lyric.tngl.sh / mistermorph
Unified Agent + reusable Go agent core.
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

fix: clarify macos ad hoc desktop signing

Lyric 421dc773 3f946af8

+13 -2
+6
desktop/wails/README.md
··· 108 108 That bundled backend is built with `CGO_ENABLED=0` on purpose; keep it that way unless the CLI/backend grows an unavoidable native dependency. 109 109 The Windows release bundle now includes both `mistermorph-desktop.exe` and `mistermorph.exe`; keep them in the same directory after unzip. 110 110 The Windows release workflow also generates a `.ico` and Windows `.syso` resource on the runner so the published desktop executable carries the app icon. 111 + The macOS packaging script signs the `.app` bundle in two modes: 112 + 113 + - with `CODESIGN_IDENTITY`: Developer ID signing, plus notarization if Apple notarization credentials are also present 114 + - without `CODESIGN_IDENTITY`: ad hoc signing for local builds or test-user distribution 115 + 116 + The ad hoc path is intentional for the current testing phase. Test users may still need to manually bypass Gatekeeper on first launch. 111 117 112 118 If you want the same Windows executable icon in a local Windows build, run: 113 119
+6 -1
desktop/wails/packaging/package-darwin.sh
··· 127 127 --timestamp \ 128 128 "${APP_DIR}" 129 129 else 130 - echo "no CODESIGN_IDENTITY set; applying ad-hoc signature" 130 + echo "no CODESIGN_IDENTITY set; applying ad-hoc signature for test distribution" 131 131 codesign --deep --force --sign - "${APP_DIR}" 132 132 fi 133 + 134 + echo "verifying app bundle signature..." 135 + codesign --verify --deep --strict --verbose=2 "${APP_DIR}" 133 136 134 137 if [[ -n "${CODESIGN_IDENTITY}" && -n "${APPLE_ID}" && -n "${APPLE_TEAM_ID}" && -n "${APPLE_APP_PASSWORD}" ]]; then 135 138 echo "submitting app bundle for notarization..." ··· 140 143 --wait 141 144 echo "stapling notarization ticket to app bundle..." 142 145 xcrun stapler staple "${APP_DIR}" 146 + elif [[ -n "${CODESIGN_IDENTITY}" ]]; then 147 + echo "skipping notarization because Apple notarization credentials are incomplete" 143 148 fi 144 149 145 150 tar -C "${OUT_DIR}" -czf "${TARBALL_PATH}" "${APP_BUNDLE_NAME}.app"
+1 -1
docs/app.md
··· 142 142 143 143 ## Known Gaps 144 144 145 - - No notarization or codesign flow yet for the macOS DMG. 145 + - macOS DMG supports ad hoc signing for test distribution and Developer ID signing when release secrets are configured, but ad hoc builds still require testers to manually bypass Gatekeeper on first launch. 146 146 - Windows ships as a zip bundle, not an installer. 147 147 - No dedicated UI yet for backend startup failures. 148 148 - The wrapper still reuses the CLI backend through child-process orchestration rather than an in-process console module.