A swapped or tampered .a / .lib / .dylib file is currently undetectable — Perry resolves the path and links whatever's there. Same model as package-lock.json's integrity field would close this.
Mechanism
When resolving a perry.nativeLibrary archive, compute SHA-256 and write to perry.lock (or extend the existing lockfile if one already exists). On subsequent builds, verify; mismatch fails with:
archive for X changed since last accepted; review and run \perry lock --update X` if intentional.`
Zero runtime cost (compile-time hash check on resolved archive).
Acceptance
Part of the supply-chain hardening series. Host-app-controlled (lockfile lives in host repo). Zero runtime cost.
A swapped or tampered
.a/.lib/.dylibfile is currently undetectable — Perry resolves the path and links whatever's there. Same model aspackage-lock.json'sintegrityfield would close this.Mechanism
When resolving a
perry.nativeLibraryarchive, compute SHA-256 and write toperry.lock(or extend the existing lockfile if one already exists). On subsequent builds, verify; mismatch fails with:Zero runtime cost (compile-time hash check on resolved archive).
Acceptance
perry.lockperry lock --update <pkg>to deliberately bumpperry lock --frozenmode for verification-onlyPart of the supply-chain hardening series. Host-app-controlled (lockfile lives in host repo). Zero runtime cost.