Payload
{
"action": "created",
"issue": {
"url": "https://api.github.com/repos/darkmatter/nixmac/issues/354",
"repository_url": "https://api.github.com/repos/darkmatter/nixmac",
"labels_url": "https://api.github.com/repos/darkmatter/nixmac/issues/354/labels{/name}",
"comments_url": "https://api.github.com/repos/darkmatter/nixmac/issues/354/comments",
"events_url": "https://api.github.com/repos/darkmatter/nixmac/issues/354/events",
"html_url": "https://github.com/darkmatter/nixmac/pull/354",
"id": 4619020147,
"node_id": "PR_kwDOSB6EzM7kOIQq",
"number": 354,
"title": "fix(native): guide Nix setup externally and gate portable builds",
"user": {
"login": "fkb032",
"id": 249513614,
"node_id": "U_kgDODt9Gjg",
"avatar_url": "https://avatars.githubusercontent.com/u/249513614?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/fkb032",
"html_url": "https://github.com/fkb032",
"followers_url": "https://api.github.com/users/fkb032/followers",
"following_url": "https://api.github.com/users/fkb032/following{/other_user}",
"gists_url": "https://api.github.com/users/fkb032/gists{/gist_id}",
"starred_url": "https://api.github.com/users/fkb032/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/fkb032/subscriptions",
"organizations_url": "https://api.github.com/users/fkb032/orgs",
"repos_url": "https://api.github.com/users/fkb032/repos",
"events_url": "https://api.github.com/users/fkb032/events{/privacy}",
"received_events_url": "https://api.github.com/users/fkb032/received_events",
"type": "User",
"user_view_type": "public",
"site_admin": false
},
"labels": [],
"state": "open",
"locked": false,
"assignees": [],
"milestone": null,
"comments": 3,
"created_at": "2026-06-09T05:08:36Z",
"updated_at": "2026-06-12T00:05:07Z",
"closed_at": null,
"assignee": null,
"author_association": "CONTRIBUTOR",
"issue_field_values": [],
"type": null,
"active_lock_reason": null,
"draft": false,
"pull_request": {
"url": "https://api.github.com/repos/darkmatter/nixmac/pulls/354",
"html_url": "https://github.com/darkmatter/nixmac/pull/354",
"diff_url": "https://github.com/darkmatter/nixmac/pull/354.diff",
"patch_url": "https://github.com/darkmatter/nixmac/pull/354.patch",
"merged_at": null
},
"body": "## Summary\n\n- Replace the in-app Nix/nix-darwin installer flow with guided external setup links and explicit recheck actions.\n- Remove now-unused frontend install/progress API wrappers and widget store state.\n- Add macOS release artifact hardening: normalize known system dylib install names and fail CI if the app, DMG, or updater tarball contains non-portable Mach-O dependencies.\n- Repack the updater `.app.tar.gz` after normalization and refresh its Tauri updater signature when a `.sig` exists.\n\nReview notes:\n- The Rust install/prefetch commands and generated event types are left as a follow-up cleanup candidate. The frontend has no remaining caller, but deleting the backend path would widen this PR into generated-type/backend install machinery.\n- Pre-existing release behavior: the updater archive is still separate from the Apple Developer ID signing/notarization path used for the DMG. This PR does not restructure that; it makes the updater archive portable and refreshes the updater signature after repacking.\n\n## Test Plan\n\n- [x] `bash ops/scripts/release/normalize-macos-install-names.test.sh`\n- [x] `bash ops/scripts/release/check-portable-macos-app.test.sh`\n- [x] `shellcheck ops/scripts/release/check-portable-macos-app.sh ops/scripts/release/check-portable-macos-app.test.sh ops/scripts/release/normalize-macos-install-names.sh ops/scripts/release/normalize-macos-install-names.test.sh`\n- [x] `yq '.' .github/workflows/build.yaml`\n- [x] `git diff --check`\n- [x] `rg \"installNix|prefetchDarwinRebuild|installStart|nixInstalling|nixInstallPhase|nixDownloadProgress|setNixInstalling|setNixInstallPhase|setNixDownloadProgress|darwinRebuildPrefetching|setDarwinRebuildPrefetching\" apps/native/src -n` returns no matches\n- [x] `bun run test:unit src/components/widget/steps/nix-setup-step.test.tsx`\n- [x] `bun run build`\n- [x] `bun run check` (0 errors, existing warnings only)\n- [x] `bun run desktop:test` (Rust: 428 passed, 2 ignored; Vitest: 22 files / 116 tests passed)\n- [x] `bun run desktop:build` produced app, DMG, and updater tarball locally, then stopped at missing local `TAURI_SIGNING_PRIVATE_KEY` as expected\n- [x] `bash ops/scripts/release/normalize-macos-install-names.sh \"$APP_PATH\" \"$DMG_PATH\" \"$TAR_GZ_PATH\"` on fresh local build artifacts\n- [x] `bash ops/scripts/release/check-portable-macos-app.sh \"$APP_PATH\" \"$DMG_PATH\" \"$TAR_GZ_PATH\"` on fresh local build artifacts (passed for 3 Mach-O files)\n- [x] Claude Opus 4.8 review: no blockers; surfaced deferred backend/updater-notarization notes\n- [x] `codex review --uncommitted`: found two release-script issues; both fixed and covered by tests\n\n## Docs\n\n- [x] No docs update needed\n",
"reactions": {
"url": "https://api.github.com/repos/darkmatter/nixmac/issues/354/reactions",
"total_count": 0,
"+1": 0,
"-1": 0,
"laugh": 0,
"hooray": 0,
"confused": 0,
"heart": 0,
"rocket": 0,
"eyes": 0
},
"timeline_url": "https://api.github.com/repos/darkmatter/nixmac/issues/354/timeline",
"performed_via_github_app": null,
"state_reason": null
},
"comment": {
"url": "https://api.github.com/repos/darkmatter/nixmac/issues/comments/4686152417",
"html_url": "https://github.com/darkmatter/nixmac/pull/354#issuecomment-4686152417",
"issue_url": "https://api.github.com/repos/darkmatter/nixmac/issues/354",
"id": 4686152417,
"node_id": "IC_kwDOSB6EzM8AAAABF1EC4Q",
"user": {
"login": "fkb032",
"id": 249513614,
"node_id": "U_kgDODt9Gjg",
"avatar_url": "https://avatars.githubusercontent.com/u/249513614?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/fkb032",
"html_url": "https://github.com/fkb032",
"followers_url": "https://api.github.com/users/fkb032/followers",
"following_url": "https://api.github.com/users/fkb032/following{/other_user}",
"gists_url": "https://api.github.com/users/fkb032/gists{/gist_id}",
"starred_url": "https://api.github.com/users/fkb032/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/fkb032/subscriptions",
"organizations_url": "https://api.github.com/users/fkb032/orgs",
"repos_url": "https://api.github.com/users/fkb032/repos",
"events_url": "https://api.github.com/users/fkb032/events{/privacy}",
"received_events_url": "https://api.github.com/users/fkb032/received_events",
"type": "User",
"user_view_type": "public",
"site_admin": false
},
"created_at": "2026-06-12T00:05:07Z",
"updated_at": "2026-06-12T00:05:07Z",
"body": "> This is an improvement. I have actually downloaded the artifact an tested inside a VM without Nix. There is one pre-existing issue, which is that a confusing error about `~/.darwin` not existing is shown to the user, as in: <img alt=\"Image\" width=\"793\" height=\"750\" src=\"https://private-user-images.githubusercontent.com/4521138/606716951-163c3e75-9918-423e-9454-f8fc170b265c.png?jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3ODEyMjI5ODksIm5iZiI6MTc4MTIyMjY4OSwicGF0aCI6Ii80NTIxMTM4LzYwNjcxNjk1MS0xNjNjM2U3NS05OTE4LTQyM2UtOTQ1NC1mOGZjMTcwYjI2NWMucG5nP1gtQW16LUFsZ29yaXRobT1BV1M0LUhNQUMtU0hBMjU2JlgtQW16LUNyZWRlbnRpYWw9QUtJQVZDT0RZTFNBNTNQUUs0WkElMkYyMDI2MDYxMiUyRnVzLWVhc3QtMSUyRnMzJTJGYXdzNF9yZXF1ZXN0JlgtQW16LURhdGU9MjAyNjA2MTJUMDAwNDQ5WiZYLUFtei1FeHBpcmVzPTMwMCZYLUFtei1TaWduYXR1cmU9MjNkYzlhNzVkOGZkMGMyNjdhMDk0Y2IyZmVmN2I1YjI3ODNjYjkzNmNhN2E1ZDM4MmYyYWIzZmVjOGNhYjgwMiZYLUFtei1TaWduZWRIZWFkZXJzPWhvc3QmcmVzcG9uc2UtY29udGVudC10eXBlPWltYWdlJTJGcG5nIn0.84ejM65c6KnYLIw3CZRoF-fVA_fzVkWc9ZNGJ7FilLI\">\r\n> \r\n> The other issue, but probably should have a separate ticket, is that it then asks the user to install `nix-darwin`, which has very complicated instructions for non-Nix people (it kinda requires knowledge not only about Nix, but also about Flakes, that need to be enabled separately). However, this is something that I think the app could install without too much effort.\r\n> \r\n> <img alt=\"Image\" width=\"814\" height=\"769\" src=\"https://private-user-images.githubusercontent.com/4521138/606717417-7883e1a3-6cd3-4995-8873-b1e5da85f17b.png?jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3ODEyMjI5ODksIm5iZiI6MTc4MTIyMjY4OSwicGF0aCI6Ii80NTIxMTM4LzYwNjcxNzQxNy03ODgzZTFhMy02Y2QzLTQ5OTUtODg3My1iMWU1ZGE4NWYxN2IucG5nP1gtQW16LUFsZ29yaXRobT1BV1M0LUhNQUMtU0hBMjU2JlgtQW16LUNyZWRlbnRpYWw9QUtJQVZDT0RZTFNBNTNQUUs0WkElMkYyMDI2MDYxMiUyRnVzLWVhc3QtMSUyRnMzJTJGYXdzNF9yZXF1ZXN0JlgtQW16LURhdGU9MjAyNjA2MTJUMDAwNDQ5WiZYLUFtei1FeHBpcmVzPTMwMCZYLUFtei1TaWduYXR1cmU9NzE4MGJlMWMyNGRjZGYxMzdkNjY0OTAwMDE3Mzk4YzJjYjBjNGMyZmU2YmU2MGZhYTg4NDExYjQyNWQxNmQ0NSZYLUFtei1TaWduZWRIZWFkZXJzPWhvc3QmcmVzcG9uc2UtY29udGVudC10eXBlPWltYWdlJTJGcG5nIn0.OB6rA2jkbpFggPrzKSVASron6u-VRxb6Jv5p_5owpM8\">\r\n> Besides this, one remark for future PR's. There are clearly two separate concerns here: the nix setup and the pacaking stuff. It would be nice to have had the latter. in a separate PR.\r\n\r\nThx & makes sense re: 2 PRs",
"author_association": "MEMBER",
"reactions": {
"url": "https://api.github.com/repos/darkmatter/nixmac/issues/comments/4686152417/reactions",
"total_count": 0,
"+1": 0,
"-1": 0,
"laugh": 0,
"hooray": 0,
"confused": 0,
"heart": 0,
"rocket": 0,
"eyes": 0
},
"performed_via_github_app": null
},
"repository": {
"id": 1209959628,
"node_id": "R_kgDOSB6EzA",
"name": "nixmac",
"full_name": "darkmatter/nixmac",
"private": false,
"owner": {
"login": "darkmatter",
"id": 17834193,
"node_id": "MDEyOk9yZ2FuaXphdGlvbjE3ODM0MTkz",
"avatar_url": "https://avatars.githubusercontent.com/u/17834193?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/darkmatter",
"html_url": "https://github.com/darkmatter",
"followers_url": "https://api.github.com/users/darkmatter/followers",
"following_url": "https://api.github.com/users/darkmatter/following{/other_user}",
"gists_url": "https://api.github.com/users/darkmatter/gists{/gist_id}",
"starred_url": "https://api.github.com/users/darkmatter/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/darkmatter/subscriptions",
"organizations_url": "https://api.github.com/users/darkmatter/orgs",
"repos_url": "https://api.github.com/users/darkmatter/repos",
"events_url": "https://api.github.com/users/darkmatter/events{/privacy}",
"received_events_url": "https://api.github.com/users/darkmatter/received_events",
"type": "Organization",
"user_view_type": "public",
"site_admin": false
},
"html_url": "https://github.com/darkmatter/nixmac",
"description": "Home manager and nix-darwin that understands plain English",
"fork": false,
"url": "https://api.github.com/repos/darkmatter/nixmac",
"forks_url": "https://api.github.com/repos/darkmatter/nixmac/forks",
"keys_url": "https://api.github.com/repos/darkmatter/nixmac/keys{/key_id}",
"collaborators_url": "https://api.github.com/repos/darkmatter/nixmac/collaborators{/collaborator}",
"teams_url": "https://api.github.com/repos/darkmatter/nixmac/teams",
"hooks_url": "https://api.github.com/repos/darkmatter/nixmac/hooks",
"issue_events_url": "https://api.github.com/repos/darkmatter/nixmac/issues/events{/number}",
"events_url": "https://api.github.com/repos/darkmatter/nixmac/events",
"assignees_url": "https://api.github.com/repos/darkmatter/nixmac/assignees{/user}",
"branches_url": "https://api.github.com/repos/darkmatter/nixmac/branches{/branch}",
"tags_url": "https://api.github.com/repos/darkmatter/nixmac/tags",
"blobs_url": "https://api.github.com/repos/darkmatter/nixmac/git/blobs{/sha}",
"git_tags_url": "https://api.github.com/repos/darkmatter/nixmac/git/tags{/sha}",
"git_refs_url": "https://api.github.com/repos/darkmatter/nixmac/git/refs{/sha}",
"trees_url": "https://api.github.com/repos/darkmatter/nixmac/git/trees{/sha}",
"statuses_url": "https://api.github.com/repos/darkmatter/nixmac/statuses/{sha}",
"languages_url": "https://api.github.com/repos/darkmatter/nixmac/languages",
"stargazers_url": "https://api.github.com/repos/darkmatter/nixmac/stargazers",
"contributors_url": "https://api.github.com/repos/darkmatter/nixmac/contributors",
"subscribers_url": "https://api.github.com/repos/darkmatter/nixmac/subscribers",
"subscription_url": "https://api.github.com/repos/darkmatter/nixmac/subscription",
"commits_url": "https://api.github.com/repos/darkmatter/nixmac/commits{/sha}",
"git_commits_url": "https://api.github.com/repos/darkmatter/nixmac/git/commits{/sha}",
"comments_url": "https://api.github.com/repos/darkmatter/nixmac/comments{/number}",
"issue_comment_url": "https://api.github.com/repos/darkmatter/nixmac/issues/comments{/number}",
"contents_url": "https://api.github.com/repos/darkmatter/nixmac/contents/{+path}",
"compare_url": "https://api.github.com/repos/darkmatter/nixmac/compare/{base}...{head}",
"merges_url": "https://api.github.com/repos/darkmatter/nixmac/merges",
"archive_url": "https://api.github.com/repos/darkmatter/nixmac/{archive_format}{/ref}",
"downloads_url": "https://api.github.com/repos/darkmatter/nixmac/downloads",
"issues_url": "https://api.github.com/repos/darkmatter/nixmac/issues{/number}",
"pulls_url": "https://api.github.com/repos/darkmatter/nixmac/pulls{/number}",
"milestones_url": "https://api.github.com/repos/darkmatter/nixmac/milestones{/number}",
"notifications_url": "https://api.github.com/repos/darkmatter/nixmac/notifications{?since,all,participating}",
"labels_url": "https://api.github.com/repos/darkmatter/nixmac/labels{/name}",
"releases_url": "https://api.github.com/repos/darkmatter/nixmac/releases{/id}",
"deployments_url": "https://api.github.com/repos/darkmatter/nixmac/deployments",
"created_at": "2026-04-14T00:37:13Z",
"updated_at": "2026-06-10T15:32:59Z",
"pushed_at": "2026-06-11T23:54:22Z",
"git_url": "git://github.com/darkmatter/nixmac.git",
"ssh_url": "git@github.com:darkmatter/nixmac.git",
"clone_url": "https://github.com/darkmatter/nixmac.git",
"svn_url": "https://github.com/darkmatter/nixmac",
"homepage": "https://nixmac.com",
"size": 681555,
"stargazers_count": 5,
"watchers_count": 5,
"language": "Rust",
"has_issues": true,
"has_projects": false,
"has_downloads": true,
"has_wiki": false,
"has_pages": true,
"has_discussions": false,
"forks_count": 1,
"mirror_url": null,
"archived": false,
"disabled": false,
"open_issues_count": 93,
"license": {
"key": "mit",
"name": "MIT License",
"spdx_id": "MIT",
"url": "https://api.github.com/licenses/mit",
"node_id": "MDc6TGljZW5zZTEz"
},
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"has_pull_requests": true,
"pull_request_creation_policy": "all",
"topics": [
"home-manager",
"nix",
"nix-darwin",
"nix-flake",
"opencode"
],
"visibility": "public",
"forks": 1,
"open_issues": 93,
"watchers": 5,
"default_branch": "develop",
"custom_properties": {}
},
"organization": {
"login": "darkmatter",
"id": 17834193,
"node_id": "MDEyOk9yZ2FuaXphdGlvbjE3ODM0MTkz",
"url": "https://api.github.com/orgs/darkmatter",
"repos_url": "https://api.github.com/orgs/darkmatter/repos",
"events_url": "https://api.github.com/orgs/darkmatter/events",
"hooks_url": "https://api.github.com/orgs/darkmatter/hooks",
"issues_url": "https://api.github.com/orgs/darkmatter/issues",
"members_url": "https://api.github.com/orgs/darkmatter/members{/member}",
"public_members_url": "https://api.github.com/orgs/darkmatter/public_members{/member}",
"avatar_url": "https://avatars.githubusercontent.com/u/17834193?v=4",
"description": ""
},
"enterprise": {
"id": 469843,
"slug": "darkmatter",
"name": "darkmatter",
"node_id": "E_kgDOAAcrUw",
"avatar_url": "https://avatars.githubusercontent.com/b/469843?v=4",
"description": "",
"website_url": "darkmatter.io",
"html_url": "https://github.com/enterprises/darkmatter",
"created_at": "2025-09-07T16:01:00Z",
"updated_at": "2026-06-07T16:53:26Z"
},
"sender": {
"login": "fkb032",
"id": 249513614,
"node_id": "U_kgDODt9Gjg",
"avatar_url": "https://avatars.githubusercontent.com/u/249513614?v=4",
"gravatar_id": "",
"url": "https://api.github.com/users/fkb032",
"html_url": "https://github.com/fkb032",
"followers_url": "https://api.github.com/users/fkb032/followers",
"following_url": "https://api.github.com/users/fkb032/following{/other_user}",
"gists_url": "https://api.github.com/users/fkb032/gists{/gist_id}",
"starred_url": "https://api.github.com/users/fkb032/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/fkb032/subscriptions",
"organizations_url": "https://api.github.com/users/fkb032/orgs",
"repos_url": "https://api.github.com/users/fkb032/repos",
"events_url": "https://api.github.com/users/fkb032/events{/privacy}",
"received_events_url": "https://api.github.com/users/fkb032/received_events",
"type": "User",
"user_view_type": "public",
"site_admin": false
},
"installation": {
"id": 131074261,
"node_id": "MDIzOkludGVncmF0aW9uSW5zdGFsbGF0aW9uMTMxMDc0MjYx"
}
}