Skip to content

docs(pointer): align runbook evidence binding#70

Merged
rogu3bear merged 1 commit into
mainfrom
docs/release-runbook-artifact-bound-evidence
May 12, 2026
Merged

docs(pointer): align runbook evidence binding#70
rogu3bear merged 1 commit into
mainfrom
docs/release-runbook-artifact-bound-evidence

Conversation

@rogu3bear

Copy link
Copy Markdown
Owner

Summary

  • align the macOS release runbook and NORTH_STAR with the current manual-release-evidence verifier
  • document that evidence is bound to release tag, DMG filename, DMG SHA-256, mounted app identity, app version, app build, and executable SHA-256
  • keep this tranche focused on the original macOS app release path; no website surface added

Verification

  • swift test --package-path apps/macos --filter IdentityTests/testReleaseRunbookDrivesEndToEndReadinessWithoutClaimingAvailability
  • swift test --package-path apps/macos --filter IdentityTests/testNorthStarDefinesProductionReadinessBar
  • swift test --package-path apps/macos --filter IdentityTests/testNorthStarAuditGateBuildsPromptToArtifactChecklist
  • ./scripts/check-monorepo-references.sh
  • ./scripts/check-website-boundary.sh
  • ./scripts/check-distribution-boundary.sh
  • ./scripts/check-compatibility-boundary.sh
  • ./scripts/check-local-first.sh
  • ./scripts/check-app-ui-contract.sh
  • git diff --check
  • swift test --package-path apps/macos

Remaining release blockers

  • no Keychain notarytool profile named notarization
  • DMG/app are not notarized/stapled yet; Gatekeeper still rejects the local release artifact
  • no stable public release metadata matching app version and DMG digest
  • real manual release evidence cannot be completed until those authority blockers are resolved

@rogu3bear rogu3bear merged commit 91f14f5 into main May 12, 2026
3 checks passed
@rogu3bear rogu3bear deleted the docs/release-runbook-artifact-bound-evidence branch May 12, 2026 14:31
@kilo-code-bot

kilo-code-bot Bot commented May 12, 2026

Copy link
Copy Markdown

Code Review Summary

Status: 1 Issue Found | Recommendation: Address before merge

Overview

Severity Count
CRITICAL 0
WARNING 1
SUGGESTION 0
Issue Details (click to expand)

WARNING

File Line Issue
apps/macos/RELEASE_RUNBOOK.md 96 Inconsistent terminology - "mounted app bundle ID" should be "mounted app identity" to match the addition above and NORTH_STAR.md
Other Observations (not in diff)

Issues found in unchanged code that cannot receive inline comments:

File Line Issue
Files Reviewed (3 files)
  • NORTH_STAR.md - 0 issues
  • apps/macos/RELEASE_RUNBOOK.md - 1 issue
  • apps/macos/Tests/PointerDesignerTests/IdentityTests.swift - 0 issues

Reviewed by grok-code-fast-1:optimized:free · 101,420 tokens

The evidence check compares the recorded commit and DMG SHA-256 to the local
artifact under assessment.
The evidence check compares the recorded commit, release tag, DMG filename,
DMG SHA-256, mounted app bundle ID, app version, app build, and executable

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

WARNING: Inconsistent terminology - "mounted app bundle ID" should be "mounted app identity" to match the addition above and NORTH_STAR.md

Suggested change
DMG SHA-256, mounted app bundle ID, app version, app build, and executable
DMG SHA-256, mounted app identity, app version, app build, and executable

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant