Skip to content

Dev#325

Merged
jonathancaudill merged 2 commits intomainfrom
dev
Feb 28, 2026
Merged

Dev#325
jonathancaudill merged 2 commits intomainfrom
dev

Conversation

@jonathancaudill
Copy link
Contributor

@jonathancaudill jonathancaudill commented Feb 28, 2026
edited by coderabbitai bot
Loading

Summary by CodeRabbit

  • Chores
    • Enhanced macOS notarization workflow with improved code signing verification steps.
    • Added nine new project dependencies to support development.

jonathancaudill and others added 2 commits February 27, 2026 19:53
@jonathancaudill @claude
fix: remove duplicate Sparkle.framework codesign causing invalid sign…
f46bfee 
…ature

Signing both Versions/B and the top-level Sparkle.framework symlink
signs the same directory twice, invalidating the first signature and
producing "The signature of the binary is invalid" errors during
notarization. Only sign Versions/B directly.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@jonathancaudill @claude
fix: add .gitmodules and fix Sparkle dylib signing for notarization
a489fc4 
- Add .gitmodules with all 7 submodule URLs (Fuzi, Highlightr, LRUCache,
  Motion, reeeed, swift-atomics, swift-numerics) so git branch operations
  (e.g. checkout gh-pages) don't fatal on missing submodule URLs
- Explicitly sign Sparkle.framework/Versions/B/Sparkle dylib before
  signing the framework version bundle — omitting this caused the dylib
  to have an invalid signature under notarization scrutiny
- Add pre-notarize codesign --verify step to catch signing failures
  before wasting a notarization submission

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@jonathancaudill jonathancaudill merged commit 45795bc into main Feb 28, 2026
0 of 2 checks passed
@coderabbitai
Copy link

coderabbitai bot commented Feb 28, 2026
edited
Loading

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e73602f and a489fc4.

📒 Files selected for processing (2)
  • .github/workflows/macos-notarize.yml
  • .gitmodules
📝 Walkthrough

Walkthrough

Updates macOS code signing workflow steps in the notarization pipeline to sign Sparkle dylib and framework version separately, adds verification step for Nook.app signature, and introduces nine new git submodule dependencies including Fuzi, Highlightr, LRUCache, and Apple's swift-numerics and swift-atomics libraries.

Changes

Cohort / File(s) Summary
macOS Notarization Workflow
.github/workflows/macos-notarize.yml		 Reordered code signing steps to sign Sparkle dylib first, then framework version separately to avoid double-signing the top-level symlink. Added verification step for Nook.app code signature before notarization.
Git Submodules
.gitmodules		 Added nine new git submodule dependencies: Fuzi, Highlightr, LRUCache, Motion, reeeed, swift-atomics, and swift-numerics from their respective upstream repositories.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐰 Sparkle signs before the framework now,
Dependencies hop in, I'll show you how,
Nine new modules join the warren's store,
Code verifies swift, like never before!

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch dev

Comment @coderabbitai help to get the list of available commands and usage tips.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jonathancaudill