trycua/cua
1
13.3k
Fork 0
mirror of https://github.com/trycua/cua.git synced 2026-03-26 03:59:53 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
cua/.gitignore
Francesco Bonacci 49ee6d45cb feat(lume): restructure release as .app bundle with bridged networking (#1122) 
* fix(lume): update test mocks to match current API

- Update MockVM.run() signature to include networkMode and clipboard
  parameters added to the VM base class
- Update VMDetailsPrinterTests to expect the network column in table
  output

* feat(lume): restructure release binary as .app bundle for bridged networking

Restructure the lume release artifact from a standalone CLI binary into a
macOS .app bundle so that a provisioning profile can be loaded by the OS,
enabling the com.apple.vm.networking restricted entitlement for bridged
networking support in release builds.

Closes #1076

* fix(lume): fetch notarization log on failure for debugging

* fix(lume): fix codesign for notarization - add timestamp, fix entitlements flag, show errors

* fix(lume): add codesign verification and use ditto for signature-safe copy

* fix(lume): add keychain to search list and pass --keychain to codesign

* fix(lume): sign resource bundle before binary (inside-out signing order)

* fix(lume): use --deep codesign, move resource bundle to Resources/

The lume_lume.bundle is a flat SPM resource directory (no Info.plist),
not a proper macOS bundle. codesign was failing with "bundle format
unrecognized" which caused silent fallback to adhoc signing.

Fix: use --deep on the .app bundle so codesign handles nested code
automatically and seals flat resource directories properly.

* fix(lume): remove resource bundle from Contents/MacOS to fix codesign

The lume_lume.bundle is a flat SPM resource directory without Info.plist.
When placed in Contents/MacOS/, codesign fails with "bundle format
unrecognized" and silently falls back to adhoc signing.

Move it to Contents/Resources/ only, which codesign seals as data.

* fix(lume): update install-local.sh and build-release.sh to match resource bundle fix

Move lume_lume.bundle to Contents/Resources/ instead of Contents/MacOS/
to avoid codesign "bundle format unrecognized" errors. Also fix
--entitlement -> --entitlements typo in build-release.sh.

* fix(lume): place SPM resource bundle at .app root for Bundle.module resolution

SPM's auto-generated Bundle.module looks up resources via
Bundle.main.bundleURL (the .app root), NOT Bundle.main.resourceURL
(Contents/Resources/). Placing lume_lume.bundle in Contents/Resources/
would cause a fatal crash at runtime when Bundle.module tries to load it.

Move the resource bundle to the .app root level across all three build
scripts (build-release-notarized.sh, build-release.sh, install-local.sh).
This keeps it out of Contents/MacOS/ (which breaks codesign) while
ensuring SPM can find it at runtime.

Also adds *.provisionprofile to .gitignore.

* fix(lume): fix Bundle.module resolution for .app bundle resource loading

SPM's auto-generated Bundle.module looks up resources via
Bundle.main.bundleURL (the .app root), but codesign rejects content
at the .app root ("unsealed contents") and in Contents/MacOS/
("bundle format unrecognized"). The only valid location for codesign
is Contents/Resources/, but Bundle.module doesn't check there.

Solution:
- Add Bundle.lumeResources custom accessor that checks resourceURL
  first (for .app bundles) then bundleURL (for standalone binaries)
- Replace all Bundle.module usages in UnattendedConfig.swift
- Revert build scripts to place lume_lume.bundle in Contents/Resources/

The unused SPM-generated Bundle.module is never accessed, so its
fatalError path is never triggered.
2026-02-26 12:39:30 +01:00

4.1 KiB
Raw Permalink Blame History

View Raw
Reference in New Issue View Git Blame Copy Permalink