Conversation
waruqi
commented
Sep 19, 2025
- Before adding new features and new modules, please go to issues to submit the relevant feature description first.
- Write good commit messages and use the same coding conventions as the rest of the project.
- Please commit code to dev branch and we will merge into master branch in feature
- Ensure your edited codes with four spaces instead of TAB.
- 增加新特性和新模块之前,请先到issues提交相关特性说明,经过讨论评估确认后,再进行相应的代码提交,避免做无用工作。
- 编写友好可读的提交信息,并使用与工程代码相同的代码规范,代码请用4个空格字符代替tab缩进。
- 请提交代码到dev分支,如果通过,我们会在特定时间合并到master分支上。
- 为了规范化提交日志的格式,commit消息,不要用中文,请用英文描述。
Summary of ChangesHello @waruqi, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request significantly refactors and optimizes the codesigning mechanism within the Xmake build system, specifically for Xcode projects. By centralizing the detection and management of codesign identities and mobile provisions into a dedicated module, the changes enhance the modularity and maintainability of the codebase. This ensures a more consistent and streamlined approach to codesigning across different build targets and platforms. Highlights
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
There was a problem hiding this comment.
Code Review
This pull request refactors the code signing logic by centralizing it into the private/tools/codesign.lua module. This is a good architectural improvement. The changes propagate through various rules and toolchain files to use the new centralized functions. My review has identified a critical bug in xmake/rules/xcode/application/build.lua related to variable scope that would break code signing for iOS apps. I have also included a medium-severity suggestion to reduce code duplication in the new functions for better maintainability.
| if target:is_plat("iphoneos") then | ||
| local mobile_provision = target:values("xcode.mobile_provision") or codesign.xcode_mobile_provision() | ||
| if mobile_provision then | ||
| os.tryrm(mobile_provision_embedded) | ||
| local provisions = codesign.mobile_provisions() | ||
| if provisions then | ||
| local mobile_provision_data = provisions[mobile_provision] | ||
| if mobile_provision_data then | ||
| io.writefile(mobile_provision_embedded, mobile_provision_data) | ||
| end | ||
| end | ||
| end | ||
| end |
There was a problem hiding this comment.
The mobile_provision variable is declared within the if target:is_plat("iphoneos") then block, making it local to that block. Consequently, when codesign is called later, mobile_provision is nil because it's out of scope. This will cause code signing to fail for iphoneos builds as they won't have the necessary mobile provision entitlements.
To fix this, declare mobile_provision before the if block so it's available in the outer scope.
local mobile_provision
if target:is_plat("iphoneos") then
mobile_provision = target:values("xcode.mobile_provision") or codesign.xcode_mobile_provision()
if mobile_provision then
os.tryrm(mobile_provision_embedded)
local provisions = codesign.mobile_provisions()
if provisions then
local mobile_provision_data = provisions[mobile_provision]
if mobile_provision_data then
io.writefile(mobile_provision_embedded, mobile_provision_data)
end
end
end
end
| function xcode_codesign_identity() | ||
| local codesign_identity = config.get("xcode_codesign_identity") | ||
| if codesign_identity == nil then -- we will disable codesign_identity if be false | ||
| codesign_identity = global.get("xcode_codesign_identity") | ||
| end | ||
| if codesign_identity == nil then | ||
| local identities = codesign_identities() | ||
| if identities then | ||
| for identity, _ in pairs(identities) do | ||
| codesign_identity = identity | ||
| break | ||
| end | ||
| end | ||
| end | ||
| return codesign_identity | ||
| end | ||
|
|
||
| -- get the current mobile provision of xcode | ||
| function xcode_mobile_provision() | ||
| local mobile_provision = config.get("xcode_mobile_provision") | ||
| if mobile_provision == nil then -- we will disable mobile_provision if be false | ||
| mobile_provision = global.get("xcode_mobile_provision") | ||
| end | ||
|
|
||
| local provisions = mobile_provisions() | ||
| if provisions then | ||
| if mobile_provision == nil then | ||
| for provision, _ in pairs(provisions) do | ||
| mobile_provision = provision | ||
| break | ||
| end | ||
| -- valid mobile provision not found? reset it | ||
| elseif not provisions[mobile_provision] then | ||
| mobile_provision = nil | ||
| end | ||
| end | ||
| return mobile_provision | ||
| end |
There was a problem hiding this comment.
There is duplicated logic for fetching configuration values from config and then global in both xcode_codesign_identity and xcode_mobile_provision functions. To improve maintainability and reduce code duplication, you could extract this logic into a helper function.
local function _get_xcode_config(key)
local value = config.get(key)
if value == nil then
value = global.get(key)
end
return value
end
-- get the current codesign identity of xcode
function xcode_codesign_identity()
local codesign_identity = _get_xcode_config("xcode_codesign_identity")
if codesign_identity == nil then
local identities = codesign_identities()
if identities then
for identity, _ in pairs(identities) do
codesign_identity = identity
break
end
end
end
return codesign_identity
end
-- get the current mobile provision of xcode
function xcode_mobile_provision()
local mobile_provision = _get_xcode_config("xcode_mobile_provision")
local provisions = mobile_provisions()
if provisions then
if mobile_provision == nil then
for provision, _ in pairs(provisions) do
mobile_provision = provision
break
end
-- valid mobile provision not found? reset it
elseif not provisions[mobile_provision] then
mobile_provision = nil
end
end
return mobile_provision
end