Review follow-up on the Sonoma deployment-target fix:
- The release minos guard was fail-open: if vtool returned nothing (missing
binary, tool change) the check passed vacuously and could green-light a bad
release. Now it fails closed when no minos is reported.
- The libswift_errno check now excludes weak links, so it only fails on a
breaking STRONG link. dyld tolerates a missing weakly-linked dylib, so a
macOS 15.x SDK runner that weak-links errno at the .v14 target no longer
causes a spurious release failure.
- Removed em-dashes from the changed files per repo style.
Verified: fresh .v14 build is minos 14.0 with no strong errno link; the guard
now fails closed on an unreadable binary and passes on the real one; 71 Swift
tests pass.
- README.md / build-local.sh: the -10825 fix is the Package.swift deployment
target, not the SDK used to build (ld64's $ld$previous drops
libswift_errno.dylib based on minos, so it already applies to the
CI-distributed release too). build-local.sh exists only for building on a
Sonoma machine with just the Command Line Tools.
- build-local.sh: build arm64 and x86_64 separately and lipo them into a
universal binary (`--arch arm64 --arch x86_64` together needs xcbuild,
which CLT doesn't ship); assert the active SDK is actually 14.x instead of
silently trusting `xcrun`; use `pkill -x` instead of `-f` to avoid matching
unrelated processes; broaden the @MainActor patch regex to slurp mode so it
also covers multi-line struct headers and `extension X: View`.
- package-app.sh: fail the build if the packaged binary's minos isn't 14.0
for every arch slice, or if it links libswift_errno.dylib, so a future
deployment-target regression is caught in CI instead of a user's crash report.
Adds assets/menubar-logo.png and generates AppIcon.icns (all standard sizes
via sips + iconutil) in package-app.sh, so the menubar app ships with a real
icon instead of the generic one. Info.plist already referenced AppIcon.
Icon and bundler change from @tvcsantos's #439; the unrelated tsconfig.json
change in that PR was left out.
The installer now downloads and verifies a .sha256 companion file
before extracting and launching the menubar app. Build script and
CI workflow generate the checksum alongside the zip. Adds SECURITY.md
with reporting instructions.
Addresses #215.
Removes references to future signing decisions, dollar amounts, and
star thresholds from the menubar README, the CHANGELOG, the release
workflow (its YAML comments and the auto-generated release body), and
the packaging script. The technical description stays; the 'we are
not paying for X right now' framing is out.