🐛 fix(desktop): pin electron-builder to 26.14.0 to fix broken macOS update signing#15527
Merged
Conversation
…pdate signing electron-builder was floating on `^26.8.1` and the repo commits no lockfile, so each CI build resolved a fresh version. The canary.12 build (2026-06-07) picked up 26.15.0, which regressed macOS .app bundle signing: codesign reports "bundle format is ambiguous (could be app or framework)" and Squirrel.Mac rejects the update during code-signature validation, so the app never quits to install — surfacing as "auto-update does nothing". 26.15.0 introduced the two suspect changes (mac signing rework #9822 and the full app-builder-bin Go→TS replacement #9829). 26.14.0 predates both and does not touch macOS app-bundle signing/layout. Pinning the exact version cascades to app-builder-lib / dmg-builder / builder-util (electron-builder pins those exactly), stopping the toolchain from floating across CI installs. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
Contributor
🚀 Desktop App Build Completed!Version: 📦 Release Download · 📥 Actions Artifacts Build Artifacts
Warning Note: This is a temporary build for testing purposes only. |
Member
Author
|
Confirmed the root cause is upstream and filed it with a minimal, cert-free reproduction:
electron-builder 26.15.0 switched the macOS Once electron-builder ships a fix, we can lift this pin. |
This was referenced Jun 9, 2026
Closed
Closed
Closed
Merged
arvinxx
added a commit
that referenced
this pull request
Jun 10, 2026
# 🚀 LobeHub Release (20260610) **Release Date:** June 10, 2026 **Since v2.2.2:** 131 merged PRs · 13 contributors > This weekly release strengthens agent collaboration across cloud, desktop, CLI, and workspace flows, with steadier runtime behavior and a broader foundation for workspace-scoped data. --- ## ✨ Highlights - **Agent execution across devices** — Unifies per-device working directories, project skill discovery, and sub-agent suspend/resume behavior across server, QStash, and device RPC flows. (#15543, #15566, #15481, #15620, #15591) - **Connector and sandbox platform** — Expands connector permissions, custom OAuth MCP connector onboarding, sandbox provider support, and user-uploaded file sync into cloud sandbox runs. (#15463, #15546, #15184, #15550) - **Desktop and CLI reliability** — Fixes desktop cold-start, auto-update, Windows build, CLI skill discovery, and `lh connect` agent dispatch paths. (#15547, #15525, #15527, #15562, #15632, #15634) - **Pages and sharing** — Refreshes topic sharing, improves Page Editor layout behavior, and routes Page Agent tool execution through the server-side editor path. (#15581, #15556, #15588, #15023, #15610) - **Model availability and provider updates** — Adds user-scoped LobeHub model availability, Claude Fable 5, Qwen thinking preservation, and MiniMax M3 updates. (#15590, #15639, #13494, #15376) --- ## 🏗️ Core Product & Architecture ### Agent Runtime & Heterogeneous Agents - Improves sub-agent lifecycle handling, including async suspend/resume, queue-mode QStash resume delivery, and blocking nested sub-agent calls. (#15481, #15620, #15575) - Stabilizes heterogeneous agent ingestion and streaming with raw stream dumps, per-turn usage, image forwarding on regenerate, and duplicate-text fixes. (#15602, #15577, #15592, #15585) - Adds execution-device and working-directory controls across device RPC, legacy defaults, and remote-spawned Claude Code sessions. (#15543, #15566, #15591, #15572) - Improves runtime diagnostics and compatibility, including Gemini multimodal output capture, abort stream semantics, and trace quality analysis. (#15535, #13677, #15508) --- ## 📱 Platforms, Integrations & UX ### Connectors, Sandbox & Tools - Ships API-level connector tool permissions, custom OAuth MCP connector onboarding, and connector-first runtime execution. (#15463, #15546) - Adds sandbox provider support, cloud sandbox file sync, and safer external URL file input handling with SSRF validation. (#15184, #15550, #12657) - Improves tool visibility and execution with pinned app-fixed tools, ANSI output rendering, gateway-tunneled MCP calls, and automatic headless tool runs. (#15509, #15516, #15469, #15492) ### Desktop, CLI & Web UX - Restores desktop startup and reload behavior, preserves IPC error causes, and keeps the tab bar new-tab action visible across routes. (#15547, #15597, #15638) - Fixes desktop update and build stability for browser quit guards, macOS update signing, and Windows Visual Studio detection. (#15525, #15527, #15562) - Shows the plan-limit upgrade UI on desktop builds. (#15628) - Adds the Agent Run delivery checker and fixes CLI device dispatch plus skill list/search output. (#15489, #15634, #15632) - Refreshes onboarding, auth source preservation, topic UI states, referral/Fable campaign copy, and chat-input control bar behavior. (#15629, #15544, #15573, #15614, #15616, #15617, #15622, #15643) --- ## 🔒 Security, Reliability & Rollout Notes - External URL file input now includes SSRF validation for safer Google file handling. (#12657) - Database workspace-scope migrations are part of this release; self-hosted operators should run the normal migration path before serving the updated app. (#15446, #15465, #15468, #15472) - The release branch was re-cut from `canary` and includes the latest `main` release-version commit so `v2.2.2` is the verified compare base. --- ## 👥 Contributors @ONLY-yours, @sxjeru, @hardy-one, @xujingli, @hezhijie0327, @Coooolfan, @arvinxx, @tjx666, @Innei, @rivertwilight, @rdmclin2, @cy948, @AmAzing129 **Full Changelog**: v2.2.2...release/weekly-20260610-recut-3
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
💡 Description of Change
Desktop auto-update silently fails on macOS: clicking "install update" does nothing and the app never quits/relaunches.
Root cause — a broken build artifact, empirically confirmed. The
canary.12macOS zip, once Squirrel.Mac extracts it during update, fails code-signature validation:This is
errSecCSBadBundleFormat— the extracted.appis structurally malformed, so macOS rejects the swap and the install aborts before the app quits.Why it started ~2 days ago.
electron-builderwas floating on^26.8.1and the repo commits no lockfile, so each CI build resolves a fresh version. Thecanary.12build (2026-06-07) picked up 26.15.0, which switched the macOS zip packaging to 7zip (part of the app-builder-bin Go→TS migration, #9829). 7zip does not preserve the symlink farm of.frameworkbundles, so after extractionElectron Framework.frameworkhas an ambiguous layout.🔬 Local reproduction (same code, same Electron 41.3.0, only electron-builder version swapped)
--dirbundle (assembly)7zip-darwin-arm64)dittocodesign --deep --sign -bundle format is ambiguous … Electron Framework.frameworkcodesign --verify --deep --strictThe
--dirbundle is fine for both; only the zip round-trip (the path auto-update uses) breaks under 26.15.0. The 2.3× zip bloat corroborates symlinks being dereferenced instead of preserved.26.15.1(latest) does not fix it — its only mac-touching PR (#9838) is pure lint/refactor; the zip change is untouched. So "pull latest" is not a fix.✅ Fix
Pin
electron-builderto exact26.14.0— the last release before the 7zip mac-zip regression, confirmed above to produce a valid, re-extractable bundle. The exact pin cascades toapp-builder-lib/dmg-builder/builder-util(electron-builder pins those exactly), so the toolchain stops floating across CI installs.✅ Change Type
fix: A bug fix🧪 How to Test
*-mac.zipand runcodesign --verify --deep --strict <LobeHub.app>→ exit 0 (26.15.0 yields "bundle format is ambiguous").codesign --verify --deep --stricton the extracted zip so a broken bundle can never ship silently again.🤖 Generated with Claude Code