mirror of
https://github.com/NanmiCoder/cc-haha
synced 2026-07-16 13:03:31 +08:00
The local Apple Silicon packaging script produced app bundles that could fail strict bundle validation because the outer .app had no sealed resources. The fix shallow-signs only the copied canonical app bundle and checks that the claude-sidecar code-signature hash stays unchanged. Constraint: GitHub Actions release packaging must remain on the existing tauri-action path Constraint: macOS Keychain ACLs are sensitive to sidecar code-signature hashes Rejected: Set macOS signingIdentity in release CI | Tauri re-signs nested sidecars and can change Keychain caller identity Confidence: high Scope-risk: narrow Directive: Do not deep-sign claude-sidecar without proving existing Keychain ACLs still work after upgrade Tested: bash -n desktop/scripts/build-macos-arm64.sh Tested: SKIP_INSTALL=1 desktop/scripts/build-macos-arm64.sh Tested: codesign --verify --deep --strict --verbose=2 desktop/build-artifacts/macos-arm64/Claude\ Code\ Haha.app Tested: open -n desktop/build-artifacts/macos-arm64/Claude\ Code\ Haha.app and /health returned ok Not-tested: GitHub Actions release workflow, intentionally unchanged
Claude Code Haha Desktop
基于 Tauri 2 + React 的桌面客户端。
开发
bun install
bun run tauri dev
构建
# macOS (Apple Silicon)
./scripts/build-macos-arm64.sh
# Windows (x64, MSI only)
.\scripts\build-windows-x64.ps1
构建产物位于 build-artifacts/ 目录,文件名会显式包含平台、架构和包类型。
常见问题
macOS 提示"已损坏,无法打开"
xattr -cr /Applications/Claude\ Code\ Haha.app