Skip to content

Improve development build experience #516

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
johnyoonh wants to merge 2 commits into from
Closed

Improve development build experience #516

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
0e0eaa7
Add output.log to .gitignore
johnyoonh Mar 13, 2026
bb54acf
Improve development build experience
johnyoonh Mar 13, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ debug_*.swift
.vscode/
.codex/environments/
.swiftpm-cache/
output.log

# Debug/analysis docs
docs/*-analysis.md
Expand Down
10 changes: 10 additions & 0 deletions Scripts/compile_and_run.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,16 @@
set -euo pipefail

ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"

# Source .envrc if it exists to load APP_IDENTITY and other environment variables
# Note: This executes all commands in .envrc, but direnv requires explicit user approval
# via 'direnv allow', so this is safe for development use.
if [[ -f "${ROOT_DIR}/.envrc" ]]; then
# shellcheck disable=SC1091
source "${ROOT_DIR}/.envrc"
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot Mar 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Avoid sourcing .envrc directly in build script

compile_and_run.sh runs with set -euo pipefail, so sourcing .envrc executes every command in that file and hard-fails on common direnv-only helpers (for example PATH_add/use), which can break local builds even when APP_IDENTITY is the only value needed. This also removes direnv’s explicit trust gate: if someone adds a .envrc in a branch, running this script will execute it immediately.

Useful? React with 👍 / 👎.

Copy link
Copy Markdown
Collaborator

@ratulsarna ratulsarna Mar 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could we verify whether sourcing .envrc directly here bypasses direnv's approval model, so a branch-specific change to that file would be executed whenever this script runs?

Copy link
Copy Markdown
Collaborator

@ratulsarna ratulsarna Mar 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could we confirm that the .envrc files we expect contributors to use are valid to source in plain bash, rather than relying on direnv-only helpers such as use or PATH_add that would cause this script to fail under set -e?

export APP_IDENTITY
Comment on lines +13 to +14
Comment on lines +12 to +14
Comment on lines +12 to +14
fi

Comment on lines +8 to +16
Comment on lines +8 to +16
APP_BUNDLE="${ROOT_DIR}/CodexBar.app"
APP_PROCESS_PATTERN="CodexBar.app/Contents/MacOS/CodexBar"
DEBUG_PROCESS_PATTERN="${ROOT_DIR}/.build/debug/CodexBar"
Expand Down
7 changes: 7 additions & 0 deletions Scripts/package_app.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -197,6 +197,13 @@ cat > "$APP/Contents/Info.plist" <<PLIST
<key>SUEnableAutomaticChecks</key><${AUTO_CHECKS}/>
<key>CodexBuildTimestamp</key><string>${BUILD_TIMESTAMP}</string>
<key>CodexGitCommit</key><string>${GIT_COMMIT}</string>
<!-- Usage descriptions for macOS privacy permissions -->
<key>NSAppleEventsUsageDescription</key><string>CodexBar needs to interact with other applications to open URLs and manage your AI coding sessions.</string>
<key>NSDesktopFolderUsageDescription</key><string>CodexBar needs access to open configuration and log files from your Desktop.</string>
<key>NSDocumentsFolderUsageDescription</key><string>CodexBar needs access to open configuration and log files from your Documents folder.</string>
<key>NSDownloadsFolderUsageDescription</key><string>CodexBar needs access to open configuration and log files from your Downloads folder.</string>
Comment on lines +202 to +204
<key>NSPhotoLibraryUsageDescription</key><string>CodexBar does not access your photo library. This permission is requested by a system framework but is not used.</string>
<key>NSAppleMusicUsageDescription</key><string>CodexBar does not access Apple Music. This permission is requested by a system framework but is not used.</string>
</dict>
</plist>
PLIST
Expand Down