Skip to content

[nightly-security] Handle release candidate appcast watch#684

Draft
r3dbars wants to merge 1 commit intomainfrom
codex/nightly-security-rc-appcast-watch
Draft

[nightly-security] Handle release candidate appcast watch#684
r3dbars wants to merge 1 commit intomainfrom
codex/nightly-security-rc-appcast-watch

Conversation

@r3dbars
Copy link
Copy Markdown
Owner

@r3dbars r3dbars commented May 8, 2026

Summary

  • classify one-patch unreleased Info.plist bumps as appcast watch items instead of release-integrity failures
  • keep real appcast mismatches as deterministic findings
  • document the release-candidate watch behavior

Verification

  • python3 -m py_compile scripts/ops/nightly-security-check.py
  • python3 scripts/ops/nightly-security-check.py --write-report build/nightly-security-report.json
  • bash run-tests.sh
  • bash scripts/release/verify-sparkle-release.sh 1.1.32

Nightly result

  • Score: 100/100
  • Findings: none
  • Watch item: Info.plist is prepared for 1.1.33 while appcast remains on published 1.1.32
  • No build/Transcripted.app was present, so app-bundle verification was skipped

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

codex codex-automation

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@r3dbars