Skip to content

fix(build): configure macOS SDK signing#21

Merged
sozercan merged 1 commit into
masterfrom
agent/fix-xcode-signing-settings
Jul 16, 2026
Merged

fix(build): configure macOS SDK signing#21
sozercan merged 1 commit into
masterfrom
agent/fix-xcode-signing-settings

Conversation

@sozercan

Copy link
Copy Markdown
Owner

Summary

  • add macOS SDK-specific signing identity and development team settings to the Release configuration
  • keep the existing default Release signing values intact
  • normalize the OpenInCodeCore.m build-file entry ordering generated by Xcode

Why

The project needs explicit SDK-scoped signing values so Xcode resolves the intended Apple Development identity and team for macOS builds instead of relying only on the generic Release signing configuration.

Impact

Release builds targeting the macOS SDK now resolve Apple Development with team 57QNR9B89Q. No application source code or runtime behavior changes.

Validation

  • plutil -lint 'Open in Code.xcodeproj/project.pbxproj'
  • xcodebuild -list -project 'Open in Code.xcodeproj'
  • ./scripts/test.sh
  • Release build with CODE_SIGNING_ALLOWED=NO
  • verified Release build settings resolve the expected signing identity and team

Signed-off-by: Sertac Ozercan <sozercan@gmail.com>
Copilot AI review requested due to automatic review settings July 16, 2026 04:08
@sozercan
sozercan merged commit 37db161 into master Jul 16, 2026
1 check passed
@sozercan
sozercan deleted the agent/fix-xcode-signing-settings branch July 16, 2026 04:09

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Configures SDK-scoped signing for macOS Release builds and normalizes Xcode project ordering.

Changes:

  • Adds macOS-specific signing identity and development team.
  • Reorders the OpenInCodeCore.m build-file entry.
Show a summary per file
File Description
Open in Code.xcodeproj/project.pbxproj Updates Release signing and project entry ordering.

Review details

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

  • Files reviewed: 1/1 changed files
  • Comments generated: 1
  • Review effort level: Medium

Comment on lines +265 to +269
"CODE_SIGN_IDENTITY[sdk=macosx*]" = "Apple Development";
CODE_SIGN_STYLE = Manual;
COMBINE_HIDPI_IMAGES = YES;
DEVELOPMENT_TEAM = VURRGRYW45;
"DEVELOPMENT_TEAM[sdk=macosx*]" = 57QNR9B89Q;

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 24c6c240cc

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment on lines +265 to +269
"CODE_SIGN_IDENTITY[sdk=macosx*]" = "Apple Development";
CODE_SIGN_STYLE = Manual;
COMBINE_HIDPI_IMAGES = YES;
DEVELOPMENT_TEAM = VURRGRYW45;
"DEVELOPMENT_TEAM[sdk=macosx*]" = 57QNR9B89Q;

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Keep Release signing on Developer ID

For normal macOS Release builds/archives, the sdk=macosx* conditional applies and overrides the unqualified Release CODE_SIGN_IDENTITY/DEVELOPMENT_TEAM, so Xcode will select Apple Development with team 57QNR9B89Q instead of the configured Developer ID identity/team. That conflicts with the documented Release path in README.md lines 27 and 37, and with the release workflow's own distinction that Apple Development builds are not notarized (.github/workflows/release.yml lines 165-170), so Release archives produced from the project become unsuitable for public distribution even when a Developer ID certificate is installed.

Useful? React with 👍 / 👎.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants