nyrn
/
openclaw
mirror of https://github.com/openclaw/openclaw.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
openclaw/apps/macos
History
Josh Lehman cfd9191d4a
fix(gateway): sync plugin override protocol artifacts 
Regeneration-Prompt: |
  Rebase PR #48277 onto current origin/main without changing its intent: gateway-owned plugin subagent runs should be able to forward per-run provider and model overrides through the internal agent RPC, while admin-only gating stays in the gateway agent handler.

  After rebasing, keep the PR scoped to prep fallout instead of broad unrelated cleanup. Commit the generated Swift protocol models required by adding provider/model to AgentParams, add the required Unreleased changelog entry, and update the new commands/agent test fixture so the explicit openai/gpt-4.1-mini override is allowed under the current model allowlist rules. Do not fold in unrelated existing main-branch test failures.
 		2026-03-17 07:10:58 -07:00
..
Icon.icon refactor: rename to openclaw 2026-01-30 03:16:21 +01:00
Sources fix(gateway): sync plugin override protocol artifacts 2026-03-17 07:10:58 -07:00
Tests/OpenClawIPCTests fix(macos): stop relaunching the app after quit when launch-at-login is enabled (#40213) 2026-03-17 20:59:56 +11:00
Package.resolved fix(macos): clean warnings and harden gateway/talk config parsing 2026-02-25 00:27:36 +00:00
Package.swift refactor: rename to openclaw 2026-01-30 03:16:21 +01:00
README.md refactor: rename to openclaw 2026-01-30 03:16:21 +01:00

README.md

OpenClaw macOS app (dev + signing)

Quick dev run

# from repo root
scripts/restart-mac.sh

Options:

scripts/restart-mac.sh --no-sign   # fastest dev; ad-hoc signing (TCC permissions do not stick)
scripts/restart-mac.sh --sign      # force code signing (requires cert)

Packaging flow

scripts/package-mac-app.sh

Creates dist/OpenClaw.app and signs it via scripts/codesign-mac-app.sh.

Signing behavior

Auto-selects identity (first match):

  1. Developer ID Application
  2. Apple Distribution
  3. Apple Development
  4. first available identity

If none found:

  • errors by default
  • set ALLOW_ADHOC_SIGNING=1 or SIGN_IDENTITY="-" to ad-hoc sign

Team ID audit (Sparkle mismatch guard)

After signing, we read the app bundle Team ID and compare every Mach-O inside the app. If any embedded binary has a different Team ID, signing fails.

Skip the audit:

SKIP_TEAM_ID_CHECK=1 scripts/package-mac-app.sh

Library validation workaround (dev only)

If Sparkle Team ID mismatch blocks loading (common with Apple Development certs), opt in:

DISABLE_LIBRARY_VALIDATION=1 scripts/package-mac-app.sh

This adds com.apple.security.cs.disable-library-validation to app entitlements. Use for local dev only; keep off for release builds.

Useful env flags

  • SIGN_IDENTITY="Apple Development: Your Name (TEAMID)"
  • ALLOW_ADHOC_SIGNING=1 (ad-hoc, TCC permissions do not persist)
  • CODESIGN_TIMESTAMP=off (offline debug)
  • DISABLE_LIBRARY_VALIDATION=1 (dev-only Sparkle workaround)
  • SKIP_TEAM_ID_CHECK=1 (bypass audit)