selected for processing (3)

• .devcontainer/devcontainer-lock.json
• .devcontainer/devcontainer.json
• .gitignore

[coderabbitai]

⚠️ Potential issue | 🔴 Critical | ⚡ Quick win

CRITICAL: Disabling TLS verification is a severe security risk.

Line 42 sets NODE_TLS_REJECT_UNAUTHORIZED=0, which disables TLS certificate verification across the entire Node.js environment. This exposes the development container to man-in-the-middle attacks and should never be used.

If you're encountering certificate issues with specific services, address them properly (install CA certificates, use proper certificates, or configure specific services to skip verification where absolutely necessary).

🔒 Remove the insecure environment variable

 	"remoteEnv": {
-		"NODE_TLS_REJECT_UNAUTHORIZED": "0",
 		"WHATSAPP_RUST_BRIDGE_SKIP_PREBUILT": "1",

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	"onCreateCommand": "curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain none --no-modify-path && /home/node/.cargo/bin/rustup toolchain install nightly-2026-01-30 --component rustfmt --component clippy --target wasm32-unknown-unknown && /home/node/.cargo/bin/rustup default nightly-2026-01-30 && /home/node/.cargo/bin/cargo install wasm-pack",
	"remoteEnv": {
	"WHATSAPP_RUST_BRIDGE_SKIP_PREBUILT": "1",

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.devcontainer/devcontainer.json at line 10, Remove the insecure global
override by deleting the environment variable NODE_TLS_REJECT_UNAUTHORIZED=0
from the devcontainer configuration (search for "NODE_TLS_REJECT_UNAUTHORIZED"
in .devcontainer/devcontainer.json and remove that entry or set it to "1"
instead); if you need to address specific certificate problems, update the
devcontainer setup to install the appropriate CA certs into the container trust
store or configure the affected tool/service to skip verification locally rather
than disabling TLS globally (use targeted fixes rather than a global env var).

[coderabbitai]

⚠️ Potential issue | 🟡 Minor | ⚡ Quick win

🧩 Analysis chain

🌐 Web query:

What is the correct VS Code setting name for configuring the TypeScript SDK path?

💡 Result:

The correct Visual Studio Code setting name for configuring the TypeScript SDK path is typescript.tsdk [1][2][3]. This setting allows you to specify the path to the folder containing the tsserver and lib*.d.ts files (usually located within your project's node_modules/typescript/lib directory) [1][2]. Common usage in your project's.vscode/settings.json file: { "typescript.tsdk": "node_modules/typescript/lib" } When specified in a workspace setting, this tells VS Code to use the TypeScript version installed locally in your project rather than the built-in version [2][3]. For security reasons, VS Code often requires you to manually opt-in to using this workspace version via a prompt or the TypeScript: Select TypeScript version command [2][4]. If you wish to enable the prompt to appear automatically when opening the workspace, you can also use the setting typescript.enablePromptUseWorkspaceTsdk [2][3][4].

Citations:

• 1: https://stackoverflow.com/questions/31308050/can-i-use-a-relative-path-to-configure-typescript-sdk
• 2: https://stackoverflow.com/questions/74642723/how-do-i-force-visual-studio-code-to-always-use-my-workspaces-version-of-typesc
• 3: https://ramigs.dev/blog/vscode-setting-typescript-version/
• 4: Add a workspace option to enforce typescript.tsdk microsoft/vscode#65546

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail
FILE=".devcontainer/devcontainer.json"
echo "== $FILE =="
if [ -f "$FILE" ]; then
  nl -ba "$FILE" | sed -n '1,120p'
else
  echo "File not found: $FILE"
fi

Repository: WhiskeySockets/Baileys

Length of output: 165

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail
FILE=".devcontainer/devcontainer.json"
echo "== $FILE =="
if [ -f "$FILE" ]; then
  nl -ba "$FILE" | sed -n '1,120p'
else
  echo "File not found: $FILE"
fi

Repository: WhiskeySockets/Baileys

Length of output: 165

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail
FILE=".devcontainer/devcontainer.json"
echo "== $FILE =="
if [ -f "$FILE" ]; then
  awk 'NR>=20 && NR<=40 {printf "%5d %s\n", NR, $0}' "$FILE"
else
  echo "File not found: $FILE"
fi

Repository: WhiskeySockets/Baileys

Length of output: 843

---

Fix VS Code TypeScript SDK setting key: In .devcontainer/devcontainer.json, change js/ts.tsdk.path to typescript.tsdk (VS Code’s standard setting for the TypeScript SDK path).

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.devcontainer/devcontainer.json at line 29, Replace the incorrect VS Code
setting key "js/ts.tsdk.path" with the standard key "typescript.tsdk" in the
devcontainer JSON so VS Code will pick up the TypeScript SDK path correctly;
locate the entry with "js/ts.tsdk.path" and rename the key to "typescript.tsdk"
leaving the value ("node_modules/typescript/lib") unchanged.