Skip to content

Port select upstream SideStore fixes (.ipa import, icon polish, cert-mismatch refresh guard)#55

Merged
The-Big-Mini merged 6 commits into
developfrom
ClaudeCode
Jul 2, 2026
Merged

Port select upstream SideStore fixes (.ipa import, icon polish, cert-mismatch refresh guard)#55
The-Big-Mini merged 6 commits into
developfrom
ClaudeCode

Conversation

@The-Big-Mini

Copy link
Copy Markdown
Owner

Summary

Reviewed all 163 upstream The-Big-Mini/SideStore@develop commits since the 2026-03-19 fork point and ported the ones that apply cleanly to MiniStore. MiniStore shares no git ancestry with SideStore (it was seeded from the tree, not GitHub-forked), so nothing was cherry-picked — each change was ported by hand and verified against current code. Full triage recorded in .claude/sidestore-delta.md.

Type of change

  • Bug fix — resolves incorrect behavior without changing existing APIs
  • Feature — adds new functionality
  • UI / UX — visual or interaction changes

Changes

  • Robust shared .ipa import (upstream f6858c10) — opening a shared .ipa posted the import notification with the original security-scoped URL, which the OS can revoke once the open callback returns (later signing could fail to read it); on a cold launch the notification was posted before any observer was registered and was dropped. Now the file is copied into a temp directory we own and, on cold launch, held until the scene/app is active. AppDelegate.swift + SceneDelegate.swift. Adapted to Logger.main + temporaryDirectory/UUID.
  • Alpha app-icon polish (upstream bee0a371, 50e302e4) — AppIconImageView gives icons with an alpha channel a subtle drop shadow and a contrasting backdrop chosen from the icon's average luminance; opaque icons render unchanged. Used by the banner and Browse.
  • Cert-serial-mismatch refresh guard (upstream 068d9067) — when the active signing cert serial differs from the serial an app was last signed with (e.g. after revocation/rotation), a provision-only refresh leaves the app unlaunchable. AppManager._refresh now fails fast with a clear reinstall message; skipped when either serial is unknown. Device-critical — verify on device before merge.
  • Docs.claude/sidestore-delta.md gains an upstream-review log (ported / already-present / skipped-with-reasons) so the sift isn't repeated.

Verified already present in MiniStore and intentionally not re-applied: keychain clearing the signing cert on logout (d90f1535), custom bundle-ID on extensions (0418ac09), widget intent files (682a7972), pairing-file error surfacing (e15ebf50). Skipped as non-portable/too risky: cert-revocation UI (56812a9d, deleted storyboard/VC + submodule), ldid bump (9eab3fca, submodule), error-prop refactor (a27e896a), Shortcuts Install-IPA (1a29d54f, headless-install plumbing in the diverged _install), AltSign/Roxas Swift ports, VPN-config commits, and UIKit feature work that MiniStore rewrote in SwiftUI (would be reimplementation, not a port).

Testing

  • Not built/run here (no macOS/Xcode); CI Build and upload MiniStore is the compile check. All ports reuse existing MiniStore symbols (verified: OperationError.refreshAppFailed, InstalledApp.certificateSerialNumber, Keychain.shared.signingCertificateSerialNumber, context.certificate, AppIconImageView usage).
  • The cert-mismatch guard touches the refresh/sign path — please device-test (normal refresh still succeeds; refresh after a cert change shows the reinstall message).

Checklist

  • This branch targets develop (never main)
  • I read the full file(s) before editing and followed the conventions in CLAUDE.md
  • The project builds and existing behavior is preserved
  • UI changes were checked on a device or simulator
  • No secrets, signing identities, or personal data are included in this change

🤖 Generated with Claude Code


Generated by Claude Code

…nch defer)

Ported from upstream SideStore (f6858c10). Opening a shared .ipa (from Files,
another app, AirDrop) posted the import notification with the original
security-scoped URL. The OS can revoke that scoped access once the open
callback returns, so signing could later fail to read the file; and on a cold
launch the notification was posted before any observer was registered, so the
import was silently dropped.

Copy the .ipa into a temporary directory we own (readable through signing),
and on cold launch stash it until the scene/app becomes active, then post.
Adapted to MiniStore conventions (Logger.main instead of print; temporaryDirectory
+ UUID instead of the upstream uniqueTemporaryURL helper).

https://claude.ai/code/session_01PT8zpkUrgTRaGeKmbvVyNe
Ported from upstream SideStore (bee0a371, 50e302e4). Sideloaded app icons
frequently include an alpha channel (unlike App Store icons), so transparent
edges blended into the banner. AppIconImageView now gives alpha icons a subtle
drop shadow and a contrasting backdrop chosen from the icon's average
luminance; opaque icons render unchanged. Used by AppBannerView and Browse.

https://claude.ai/code/session_01PT8zpkUrgTRaGeKmbvVyNe
Ported from upstream SideStore (068d9067). When the active signing certificate
(from auth, or the stored signing-cert serial) differs from the serial an app
was last signed with — e.g. after the cert was revoked or rotated — a
provision-only refresh re-provisions but does not re-sign, leaving the app
unlaunchable. Guard _refresh: if both serials are known and differ, fail early
with a clear 'reinstall to re-sign' message instead. Skipped when either serial
is unknown, so older installs aren't falsely blocked. Message localized per
MiniStore convention.

Device-critical (refresh/sign path) — verify on device before merge.

https://claude.ai/code/session_01PT8zpkUrgTRaGeKmbvVyNe
Record which of the 163 upstream commits since the fork were ported, already
present, or deliberately skipped, so future sessions don't re-evaluate them.

https://claude.ai/code/session_01PT8zpkUrgTRaGeKmbvVyNe
github-actions Bot added a commit that referenced this pull request Jul 1, 2026
@github-actions

github-actions Bot commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

Download the artifacts for this pull request (nightly.link):

@github-actions

github-actions Bot commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

Builds for this Pull Request are available at
MiniStore-0.6.5-pr.55.92b65db-dSYMs
MiniStore-0.6.5-pr.55.92b65db
build-logs-0.6.5-pr.55.92b65db
Have a nice day.

Ported from upstream SideStore (75dccdfc). Upstream's screen was already
SwiftUI; rewritten for MiniStore's Swift 6.2 strict concurrency (async/await +
@observable instead of GCD/ObservableObject; a Sendable CacheService does the
on-disk sizing off the main actor) and conventions (MiniStore brand,
NSLocalizedString, SettingsHostingController hosting, OLED-friendly list).

Lists cached internal app bundles and exported resigned apps with their sizes,
and lets the user export/share or delete individual entries (more granular than
the existing Clear Cache, which wipes everything). Reached from Tech Things.
Files auto-compile via the target's synchronized folder group.

https://claude.ai/code/session_01PT8zpkUrgTRaGeKmbvVyNe
…work

Cache Management ported (SwiftUI); AppIDs deletion + certs-management blocked
by missing AltSign/Apple APIs; error-prop refactor N/A to the diverged _refresh;
Shortcuts Install-IPA still gated on the _install install-path divergence.

https://claude.ai/code/session_01PT8zpkUrgTRaGeKmbvVyNe
github-actions Bot added a commit that referenced this pull request Jul 1, 2026
@github-actions

github-actions Bot commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

Builds for this Pull Request are available at
MiniStore-0.6.5-pr.55.1e07f91-dSYMs
MiniStore-0.6.5-pr.55.1e07f91
build-logs-0.6.5-pr.55.1e07f91
Have a nice day.

@The-Big-Mini The-Big-Mini merged commit 394141d into develop Jul 2, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant