fix: Harden launch behavior and privacy controls#18
Open
hemp-dev wants to merge 2 commits into
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Make LangSwitch safer while keeping the app minimal and focused on instant Fn/Globe input-source switching.
This keeps Launch at Login opt-in instead of registering the app automatically on launch, removes the Hide Icon path so the app cannot become invisible without a recovery path, and shows the current SMAppService status directly in the menu. It also removes unsafe Carbon input-source force casts/unwraps, compares GitHub release versions numerically instead of lexicographically, and removes the unused file-read entitlement.
The update check remains manual-only from the About window. The README now documents that LangSwitch does not read typed text or clipboard contents, does not include analytics or telemetry, and only monitors modifier-key flagsChanged events.
Reviewers may want to look closely at the AppDelegate menu/login-item flow and the small SemanticVersion parser used by the manual update check.
Local validation note: xcodebuild could not run on this machine because the active developer directory points to Command Line Tools instead of a full Xcode install. A syntax-only Swift parse completed successfully.