jaylfc · jaylfc · Apr 28, 2026 · Apr 28, 2026 · Apr 28, 2026 · Apr 28, 2026
diff --git a/.gitignore b/.gitignore
@@ -3,6 +3,8 @@ __pycache__/
 *.egg-info/
 dist/
 build/
+!mac/build/
+mac/launcher/.build/
 *.db
 .superpowers/
 .worktrees/

diff --git a/mac/README.md b/mac/README.md
@@ -0,0 +1,17 @@
+# taOS Mac App build
+
+Build pipeline for the macOS `.app` bundle (Apple Silicon, macOS 26+).
+
+See `docs/superpowers/specs/2026-04-28-taos-mac-app-c1-design.md` for the full design.
+
+## Quick start
+
+    ./mac/build/build.sh --version 0.1.0 --output dist/
+
+Produces `dist/taOS.app`, `dist/taOS-0.1.0.dmg`, and `dist/taOS-0.1.0.dmg.sig`.
+
+## Layout
+
+- `launcher/` — Swift Package for the native launcher
+- `build/` — shell pipeline (orchestrator + step scripts)
+- `appcast/` — Sparkle appcast.xml + EdDSA public key
diff --git a/mac/appcast/appcast.xml b/mac/appcast/appcast.xml
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="utf-8"?>
+<rss version="2.0" xmlns:sparkle="http://www.andymatuschak.org/xml-namespaces/sparkle">
+  <channel>
+    <title>taOS Updates</title>
+    <link>https://taos.app/appcast.xml</link>
+    <description>Sparkle feed for taOS</description>
+    <language>en</language>
+  </channel>
+</rss>
diff --git a/mac/build/RELEASE_TESTING.md b/mac/build/RELEASE_TESTING.md
@@ -0,0 +1,61 @@
+# taOS Mac App — Release Testing Checklist
+
+Run on a fresh macOS 26 install (or a wiped data dir) before tagging a release.
+
+## 1. Fresh install
+
+- [ ] Open `taOS-X.Y.Z.dmg` → drag to Applications.
+- [ ] Right-click `/Applications/taOS.app` → Open → confirm "open" in Gatekeeper dialog.
+- [ ] Status-bar `taOS` icon appears.
+- [ ] First-run wizard opens in **phone-shape mode**.
+- [ ] Setup completes; Dock icon disappears after closing the window.
+
+## 2. Container creation
+
+- [ ] Create a project, add an agent.
+- [ ] Open Terminal: `container ls` shows the new container.
+- [ ] Send chat → response received.
+- [ ] Trace store entry shows `host.containers.internal:4000` reachable.
+
+## 3. Window-mode toggle
+
+- [ ] `Cmd+Shift+M` switches phone ↔ fullscreen.
+- [ ] In fullscreen, `Cmd+Q` is intercepted (no quit).
+- [ ] In fullscreen, `Ctrl+→` moves to the next Space.
+- [ ] In fullscreen, three-finger swipe moves Spaces.
+
+## 4. Quit + relaunch
+
+- [ ] Close window with the red traffic light.
+- [ ] Dock icon hides; status-bar icon stays.
+- [ ] `~/Library/Logs/taOS/server.log` keeps writing.
+- [ ] "Quit taOS" from status bar → graceful shutdown logged → process gone.
+- [ ] Relaunch → restores last window mode + last project.
+
+## 5. Update path
+
+- [ ] Stage a fake v0.1.1 DMG.
+- [ ] Serve a local appcast: `cd staging && python -m http.server 8000`.
+- [ ] In test build, set `SUFeedURL` to `http://127.0.0.1:8000/appcast.xml`.
+- [ ] Sparkle prompts → EdDSA verifies → relaunches at v0.1.1.
+- [ ] Re-run with a tampered DMG → install refused; `~/Library/Logs/taOS/sparkle.log` has a verification-failed entry; app stays on v0.1.0.
+
+## 6. Failure isolation
+
+- [ ] Kill FastAPI from Activity Monitor → status-bar icon goes yellow → "Restart Server" works.
+- [ ] Stop the container daemon → existing containers listed but new creates fail with the documented note → restart daemon → recovers.
+- [ ] Disconnect network → Sparkle silently skips next scheduled check.
+
+## 7. Uninstall
+
+- [ ] Trash `/Applications/taOS.app`.
+- [ ] `~/Library/Application Support/taOS/` untouched.
+- [ ] Reinstall the same DMG → no setup wizard, picks up where it left off.
+- [ ] `brew uninstall --cask --zap taos` (when Cask exists) wipes the four `~/Library/...` dirs.
+
+## Sign-off
+
+Tester: ______________  Date: ______________
+Version: ______________  All boxes checked: yes / no
+
+Failures: file as GitHub issues with `mac-release` label and block release until resolved.
diff --git a/mac/build/assemble_bundle.sh b/mac/build/assemble_bundle.sh
@@ -0,0 +1,92 @@
+#!/usr/bin/env bash
+# Build taOS.app/Contents/ from staging dirs.
+#
+# Args: --version <X.Y.Z> --staging <DIR> --launcher-binary <PATH> --output <DIR>
+set -euo pipefail
+
+VERSION=""
+STAGING=""
+LAUNCHER_BINARY=""
+OUTPUT=""
+while [[ $# -gt 0 ]]; do
+  case "$1" in
+    --version) VERSION="$2"; shift 2 ;;
+    --staging) STAGING="$2"; shift 2 ;;
+    --launcher-binary) LAUNCHER_BINARY="$2"; shift 2 ;;
+    --output) OUTPUT="$2"; shift 2 ;;
+    *) echo "assemble_bundle.sh: unknown arg $1" >&2; exit 2 ;;
+  esac
+done
+
+[[ -n "$VERSION" && -n "$STAGING" && -n "$LAUNCHER_BINARY" && -n "$OUTPUT" ]] \
+  || { echo "all args required" >&2; exit 2; }
+
+REPO_ROOT="$(cd "$(dirname "$0")/../.." && pwd)"
+APP="$OUTPUT/taOS.app"
+CONTENTS="$APP/Contents"
+
+rm -rf "$APP"
+mkdir -p "$CONTENTS/MacOS" "$CONTENTS/Resources" "$CONTENTS/Frameworks"
+
+# Info.plist
+ED_KEY_FILE="$REPO_ROOT/mac/appcast/ed_public.pem"
+if [[ -f "$ED_KEY_FILE" ]]; then
+  SU_PUBLIC_ED_KEY="$(grep -v '^-----' "$ED_KEY_FILE" | tr -d '\n')"
+else
+  echo "[assemble_bundle] no ed_public.pem — Sparkle will be disabled in this build"
+  SU_PUBLIC_ED_KEY=""
+fi
+sed -e "s|\${VERSION}|$VERSION|g" \
+    -e "s|\${SU_PUBLIC_ED_KEY}|$SU_PUBLIC_ED_KEY|g" \
+    "$REPO_ROOT/mac/launcher/Sources/taOSLauncher/Resources/Info.plist.in" \
+    > "$CONTENTS/Info.plist"
+
+echo -n "APPL????" > "$CONTENTS/PkgInfo"
+
+# Launcher binary
+cp "$LAUNCHER_BINARY" "$CONTENTS/MacOS/taOS"
+chmod +x "$CONTENTS/MacOS/taOS"
+
+# Python distribution
+cp -R "$STAGING/python" "$CONTENTS/Resources/python"
+
+# taOS source tree
+mkdir -p "$CONTENTS/Resources/taos"
+cp -R "$REPO_ROOT/tinyagentos" "$CONTENTS/Resources/taos/tinyagentos"
+find "$CONTENTS/Resources/taos" -type d -name __pycache__ -exec rm -rf {} +
+find "$CONTENTS/Resources/taos" -type f -name "*.pyc" -delete
+cp "$REPO_ROOT/pyproject.toml" "$CONTENTS/Resources/taos/pyproject.toml"
+
+# Bundle the data/ skeleton (config example, seed agents, templates) so the
+# launcher can copy it into ~/Library/Application Support/taOS on first run.
+if [[ -d "$REPO_ROOT/data" ]]; then
+  cp -R "$REPO_ROOT/data" "$CONTENTS/Resources/taos/data"
+fi
+# Bundle the app-catalog so backend auto-registration can find service manifests.
+if [[ -d "$REPO_ROOT/app-catalog" ]]; then
+  cp -R "$REPO_ROOT/app-catalog" "$CONTENTS/Resources/taos/app-catalog"
+fi
+
+# Frontend
+cp -R "$STAGING/frontend" "$CONTENTS/Resources/frontend"
+
+# Apple container CLI + libexec plugins (image/network/runtime)
+mkdir -p "$CONTENTS/Resources/bin"
+cp "$STAGING/bin/container" "$CONTENTS/Resources/bin/container"
+chmod +x "$CONTENTS/Resources/bin/container"
+if [[ -d "$STAGING/libexec/container" ]]; then
+  mkdir -p "$CONTENTS/Resources/libexec"
+  cp -R "$STAGING/libexec/container" "$CONTENTS/Resources/libexec/container"
+fi
+
+# Sparkle.framework — fetched/extracted by build.sh prior
+if [[ -d "$STAGING/Sparkle.framework" ]]; then
+  cp -R "$STAGING/Sparkle.framework" "$CONTENTS/Frameworks/Sparkle.framework"
+fi
+
+# AppIcon
+if [[ -f "$STAGING/AppIcon.icns" ]]; then
+  cp "$STAGING/AppIcon.icns" "$CONTENTS/Resources/AppIcon.icns"
+fi
+
+echo "[assemble_bundle] done: $APP"
diff --git a/mac/build/build.sh b/mac/build/build.sh
@@ -0,0 +1,89 @@
+#!/usr/bin/env bash
+# Orchestrate the full build: launcher, python, frontend, container CLI,
+# bundle, sign, DMG, sparkle-sign, notarize.
+#
+# Args:
+#   --version <X.Y.Z>
+#   --python-version <PYVER>
+#   --container-cli-version <CLIVER>
+#   --output <DIR>
+set -euo pipefail
+
+VERSION=""
+PYTHON_VER="3.12.13"
+CLI_VER="0.12.0"
+OUTPUT="dist"
+while [[ $# -gt 0 ]]; do
+  case "$1" in
+    --version) VERSION="$2"; shift 2 ;;
+    --python-version) PYTHON_VER="$2"; shift 2 ;;
+    --container-cli-version) CLI_VER="$2"; shift 2 ;;
+    --output) OUTPUT="$2"; shift 2 ;;
+    *) echo "build.sh: unknown arg $1" >&2; exit 2 ;;
+  esac
+done
+
+[[ -n "$VERSION" ]] || { echo "--version required" >&2; exit 2; }
+
+REPO_ROOT="$(cd "$(dirname "$0")/../.." && pwd)"
+SCRIPT_DIR="$REPO_ROOT/mac/build"
+STAGING="$REPO_ROOT/$OUTPUT/staging"
+
+echo "[build] env validation"
+command -v swift >/dev/null || { echo "swift not found" >&2; exit 1; }
+command -v create-dmg >/dev/null || { echo "create-dmg not found (brew install create-dmg)" >&2; exit 1; }
+
+mkdir -p "$REPO_ROOT/$OUTPUT"
+rm -rf "$STAGING"
+mkdir -p "$STAGING"
+
+echo "[build] (1/9) launcher"
+cd "$REPO_ROOT/mac/launcher"
+swift build -c release --arch arm64
+LAUNCHER_BINARY="$REPO_ROOT/mac/launcher/.build/arm64-apple-macosx/release/taOSLauncher"
+cd "$REPO_ROOT"
+
+echo "[build] (2/9) python"
+"$SCRIPT_DIR/build_python.sh" --version "$PYTHON_VER" --output "$STAGING"
+
+echo "[build] (3/9) frontend"
+"$SCRIPT_DIR/build_frontend.sh" --output "$STAGING"
+
+echo "[build] (4/9) container CLI"
+"$SCRIPT_DIR/fetch_container_cli.sh" --version "$CLI_VER" --output "$STAGING"
+
+echo "[build] (5/9) assemble bundle"
+"$SCRIPT_DIR/assemble_bundle.sh" \
+    --version "$VERSION" \
+    --staging "$STAGING" \
+    --launcher-binary "$LAUNCHER_BINARY" \
+    --output "$REPO_ROOT/$OUTPUT"
+
+APP="$REPO_ROOT/$OUTPUT/taOS.app"
+
+echo "[build] (6/9) sign"
+"$SCRIPT_DIR/sign.sh" --app "$APP"
+
+echo "[build] (7/9) package DMG"
+"$SCRIPT_DIR/package_dmg.sh" --app "$APP" --version "$VERSION" --output "$REPO_ROOT/$OUTPUT"
+DMG="$REPO_ROOT/$OUTPUT/taOS-$VERSION.dmg"
+
+echo "[build] (8/9) notarize"
+"$SCRIPT_DIR/notarize.sh" --dmg "$DMG"
+
+echo "[build] (9/9) sparkle-sign"
+SPARKLE_KEY="${SPARKLE_ED_PRIVATE_KEY:-$HOME/.taos/sparkle_ed_private.pem}"
+if [[ -f "$SPARKLE_KEY" ]]; then
+  "$SCRIPT_DIR/sparkle_sign.sh" --dmg "$DMG" --version "$VERSION" --output "$REPO_ROOT/$OUTPUT"
+else
+  echo "[sparkle-sign] skipped — no Sparkle EdDSA private key at $SPARKLE_KEY"
+fi
+
+# Clean staging on success
+rm -rf "$STAGING"
+
+echo "[build] done"
+echo "  app: $APP"
+echo "  dmg: $DMG"
+echo "  sig: ${DMG}.sig"
+echo "  appcast snippet: $REPO_ROOT/$OUTPUT/appcast-snippet.xml"
diff --git a/mac/build/build_frontend.sh b/mac/build/build_frontend.sh
@@ -0,0 +1,31 @@
+#!/usr/bin/env bash
+# Build the Vite frontend and copy output to staging.
+#
+# Args: --output <STAGING_DIR>
+set -euo pipefail
+
+OUTPUT=""
+while [[ $# -gt 0 ]]; do
+  case "$1" in
+    --output) OUTPUT="$2"; shift 2 ;;
+    *) echo "build_frontend.sh: unknown arg $1" >&2; exit 2 ;;
+  esac
+done
+
+[[ -n "$OUTPUT" ]] || { echo "--output required" >&2; exit 2; }
+
+REPO_ROOT="$(cd "$(dirname "$0")/../.." && pwd)"
+
+cd "$REPO_ROOT/desktop"
+echo "[build_frontend] npm ci"
+npm ci
+echo "[build_frontend] npm run build"
+npm run build
+
+# Vite is configured (desktop/vite.config.ts) to write to ../static/desktop
+DIST="$REPO_ROOT/static/desktop"
+[[ -d "$DIST" ]] || { echo "[build_frontend] missing $DIST" >&2; exit 1; }
+
+mkdir -p "$OUTPUT/frontend"
+cp -R "$DIST"/. "$OUTPUT/frontend/"
+echo "[build_frontend] done: $OUTPUT/frontend"
diff --git a/mac/build/build_python.sh b/mac/build/build_python.sh
@@ -0,0 +1,50 @@
+#!/usr/bin/env bash
+# Build the embedded Python distribution from python-build-standalone.
+#
+# Args: --version <PYTHON_VER> --output <STAGING_DIR>
+# Output: $STAGING_DIR/python/{bin,lib,...}
+set -euo pipefail
+
+PYTHON_VER=""
+OUTPUT=""
+while [[ $# -gt 0 ]]; do
+  case "$1" in
+    --version) PYTHON_VER="$2"; shift 2 ;;
+    --output) OUTPUT="$2"; shift 2 ;;
+    *) echo "build_python.sh: unknown arg $1" >&2; exit 2 ;;
+  esac
+done
+
+[[ -n "$PYTHON_VER" ]] || { echo "--version required" >&2; exit 2; }
+[[ -n "$OUTPUT" ]] || { echo "--output required" >&2; exit 2; }
+
+REPO_ROOT="$(cd "$(dirname "$0")/../.." && pwd)"
+CHECKSUM_FILE="$REPO_ROOT/mac/build/checksums/python-build-standalone.sha256"
+
+# Latest stable release naming convention from astral-sh/python-build-standalone
+TAG="20260414"
+URL="https://github.com/astral-sh/python-build-standalone/releases/download/${TAG}/cpython-${PYTHON_VER}+${TAG}-aarch64-apple-darwin-install_only.tar.gz"
+
+mkdir -p "$OUTPUT"
+TARBALL="$OUTPUT/python-${PYTHON_VER}.tar.gz"
+
+echo "[build_python] downloading $URL"
+curl -L --fail -o "$TARBALL" "$URL"
+
+EXPECTED_SHA="$(cat "$CHECKSUM_FILE")"
+ACTUAL_SHA="$(shasum -a 256 "$TARBALL" | awk '{print $1}')"
+if [[ "$EXPECTED_SHA" != "$ACTUAL_SHA" ]]; then
+  echo "[build_python] SHA mismatch: expected $EXPECTED_SHA got $ACTUAL_SHA" >&2
+  exit 1
+fi
+
+echo "[build_python] extracting"
+mkdir -p "$OUTPUT/python"
+tar -xzf "$TARBALL" -C "$OUTPUT/python" --strip-components=1
+rm "$TARBALL"
+
+PYBIN="$OUTPUT/python/bin/python3"
+"$PYBIN" -m pip install --upgrade pip
+"$PYBIN" -m pip install --no-deps -r "$REPO_ROOT/tinyagentos/requirements.lock"
+
+echo "[build_python] done: $OUTPUT/python/bin/python3"