fix(ios): read IDEProvisioningTeamByIdentifier#41284
Conversation
Greptile SummaryThis PR fixes Key changes:
The implementation is safe, backward-compatible, and has been manually verified by the author on their local Xcode setup. Confidence Score: 5/5
Last reviewed commit: d62773c |
d62773c to
92f342a
Compare
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 274fe3b86e
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
274fe3b to
58272c3
Compare
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 58272c3a59
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| it("resolves a fallback team ID from Xcode team listings (smoke)", async () => { | ||
| const fallbackResult = runScript(sharedHomeDir, { IOS_PYTHON_BIN: sharedFakePythonPath }); |
There was a problem hiding this comment.
Exercise the real Xcode plist parser in this smoke test
In this test setup IOS_PYTHON_BIN points at sharedFakePythonPath, which is a shell stub that prints canned team rows and ignores the -c '…' program passed by scripts/ios-team-id.sh. That means load_teams_from_xcode_preferences() never executes the new inline Python that parses defaults export / IDEProvisioningTeamByIdentifier, so syntax errors or data-shape regressions in the actual fix still leave this test green. Because this commit’s only behavior change lives in that parser, the test is currently a false positive rather than coverage for the new path.
Useful? React with 👍 / 👎.
58272c3 to
4cbd397
Compare
|
This pull request has been automatically marked as stale due to inactivity. |
|
Thanks for the context here. I did a careful shell check against current Current main already contains the useful iOS signing fix: So I’m closing this older PR as already covered on Review detailsBest possible solution: Keep the current main implementation and open a fresh narrow issue or PR only if a distinct Xcode preference layout still fails there. Do we have a high-confidence way to reproduce the issue? No current-main failure was reproduced. Source and test inspection show current main reads Is this the best way to solve the issue? No, merging this branch is no longer the best way to solve the issue. Current main has a narrower per-key parser plus regression coverage, and the remaining branch diff is an obsolete alternate rewrite of the same helper. Security review: Security review cleared: No concrete security or supply-chain concern found; the diff only changes local Xcode preference parsing and tests. AGENTS.md: found and applied where relevant. What I checked:
Likely related people:
Codex review notes: model internal, reasoning high; reviewed against 6aa83374d90d; fix evidence: commit 6da2d6ac5a0d, main fix timestamp 2026-06-16T04:59:05+02:00. |
4cbd397 to
ce370a2
Compare
|
ClawSweeper PR egg 🔥 Warming up: real-behavior proof passed; findings, security review, or rank-up moves are still in progress. Hatch commandComment Hatchability rules:
What is this egg doing here?
|
|
This pull request has been automatically marked as stale due to inactivity. |
|
Thanks @fetzig for sending this and for documenting the IDEProvisioningTeamByIdentifier case. Clownfish is closing this as superseded by the already-merged canonical fix in #22773: #22773 #22773 covered the Xcode 16+ iOS team-detection path in If this still reproduces on current |
|
Thanks @fetzig for sending this and for documenting the IDEProvisioningTeamByIdentifier case. Clownfish is closing this as already covered by the merged canonical fix in #22773: #22773 #22773 covered the Xcode 16+ iOS team-detection path in If this still reproduces on current |
Summary
scripts/ios-team-id.shonly readIDEProvisioningTeamsand legacy fallbacks. On my local Xcode prefs, the team list is stored underIDEProvisioningTeamByIdentifier, so team lookup failed.scripts/ios-configure-signing.shthen exits withWARN: Unable to detect an Apple Team ID; keeping existing iOS signing override (if any).IDEProvisioningTeamByIdentifierandIDEProvisioningTeams, and add test coverage for the identifier-key layout.Change Type (select all)
Scope (select all touched areas)
Linked Issue/PR
User-visible / Behavior Changes
scripts/ios-team-id.shnow resolves team IDs from Xcode prefs that store teams underIDEProvisioningTeamByIdentifier.scripts/ios-configure-signing.shnow succeeds on that prefs layout instead of warning and leaving signing unchanged.Security Impact (required)
Yes/No) NoYes/No) NoYes/No) NoYes/No) NoYes/No) NoYes, explain risk + mitigation:Repro + Verification
Environment
IOS_PYTHON_BIN=/usr/bin/python3for deterministic local reproSteps
scripts/ios-team-id.shandscripts/ios-configure-signing.shfromHEADto a temp directory and runIOS_PYTHON_BIN=/usr/bin/python3 .../ios-configure-signing.sh.IOS_PYTHON_BIN=/usr/bin/python3 scripts/ios-team-id.shfrom this branch.IOS_PYTHON_BIN=/usr/bin/python3 scripts/ios-configure-signing.shfrom this branch.pnpm exec vitest test/scripts/ios-team-id.test.ts.Expected
Actual
WARN: Unable to detect an Apple Team ID; keeping existing iOS signing override (if any).scripts/ios-team-id.sh:2FD7P95TP8scripts/ios-configure-signing.sh:iOS signing config already up to date: team=2FD7P95TP8 app=ai.openclaw.ios.test.klem-2fd7p95tp8pnpm exec vitest test/scripts/ios-team-id.test.tsEvidence
Attach at least one:
Human Verification (required)
What you personally verified (not just CI), and how:
IDEProvisioningTeamByIdentifierwith valid teams.2FD7P95TP8on the same machine.scripts/ios-configure-signing.shsucceeds with the patched helper.pnpm exec vitest test/scripts/ios-team-id.test.tspasses.append_teamlogic.Review Conversations
Compatibility / Migration
Yes/No) YesYes/No) NoYes/No) NoFailure Recovery (if this breaks)
IOS_DEVELOPMENT_TEAMexplicitly.scripts/ios-team-id.shscripts/ios-team-id.shprints no team ID on a machine whereIDEProvisioningTeamByIdentifieris populated.Risks and Mitigations
append_teamalready de-duplicates by Team ID before selection.