Skip to content

Vifty 1.3.2

Latest

Choose a tag to compare

@github-actions github-actions released this 13 Jul 21:26
6a771c2

Vifty 1.3.2 Release Checklist

This checklist is prepended to the GitHub Release notes and uploaded as a release asset. It distinguishes the checks completed by the release workflow from the follow-up checks that must happen after publication.

Verified By The Release Workflow

  • Release tag v1.3.2 matched Resources/Info.plist.
  • Release metadata matched the Homebrew cask version, artifact name, SHA shape, helper cleanup path, TeamID wiring, notarization gates, verifier checks, and publication assets.
  • Required Developer ID and notarization secret names were present in GitHub Actions.
  • Swift tests passed on the release runner.
  • Vifty.app was built with the configured Developer ID signing identity and VIFTY_XPC_ALLOWED_TEAM_ID.
  • Bundle plist files, signing TeamID, viftyctl signing identifier, and bundled LaunchDaemon TeamID allowlist were verified.
  • Apple notarization completed, the ticket was stapled, stapling was validated, and Gatekeeper assessment passed.
  • Vifty-v1.3.2.zip and Vifty-v1.3.2.zip.sha256 were generated.
  • scripts/verify-release-artifact.sh passed before publication and wrote Vifty-v1.3.2-artifact-summary.json.

Required Post-Publication Follow-Up

  • Update Casks/vifty.rb with the published Vifty-v1.3.2.zip.sha256 using scripts/update-cask-checksum.sh --version 1.3.2.
  • Run scripts/verify-release-artifact.sh --team-id "$APPLE_TEAM_ID" against the public cask artifact after the checksum update.
  • Collect a release-mode evidence bundle with scripts/collect-validation-evidence.sh --release-summary ./Vifty-v1.3.2-artifact-summary.json --release-checklist ./Vifty-v1.3.2-release-checklist.md.
  • Review that bundle with make validation-evidence-review VALIDATION_EVIDENCE_BUNDLE=<evidence-dir> VALIDATION_EVIDENCE_REVIEW_MODE=release VALIDATION_EVIDENCE_REVIEW_SUMMARY=<evidence-dir>/review-result.json.
  • Update docs/release-status.md after the signed artifact, checksum, verifier summary, and cask SHA are aligned.
  • Keep compatibility claims gated on reviewed hardware reports with manualSmokeTestResult: "passed-auto-restored".

Until the post-publication checks pass, do not describe the Homebrew path as a fully trusted public binary install.

What's Changed

Full Changelog: v1.3.1...v1.3.2