wx-cli

History

jakevin 12740afb53 docs(macos): document codesign side-effect popup (#64 ) * docs(macos): document codesign side-effect popup ("微信" 想访问其他 App 的数据) After `codesign --force --deep --sign - /Applications/WeChat.app`, macOS treats the re-signed WeChat as a different code identity from the original. When WeChat then accesses its own container / cache / app-group data (notably triggered when opening 公众号 articles), macOS fires the "'微信' 想访问其他 App 的数据" popup. This is a known side-effect of the current macOS invasive init path, not a "wx-cli is reading other apps' data" issue and not a 公众号-only problem — 公众号 is just a high-frequency trigger surface because of WebView / cache access. Document this in 3 places per agreed scope: - README.md macOS init: add "副作用提示" callout linking to the guide - docs/macos-permission-guide.md: new §六 with first-principles explanation, mitigation options, and long-term direction - src/cli/init.rs: print a short macOS-only warning at the end of `wx init` so users see it right when they finish the invasive setup * review: stop overstating the trade-off and condition the init warning Per codex review on PR #64: 1. src/cli/init.rs warning was unconditional but the wording presumed the user had taken the ad-hoc re-sign path. If init goes through the tier 2 path (Apple-signed WeChat + GUI Terminal + Developer Tools TCC authorization), the warning would mis-fire. Reword conditionally and point to the GitHub URL of the doc instead of a relative path that release-binary / npm-installed users won't have on disk. 2. docs/macos-permission-guide.md §六 and the matching README callout said "restoring official WeChat = giving up macOS memory-scan". This contradicts the same guide's §一实测表 which shows "Apple 签名 + 本机 Terminal sudo = ✅". Restoring the official signature only gives up the default re-sign path; the local-Terminal + Developer-Tools route still works on Apple-signed WeChat. Only SSH + Apple-signed WeChat actually requires re-signing. * review (round 2): caveat empirical gap + drop emoji Self-review found two issues both LGTMs missed: 1. The "tier 2 仍走通" claim (README + §六) leans on §一实测表 row "Apple 签名 + 本机 Terminal sudo = ✅". But that data only covers macOS 10.15 (Catalina) and 11.1 (Big Sur). macOS 14/15 — the exact versions where the popup behavior originates — were never tested for that path in this project. Add an explicit caveat instead of silently extrapolating across major macOS versions. 2. `init.rs` warning used a ⚠️ emoji prefix, which violates the project + global "no emojis in files unless requested" rule. README and the rest of init.rs have no emoji. Replace with `[macOS]`.	2026-05-15 15:47:15 +08:00
..
macos-3x-vs-4x-decryption-guide.md	fix: replace nonexistent scan_keys.js with actual tools in quickstart	2026-03-05 23:26:55 +08:00
macos-permission-guide.md	docs(macos): document codesign side-effect popup (#64 )	2026-05-15 15:47:15 +08:00

docs(macos): document codesign side-effect popup (#64 )

* docs(macos): document codesign side-effect popup ("微信" 想访问其他 App 的数据)

After `codesign --force --deep --sign - /Applications/WeChat.app`, macOS
treats the re-signed WeChat as a different code identity from the
original. When WeChat then accesses its own container / cache / app-group
data (notably triggered when opening 公众号 articles), macOS fires the
"'微信' 想访问其他 App 的数据" popup.

This is a known side-effect of the current macOS invasive init path,
not a "wx-cli is reading other apps' data" issue and not a 公众号-only
problem — 公众号 is just a high-frequency trigger surface because of
WebView / cache access.

Document this in 3 places per agreed scope:
- README.md macOS init: add "副作用提示" callout linking to the guide
- docs/macos-permission-guide.md: new §六 with first-principles
  explanation, mitigation options, and long-term direction
- src/cli/init.rs: print a short macOS-only warning at the end of
  `wx init` so users see it right when they finish the invasive setup

* review: stop overstating the trade-off and condition the init warning

Per codex review on PR #64:

1. src/cli/init.rs warning was unconditional but the wording presumed
   the user had taken the ad-hoc re-sign path. If init goes through the
   tier 2 path (Apple-signed WeChat + GUI Terminal + Developer Tools TCC
   authorization), the warning would mis-fire. Reword conditionally and
   point to the GitHub URL of the doc instead of a relative path that
   release-binary / npm-installed users won't have on disk.

2. docs/macos-permission-guide.md §六 and the matching README callout
   said "restoring official WeChat = giving up macOS memory-scan". This
   contradicts the same guide's §一 实测表 which shows
   "Apple 签名 + 本机 Terminal sudo = ✅". Restoring the official
   signature only gives up the default re-sign path; the local-Terminal
   + Developer-Tools route still works on Apple-signed WeChat. Only
   SSH + Apple-signed WeChat actually requires re-signing.

* review (round 2): caveat empirical gap + drop emoji

Self-review found two issues both LGTMs missed:

1. The "tier 2 仍走通" claim (README + §六) leans on §一 实测表 row
   "Apple 签名 + 本机 Terminal sudo = ✅". But that data only covers
   macOS 10.15 (Catalina) and 11.1 (Big Sur). macOS 14/15 — the exact
   versions where the popup behavior originates — were never tested
   for that path in this project. Add an explicit caveat instead of
   silently extrapolating across major macOS versions.

2. `init.rs` warning used a ⚠️ emoji prefix, which violates the
   project + global "no emojis in files unless requested" rule. README
   and the rest of init.rs have no emoji. Replace with `[macOS]`.

2026-05-15 15:47:15 +08:00

macos-3x-vs-4x-decryption-guide.md

fix: replace nonexistent scan_keys.js with actual tools in quickstart

2026-03-05 23:26:55 +08:00

macos-permission-guide.md

docs(macos): document codesign side-effect popup (#64 )

2026-05-15 15:47:15 +08:00