cicy-desktop 2.1.153 → 2.1.154

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "cicy-desktop",
3
- "version": "2.1.153",
3
+ "version": "2.1.154",
4
4
  "description": "CiCy - AI-powered operating system browser",
5
5
  "main": "src/main.js",
6
6
  "bin": {
@@ -7,47 +7,10 @@ APP="/Applications/CiCy Desktop.app"
7
7
  [ -d "$APP" ] || exit 0
8
8
  /usr/bin/xattr -dr com.apple.quarantine "$APP" 2>/dev/null || true
9
9
  /usr/bin/xattr -cr "$APP" 2>/dev/null || true
10
-
11
- # ── Stable LOCAL code-signing identity (主人令: 用自签证书) ────────────────────
12
- # ad-hoc has no stable identity, so macOS never persists the Screen-Recording TCC
13
- # grant it re-prompts forever. A self-signed cert gives the app a STABLE designated
14
- # requirement, so the grant sticks after the user allows it once. We run as root here,
15
- # so we can write the System keychain + trust the cert with NO password prompt.
16
- SIGN_CN="CiCy Desktop Local Signing"
17
- SYS_KC="/Library/Keychains/System.keychain"
18
- if ! /usr/bin/security find-identity -p codesigning "$SYS_KC" 2>/dev/null | grep -qF "$SIGN_CN"; then
19
- TMPD="$(/usr/bin/mktemp -d)"
20
- # Config file (portable across the LibreSSL that ships in /usr/bin/openssl, which
21
- # lacks `-addext`). codeSigning EKU is what makes it a valid signing identity.
22
- cat > "$TMPD/c.cnf" <<CNF
23
- [req]
24
- distinguished_name = dn
25
- x509_extensions = v3
26
- prompt = no
27
- [dn]
28
- CN = $SIGN_CN
29
- [v3]
30
- basicConstraints = critical,CA:false
31
- keyUsage = critical,digitalSignature
32
- extendedKeyUsage = critical,codeSigning
33
- CNF
34
- /usr/bin/openssl req -x509 -newkey rsa:2048 -keyout "$TMPD/k.pem" -out "$TMPD/c.pem" \
35
- -days 3650 -nodes -config "$TMPD/c.cnf" >/dev/null 2>&1
36
- /usr/bin/openssl pkcs12 -export -inkey "$TMPD/k.pem" -in "$TMPD/c.pem" \
37
- -out "$TMPD/id.p12" -passout pass:cicy -name "$SIGN_CN" >/dev/null 2>&1
38
- # -A = no ACL on the key → codesign can use it without a partition-list/password dance.
39
- /usr/bin/security import "$TMPD/id.p12" -k "$SYS_KC" -P cicy -A >/dev/null 2>&1 || true
40
- /usr/bin/security add-trusted-cert -d -r trustRoot -p codeSign -k "$SYS_KC" "$TMPD/c.pem" >/dev/null 2>&1 || true
41
- /bin/rm -rf "$TMPD"
42
- fi
43
- if /usr/bin/security find-identity -p codesigning "$SYS_KC" 2>/dev/null | grep -qF "$SIGN_CN"; then
44
- /usr/bin/codesign --force --deep --sign "$SIGN_CN" --keychain "$SYS_KC" "$APP" 2>/dev/null \
45
- && echo "signed with local identity: $SIGN_CN" \
46
- || /usr/bin/codesign --force --deep --sign - "$APP" 2>/dev/null || true
47
- else
48
- echo "local identity unavailable — falling back to ad-hoc"
49
- /usr/bin/codesign --force --deep --sign - "$APP" 2>/dev/null || true
50
- fi
10
+ # Re-ad-hoc-sign so the app opens with no Apple cert. (A self-signed cert was tried to
11
+ # make the Screen-Recording grant persist it did sign, but macOS 15 still re-prompts
12
+ # without an Apple Team ID, so it was dropped; desktop capture is OFF by default on mac.)
13
+ /usr/bin/codesign --force --deep --sign - "$APP" 2>/dev/null || true
51
14
 
52
15
  # Desktop shortcut for the logged-in user (postinstall runs as root, so resolve the
53
16
  # console user + their home and chown the symlink to them). Launchpad/Spotlight pick
@@ -35,12 +35,15 @@ function snapDir() {
35
35
 
36
36
  // Is desktop screen capture allowed here? Single source of truth shared by the
37
37
  // periodic daemon (main.js) AND the on-demand `desktop_snapshot` tool's live fallback.
38
- // ON by default on every platform (主人令: 不能关周期截图 the agent needs to watch the
39
- // screen). The macOS repeated Screen-Recording prompt is NOT fixed by disabling capture
40
- // but by giving the app a STABLE signing identity (see scripts/mac-allinone codesign), so
41
- // the TCC grant sticks. Opt out entirely with CICY_DESKTOP_SNAPSHOT=0.
38
+ // OFF by default on macOS: any capture trips the Screen-Recording prompt, and macOS 15
39
+ // won't persist the grant for a non-Apple-Team-ID signature (ad-hoc AND a self-signed
40
+ // cert both re-prompt verified). So unless you ship an Apple Developer-ID + notarized
41
+ // build, the only way to "no prompts" is to not capture. Opt in with CICY_DESKTOP_SNAPSHOT=1.
42
+ // win/linux are ON by default (no such prompt); opt out with =0.
42
43
  function snapshotEnabled() {
43
- return process.env.CICY_DESKTOP_SNAPSHOT !== "0";
44
+ return process.platform === "darwin"
45
+ ? process.env.CICY_DESKTOP_SNAPSHOT === "1"
46
+ : process.env.CICY_DESKTOP_SNAPSHOT !== "0";
44
47
  }
45
48
 
46
49
  function intervalMs(opt) {