mirror of
https://github.com/awizemann/scarf.git
synced 2026-05-10 10:36:35 +00:00
Alan Wizemann
41ea3aeb83
Adds Sparkle 2 auto-updates and a local release script that produces signed, notarized, stapled builds for GitHub distribution. App Store submission was rejected because Scarf spawns the user-installed hermes binary and reads ~/.hermes/ directly — both forbidden by App Sandbox — so we commit to the GitHub-release path properly. - Sparkle SPM dep wired into the app target (link-only; hardened-runtime entitlement disable-library-validation lets Sparkle load at runtime). - Tracked Info.plist with SUFeedURL, SUPublicEDKey, and daily check interval; replaces the auto-generated plist so Sparkle keys live in version control rather than pbxproj INFOPLIST_KEY_* noise. - UpdaterService wraps SPUStandardUpdaterController and is injected via .environment(). Menu bar, standard app menu (CommandGroup after .appInfo), and a new Updates section in Settings → General each call updater.checkForUpdates(). - scripts/release.sh runs the full pipeline: version bump → universal archive → Developer ID export → notarytool submit (keychain profile scarf-notary) → staple → appcast EdDSA sign → gh-pages push → gh release → tag. scripts/ExportOptions.plist pins manual Developer ID signing for team 3Q6X2L86C4. - README: removes the right-click-Open workaround (notarized builds don't need it), notes Sparkle, adds a Releases section describing the pipeline and signing prerequisites. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>