phantom/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2025-01-09 11:27:28 -03:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge bitcoin/bitcoin#30287: macOS: rewrite some docs & swap mmacosx-version-min for mmacos-version-min

Browse source 
7c298fe0df doc: rewrite some of the macdeploy docs (fanquake)
d042230f7a depends: swap mmacosx-version-min for mmacos-version-min (fanquake)

Pull request description:

  Whilst `-mmacosx-version-min` and `-mmacos-version-min` remain aliases for each other, the later is preferred,
  and I assume the former will be removed at some point in the future; see: https://github.com/llvm/llvm-project/pull/95374.

  Somewhat of a followup to #21778. Rewrite some of the mac deploy docs.

ACKs for top commit:
  theuni:
    utACK 7c298fe0df
  TheCharlatan:
    ACK 7c298fe0df
  hebasto:
    ACK 7c298fe0df.

Tree-SHA512: 6493f087fde93e0eec319af0e105d163b3f047d8a03f7d4b0d6cd7c64b58d0a978b7d67c6b8dba5c6ccf8b10e188aab5dc98eec400b0546dc9ee801a689b4332
This commit is contained in:
merge-script 2024-06-18 10:55:46 +01:00
commit 9c5cdf07f3
No known key found for this signature in database
GPG key ID: 2EEB9F5CC09526C1
2 changed files with 15 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

34
contrib/macdeploy/README.md
View file

@ -56,30 +56,22 @@ The `sha256sum` should be `c0c2e7bb92c1fee0c4e9f3a485e4530786732d6c6dd9e9f418c28
## Deterministic macOS App Notes ## Deterministic macOS App Notes
macOS Applications are created in Linux using a recent LLVM. macOS Applications are created on Linux using a recent LLVM.
Apple uses `clang` extensively for development and has upstreamed the necessary All builds must target an Apple SDK. These SDKs are free to download, but not redistributable.
functionality so that a vanilla clang can take advantage. It supports the use of `-F`, See the SDK Extraction notes above for how to obtain it.
`-target`, `-mmacosx-version-min`, and `-isysroot`, which are all necessary when
building for macOS.
To complicate things further, all builds must target an Apple SDK. These SDKs are free to The Guix build process has been designed to avoid including the SDK's files in Guix's outputs.
download, but not redistributable. See the SDK Extraction notes above for how to obtain it. All interim tarballs are fully deterministic and may be freely redistributed.
The Guix process builds 2 sets of files: Linux tools, then Apple binaries which are Using an Apple-blessed key to sign binaries is a requirement to produce (distributable) macOS
created using these tools. The build process has been designed to avoid including the binaries. Because this private key cannot be shared, we'll have to be a bit creative in order
SDK's files in Guix's outputs. All interim tarballs are fully deterministic and may be freely for the build process to remain somewhat deterministic. Here's how it works:
redistributed.
As of OS X 10.9 Mavericks, using an Apple-blessed key to sign binaries is a requirement in
order to satisfy the new Gatekeeper requirements. Because this private key cannot be
shared, we'll have to be a bit creative in order for the build process to remain somewhat
deterministic. Here's how it works:
- Builders use Guix to create an unsigned release. This outputs an unsigned ZIP which - Builders use Guix to create an unsigned release. This outputs an unsigned ZIP which
users may choose to bless and run. It also outputs an unsigned app structure in the form users may choose to bless, self-codesign, and run. It also outputs an unsigned app structure
of a tarball. in the form of a tarball.
- The Apple keyholder uses this unsigned app to create a detached signature, using the - The Apple keyholder uses this unsigned app to create a detached signature, using the
script that is also included there. Detached signatures are available from this [repository](https://github.com/bitcoin-core/bitcoin-detached-sigs). included script. Detached signatures are available from this [repository](https://github.com/bitcoin-core/bitcoin-detached-sigs).
- Builders feed the unsigned app + detached signature back into Guix. It uses the - Builders feed the unsigned app + detached signature back into Guix, which combines the
pre-built tools to recombine the pieces into a deterministic ZIP. pieces into a deterministic ZIP.

4
depends/hosts/darwin.mk
View file

@ -65,8 +65,8 @@ darwin_CXX=env -u C_INCLUDE_PATH -u CPLUS_INCLUDE_PATH \
-iwithsysroot/usr/include/c++/v1 \ -iwithsysroot/usr/include/c++/v1 \
-iwithsysroot/usr/include -iframeworkwithsysroot/System/Library/Frameworks -iwithsysroot/usr/include -iframeworkwithsysroot/System/Library/Frameworks
darwin_CFLAGS=-pipe -std=$(C_STANDARD) -mmacosx-version-min=$(OSX_MIN_VERSION) darwin_CFLAGS=-pipe -std=$(C_STANDARD) -mmacos-version-min=$(OSX_MIN_VERSION)
darwin_CXXFLAGS=-pipe -std=$(CXX_STANDARD) -mmacosx-version-min=$(OSX_MIN_VERSION) darwin_CXXFLAGS=-pipe -std=$(CXX_STANDARD) -mmacos-version-min=$(OSX_MIN_VERSION)
darwin_LDFLAGS=-Wl,-platform_version,macos,$(OSX_MIN_VERSION),$(OSX_SDK_VERSION) darwin_LDFLAGS=-Wl,-platform_version,macos,$(OSX_MIN_VERSION),$(OSX_SDK_VERSION)
ifneq ($(build_os),darwin) ifneq ($(build_os),darwin)