Skip to content

feat: add Gravatar support for user avatars#821

Closed
miurla wants to merge 2 commits intomainfrom
feat/gravatar-avatar-support
Closed

feat: add Gravatar support for user avatars#821
miurla wants to merge 2 commits intomainfrom
feat/gravatar-avatar-support

Conversation

@miurla
Copy link
Copy Markdown
Owner

@miurla miurla commented Apr 13, 2026
edited
Loading

Summary

  • Add Gravatar fallback for email/password users who don't have an OAuth-provided avatar
  • Avatar URL is resolved server-side in layout.tsx using SHA-256 hashing and passed via props to UserMenu, avoiding client-side useEffect
  • For CurrentUserAvatar (chat messages), Gravatar fallback is computed within the existing async hook
  • Falls back gracefully: OAuth avatar → Gravatar → initials/placeholder icon (?d=404)

Closes #820

Privacy note

Gravatar URLs contain a SHA-256 hash of the user's email address. While not directly reversible, the hash can be matched against known email lists to identify the original address. This is a common trade-off shared by services that use Gravatar (e.g. Stack Overflow, WordPress). The hash is exposed in the browser's network requests and rendered HTML for email/password users only — OAuth users are unaffected as their provider avatar takes precedence.

Changes

File Change
lib/utils/gravatar.server.ts Server-side Gravatar URL generator (Node.js crypto, sync)
lib/utils/gravatar.ts Client-side Gravatar URL generator (Web Crypto API, async)
app/layout.tsx Compute avatarUrl server-side and pass through props
components/header.tsx Pass avatarUrl prop to UserMenu
components/user-menu.tsx Use avatarUrl prop directly (no useEffect)
hooks/use-current-user-image.ts Add Gravatar fallback in existing async effect
lib/utils/__tests__/gravatar.test.ts Unit tests for Gravatar URL generation

Test plan

  • Unit tests pass (4 tests for hash generation, normalization, uniqueness)
  • Verified Gravatar URL returns HTTP 200 + image/png for registered email
  • Verified UI displays Gravatar avatar when OAuth avatar is absent
  • Lint, typecheck, format, and all 171 tests pass
  • Verify email/password signup user sees Gravatar (if registered) or fallback initials
  • Verify OAuth user still sees their OAuth avatar (not Gravatar)

@miurla
feat: add Gravatar support for user avatars
45d3d52 
Add Gravatar fallback for users who sign up via email/password and
don't have an OAuth-provided avatar. The avatar URL is resolved
server-side in layout.tsx using SHA-256 hashing to avoid unnecessary
client-side effects, and passed through props to UserMenu.

For CurrentUserAvatar (chat messages), the Gravatar fallback is
computed within the existing async useEffect in the hook.

Closes #820
@vercel
Copy link
Copy Markdown

vercel bot commented Apr 13, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
morphic Ready Ready Preview, Comment Apr 13, 2026 0:42am

chatgpt-codex-connector[bot]
chatgpt-codex-connector bot reviewed Apr 13, 2026
View reviewed changes
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 45d3d52a8f

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment thread hooks/use-current-user-image.ts Outdated
@miurla
fix: check picture metadata before Gravatar fallback in hook
6fcaaaf 
Align use-current-user-image hook with layout.tsx by also checking
user_metadata.picture before falling back to Gravatar. Ensures
consistent avatar resolution across all surfaces.
@miurla
Copy link
Copy Markdown
Owner Author

miurla commented Apr 13, 2026

Closing this PR after further analysis of the privacy trade-off.

While Gravatar integration works correctly, exposing email hashes for all email/password users to benefit only the small subset who have Gravatar accounts is not a favorable trade-off. The existing initials-based fallback provides sufficient UX without any privacy cost.

See #820 for further discussion.

@miurla miurla closed this Apr 13, 2026
@miurla miurla deleted the feat/gravatar-avatar-support branch April 13, 2026 00:50
@miurla miurla mentioned this pull request Apr 13, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Feature Request] Add Gravatar support for user avatars

1 participant

@miurla