github/openclaw
1
1
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-02-19 18:39:20 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
fb8e4489a387331868c287c4cd6aa87db1161963
openclaw/apps/macos
History
Josh Palmer 69aa3df116 macOS: honor stable Nix defaults suite (#12205) 
* macOS: honor Nix defaults suite; auto launch in Nix mode

Fixes repeated onboarding in Nix deployments by detecting nixMode from the stable defaults suite (ai.openclaw.mac) and bridging key settings into the current defaults domain.

Also enables LaunchAgent autostart by default in Nix mode (escape hatch: openclaw.nixAutoLaunchAtLogin=false).

* macOS: keep Nix mode fix focused

Drop the automatic launch-at-login behavior from the Nix defaults patch; keep this PR scoped to reliable nixMode detection + defaults bridging.

* macOS: simplify nixMode fix

Remove the defaults-bridging helper and rely on a single, stable defaults suite (ai.openclaw.mac) for nixMode detection when running as an app bundle. This keeps the fix focused on onboarding suppression and rename churn resilience.

* macOS: fix nixMode defaults suite churn (#12205)
2026-02-08 17:28:22 -08:00
..
Icon.icon
refactor: rename to openclaw
2026-01-30 03:16:21 +01:00
Sources
macOS: honor stable Nix defaults suite (#12205)
2026-02-08 17:28:22 -08:00
Tests/OpenClawIPCTests
macOS: honor stable Nix defaults suite (#12205)
2026-02-08 17:28:22 -08:00
Package.resolved
chore: update appcast for 2026.1.30
2026-01-31 14:31:00 +01:00
Package.swift
refactor: rename to openclaw
2026-01-30 03:16:21 +01:00
README.md
refactor: rename to openclaw
2026-01-30 03:16:21 +01:00

README.md

OpenClaw macOS app (dev + signing)

Quick dev run

# from repo root
scripts/restart-mac.sh

Options:

scripts/restart-mac.sh --no-sign   # fastest dev; ad-hoc signing (TCC permissions do not stick)
scripts/restart-mac.sh --sign      # force code signing (requires cert)

Packaging flow

scripts/package-mac-app.sh

Creates dist/OpenClaw.app and signs it via scripts/codesign-mac-app.sh.

Signing behavior

Auto-selects identity (first match):

  1. Developer ID Application
  2. Apple Distribution
  3. Apple Development
  4. first available identity

If none found:

  • errors by default
  • set ALLOW_ADHOC_SIGNING=1 or SIGN_IDENTITY="-" to ad-hoc sign

Team ID audit (Sparkle mismatch guard)

After signing, we read the app bundle Team ID and compare every Mach-O inside the app. If any embedded binary has a different Team ID, signing fails.

Skip the audit:

SKIP_TEAM_ID_CHECK=1 scripts/package-mac-app.sh

Library validation workaround (dev only)

If Sparkle Team ID mismatch blocks loading (common with Apple Development certs), opt in:

DISABLE_LIBRARY_VALIDATION=1 scripts/package-mac-app.sh

This adds com.apple.security.cs.disable-library-validation to app entitlements. Use for local dev only; keep off for release builds.

Useful env flags

  • SIGN_IDENTITY="Apple Development: Your Name (TEAMID)"
  • ALLOW_ADHOC_SIGNING=1 (ad-hoc, TCC permissions do not persist)
  • CODESIGN_TIMESTAMP=off (offline debug)
  • DISABLE_LIBRARY_VALIDATION=1 (dev-only Sparkle workaround)
  • SKIP_TEAM_ID_CHECK=1 (bypass audit)
Reference in New Issue View Git Blame Copy Permalink