feat: add GitHub icon next to CTA buttons for increased trust (TOU-1)#17
feat: add GitHub icon next to CTA buttons for increased trust (TOU-1)#17ProduktEntdecker wants to merge 3 commits intomainfrom
Conversation
- Added GitHub icon beside both hero and final CTA buttons - Icon links directly to the GitHub repository - Includes hover effects for better UX - Increases trust by showing code transparency 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
WalkthroughAdds GitHub CTAs and analytics to the landing CTAs, multiple new marketing pages and docs (handover, SEO article, backup pages), an App Store entitlements plist, and a build script to produce/sign an App Store build; no public API code changes. Changes
Sequence Diagram(s)sequenceDiagram
participant User
participant Browser
participant Analytics as AnalyticsService
participant Destination
Note over User,Browser: Landing CTA group (Gumroad + GitHub)
User->>Browser: Click Gumroad CTA
Browser->>Analytics: sendEvent("Gumroad CTA Click")
Browser->>Destination: navigate(Gumroad URL)
alt Click GitHub CTA
User->>Browser: Click GitHub CTA
Browser->>Analytics: sendEvent("GitHub Icon Click")
Browser->>Destination: navigate(https://github.com/ProduktEntdecker/touchbarfix)
end
Estimated code review effort🎯 4 (Complex) | ⏱️ ~45 minutes Possibly related PRs
Pre-merge checks and finishing touches✅ Passed checks (3 passed)
✨ Finishing touches
🧪 Generate unit tests
Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 0
🧹 Nitpick comments (2)
index.html (2)
145-152: Add accessible name + keyboard focus styles; track clicks.The GitHub icon link is only an SVG (no text). Title isn’t sufficient for screen readers. Add an accessible name, hide the SVG from AT, add focus-visible styles, and (optional) track clicks with Plausible like the Gumroad CTA.
- <a href="https://github.com/ProduktEntdecker/touchbarfix" - target="_blank" rel="noopener noreferrer" - class="bg-gray-800 text-white p-4 rounded-lg transition-all hover:bg-gray-700 hover:transform hover:scale-105" - title="View source code on GitHub"> - <svg class="w-6 h-6" fill="currentColor" viewBox="0 0 24 24"> + <a href="https://github.com/ProduktEntdecker/touchbarfix" + target="_blank" rel="noopener noreferrer" + onclick="plausible('GitHub Icon Click', {props: {placement: 'hero'}})" + aria-label="View source code on GitHub (opens in new tab)" + class="bg-gray-800 text-white p-4 rounded-lg transition-all hover:bg-gray-700 hover:scale-105 focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-gray-900" + title="View source code on GitHub"> + <svg class="w-6 h-6" fill="currentColor" viewBox="0 0 24 24" aria-hidden="true" focusable="false">
364-371: Mirror a11y/focus/analytics for the final CTA GitHub icon.Same improvements as the hero: accessible name, hide SVG from AT, focus-visible styles suitable for dark bg, and optional Plausible event.
- <a href="https://github.com/ProduktEntdecker/touchbarfix" - target="_blank" rel="noopener noreferrer" - class="bg-gray-800 text-white p-4 rounded-lg transition-all hover:bg-gray-700 hover:transform hover:scale-105" - title="View source code on GitHub"> - <svg class="w-6 h-6" fill="currentColor" viewBox="0 0 24 24"> + <a href="https://github.com/ProduktEntdecker/touchbarfix" + target="_blank" rel="noopener noreferrer" + onclick="plausible('GitHub Icon Click', {props: {placement: 'final_cta'}})" + aria-label="View source code on GitHub (opens in new tab)" + class="bg-gray-800 text-white p-4 rounded-lg transition-all hover:bg-gray-700 hover:scale-105 focus-visible:outline-none focus-visible:ring-2 focus-visible:ring-white" + title="View source code on GitHub"> + <svg class="w-6 h-6" fill="currentColor" viewBox="0 0 24 24" aria-hidden="true" focusable="false">
📜 Review details
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
index.html(2 hunks)
🧰 Additional context used
📓 Path-based instructions (2)
index.html
📄 CodeRabbit inference engine (CLAUDE.md)
index.html: Maintain a single landing page at the repository root (index.html)
Use canonical URLs and current branding on the landing page (touchbarfix.com, correct GitHub repo, no legacy URLs)
Files:
index.html
**/index.html
📄 CodeRabbit inference engine (CLAUDE.md)
Do not create multiple index.html files in different directories
Files:
index.html
🧠 Learnings (3)
📓 Common learnings
Learnt from: CR
PR: ProduktEntdecker/touchbarfix#0
File: CLAUDE.md:0-0
Timestamp: 2025-09-04T15:08:42.351Z
Learning: Applies to index.html : Use canonical URLs and current branding on the landing page (touchbarfix.com, correct GitHub repo, no legacy URLs)
Learnt from: ProduktEntdecker
PR: ProduktEntdecker/austria-hospitality-leads#0
File: :0-0
Timestamp: 2025-09-11T20:36:56.266Z
Learning: ProduktEntdecker implemented a sophisticated data quality validation system that identifies extraction failures through signature patterns (genuineSupplierScore: 13, seoQualityScore: 12 indicates failed data extraction). The system also filters hotels (customers not suppliers) and ensures Austrian legal compliance by requiring valid contact information in business Impressum.
Learnt from: ProduktEntdecker
PR: ProduktEntdecker/austria-hospitality-leads#0
File: :0-0
Timestamp: 2025-09-11T12:50:48.805Z
Learning: ProduktEntdecker implemented premium lead filtering focusing on 5 high-value categories: LEUCHTENFACHHAENDLER (lighting dealers), LICHTPLANER (light planners), ELEKTROPLANER_LICHT (electrical planners), HIGH_END_EINRICHTER (premium furniture), and INTERIOR_DESIGN (interior architects). The system excludes basic suppliers like textiles, linen, laundry, cleaning services, and mass-market retailers (IKEA, Segmüller, etc.) through comprehensive negative keyword filtering.
📚 Learning: 2025-09-04T15:08:42.351Z
Learnt from: CR
PR: ProduktEntdecker/touchbarfix#0
File: CLAUDE.md:0-0
Timestamp: 2025-09-04T15:08:42.351Z
Learning: Applies to index.html : Use canonical URLs and current branding on the landing page (touchbarfix.com, correct GitHub repo, no legacy URLs)
Applied to files:
index.html
📚 Learning: 2025-09-04T15:08:42.351Z
Learnt from: CR
PR: ProduktEntdecker/touchbarfix#0
File: CLAUDE.md:0-0
Timestamp: 2025-09-04T15:08:42.351Z
Learning: Applies to README.md : Use current branding (TouchBarFix, touchbarfix.com, com.produktentdecker.touchbarfix) in README; avoid legacy names
Applied to files:
index.html
🔍 Remote MCP Linear
Additional context (from Linear)
- Issue: TOU-1 — "Add icon to GitHub near the CTA Button to increase trust".
- Status: In Progress; Priority: Urgent.
- Created: 2025-09-15T10:50:25.206Z; Updated: 2025-09-15T10:56:55.835Z.
- Assignee / created by: Florian Steiner. Team: TouchBarFix.
- Issue git branch name: info/tou-1-add-icon-to-github-near-the-cta-button-to-increase-trust.
- Issue includes a screenshot attachment and an attachment linking to PR #17 (#17).
- Add aria-label for screen reader accessibility - Add aria-hidden and focusable attributes to SVG icons - Add focus-visible styles for keyboard navigation - Add Plausible analytics tracking for GitHub icon clicks - Implement all CodeRabbit accessibility recommendations 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
- Clean up temporary files and improve project structure - Update documentation with latest changes - Add comprehensive handover document - Prepare for next development session 🤖 Generated with Claude Code wrap-up script
There was a problem hiding this comment.
Actionable comments posted: 5
🧹 Nitpick comments (15)
1-business/SEO Article.md (1)
1-1: Replace bare URL with descriptive Markdown and context.Improves SEO signal and passes MD034 (no-bare-urls).
Apply:
-https://apple.stackexchange.com/questions/470569/how-to-fix-regular-blackout-of-touch-bar +Reference: [How to fix regular blackout of Touch Bar — Apple Stack Exchange](https://apple.stackexchange.com/questions/470569/how-to-fix-regular-blackout-of-touch-bar) + +Notes: +- External resource referenced from landing pages/FAQ.App/Resources/TouchBarFixAppStore.entitlements (1)
31-33: Fix misleading comment; USB entitlement isn’t “Accessibility.”This key controls USB device access, not Accessibility APIs.
Apply:
- <!-- Accessibility for Touch Bar interaction --> + <!-- USB device access (should remain disabled) -->build-appstore.sh (5)
6-6: Harden script safety.Use strict mode to catch unset vars and pipe errors.
Apply:
-set -e +set -euo pipefail
33-33: Don’t hardcode build output path; derive with swift.
.build/apple/Products/Releaseisn’t stable across toolchains. Use--show-bin-path.Apply:
-swift build -c release --arch arm64 --arch x86_64 +swift build -c release --arch arm64 --arch x86_64 +BIN_DIR="$(swift build --show-bin-path -c release)"And later:
-cp .build/apple/Products/Release/TouchBarFix TouchBarFix.app/Contents/MacOS/ +cp "${BIN_DIR}/TouchBarFix" TouchBarFix.app/Contents/MacOS/
68-71: Add timestamp; avoid unnecessary --deep.Timestamp helps notarization. Prefer explicit signing of nested content over
--deep(keep if you truly need it).Apply:
-codesign --force --deep --sign "$IDENTITY" \ +codesign --force --sign "$IDENTITY" --timestamp \ --entitlements Resources/TouchBarFixAppStore.entitlements \ --options runtime \ TouchBarFix.app
11-11: Remove unused RED variable (SC2034).Apply:
-RED='\033[0;31m'Or use it in an actual error message.
86-94: “Open .app in Xcode” isn’t how you Archive.Archive from the project/workspace, not an already built .app. Suggest documenting “open the project in Xcode, select Any Mac (App Store), Product > Archive”.
index-backup-hero.html (3)
19-46: Add canonical URL to match branding guidance.Per prior learnings, include a canonical link.
Apply:
</script> <!-- Plausible Analytics --> + <link rel="canonical" href="https://touchbarfix.com/">
75-88: Custom classes used but not defined (touchbar-broken,touchbar-fixed).They’re defined in trust-enhanced-index.html but not here; add minimal styles or remove the classes.
Apply:
+ <style> + .touchbar-broken { background: linear-gradient(90deg, #ef4444 0%, #dc2626 50%, #ef4444 100%); opacity: .3; } + .touchbar-fixed { background: linear-gradient(90deg, #10b981 0%, #059669 50%, #10b981 100%); } + </style>
20-45: Structured data ratings without on-page rating UI may get flagged.Either show an aggregate rating visibly on the page or drop the AggregateRating from JSON‑LD.
trust-enhanced-index.html (5)
8-18: Add canonical link to reinforce canonical domain.Apply:
<meta property="og:type" content="website"> <!-- Schema.org for SEO with Reviews --> + <link rel="canonical" href="https://touchbarfix.com/">
300-312: “Notarized by Apple” claim: ensure current build is actually notarized.If true, consider linking to a brief “How we sign and notarize” page or show a notarization badge tooltip. If not yet notarized, soften the claim.
I can draft a short “Security & Signing” doc you can link here.
331-351: External links: addrel="noreferrer noopener"consistently.GitHub/LinkedIn links have
rel="noopener"; addnoreferrerlike elsewhere for consistency.-<a href="https://linkedin.com/in/floriansteiner" target="_blank" rel="noopener" ... +<a href="https://linkedin.com/in/floriansteiner" target="_blank" rel="noopener noreferrer" ...
365-407: FAQ claims about local usage stats: ensure the app actually implements this.If not implemented, remove or add the feature (and document where stats are stored).
Want a minimal local-only usage counter implementation plan?
1-507: Scope mismatch — move the new marketing page to its own PR; keep this PR limited to the index.html trust tweak.This PR adds a full marketing page (trust-enhanced-index.html) while the stated objective was a small trust tweak to index.html — move the new page into a separate PR so review stays focused.
Confirmed: index.html already includes GitHub icon SVG next to both CTAs (hero: index.html lines 145–154; final CTA: index.html lines 366–375).
📜 Review details
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (7)
1-business/SEO Article.md(1 hunks)App/Resources/TouchBarFixAppStore.entitlements(1 hunks)HANDOVER.md(1 hunks)README.md(1 hunks)build-appstore.sh(1 hunks)index-backup-hero.html(1 hunks)trust-enhanced-index.html(1 hunks)
✅ Files skipped from review due to trivial changes (2)
- README.md
- HANDOVER.md
🧰 Additional context used
🧠 Learnings (19)
📓 Common learnings
Learnt from: CR
PR: ProduktEntdecker/touchbarfix#0
File: CLAUDE.md:0-0
Timestamp: 2025-09-04T15:08:42.351Z
Learning: Applies to index.html : Use canonical URLs and current branding on the landing page (touchbarfix.com, correct GitHub repo, no legacy URLs)
Learnt from: ProduktEntdecker
PR: ProduktEntdecker/austria-hospitality-leads#0
File: :0-0
Timestamp: 2025-09-11T20:36:56.266Z
Learning: ProduktEntdecker implemented a sophisticated data quality validation system that identifies extraction failures through signature patterns (genuineSupplierScore: 13, seoQualityScore: 12 indicates failed data extraction). The system also filters hotels (customers not suppliers) and ensures Austrian legal compliance by requiring valid contact information in business Impressum.
Learnt from: ProduktEntdecker
PR: ProduktEntdecker/austria-hospitality-leads#0
File: :0-0
Timestamp: 2025-09-11T12:50:48.805Z
Learning: ProduktEntdecker implemented premium lead filtering focusing on 5 high-value categories: LEUCHTENFACHHAENDLER (lighting dealers), LICHTPLANER (light planners), ELEKTROPLANER_LICHT (electrical planners), HIGH_END_EINRICHTER (premium furniture), and INTERIOR_DESIGN (interior architects). The system excludes basic suppliers like textiles, linen, laundry, cleaning services, and mass-market retailers (IKEA, Segmüller, etc.) through comprehensive negative keyword filtering.
📚 Learning: 2025-09-04T15:09:30.329Z
Learnt from: CR
PR: ProduktEntdecker/touchbarfix#0
File: 5-documentation/AGENTS.md:0-0
Timestamp: 2025-09-04T15:09:30.329Z
Learning: Applies to 5-documentation/**/index.html : The landing page should reflect that TouchBarFix is a simple utility app (not a menu bar app)
Applied to files:
index-backup-hero.htmlApp/Resources/TouchBarFixAppStore.entitlementstrust-enhanced-index.html
📚 Learning: 2025-09-04T15:08:42.351Z
Learnt from: CR
PR: ProduktEntdecker/touchbarfix#0
File: CLAUDE.md:0-0
Timestamp: 2025-09-04T15:08:42.351Z
Learning: Applies to index.html : Use canonical URLs and current branding on the landing page (touchbarfix.com, correct GitHub repo, no legacy URLs)
Applied to files:
index-backup-hero.htmltrust-enhanced-index.html
📚 Learning: 2025-09-04T15:08:42.351Z
Learnt from: CR
PR: ProduktEntdecker/touchbarfix#0
File: CLAUDE.md:0-0
Timestamp: 2025-09-04T15:08:42.351Z
Learning: Applies to README.md : Use current branding (TouchBarFix, touchbarfix.com, com.produktentdecker.touchbarfix) in README; avoid legacy names
Applied to files:
index-backup-hero.htmltrust-enhanced-index.html
📚 Learning: 2025-08-24T10:17:20.456Z
Learnt from: CR
PR: ProduktEntdecker/touchbarfix#0
File: 5-documentation/CLAUDE.md:0-0
Timestamp: 2025-08-24T10:17:20.456Z
Learning: Applies to 5-documentation/**/*.{swift,md,html,json,yml,yaml,plist,sh} : Never use old branding (Touch Bar Restarter/touchbar-restarter/TouchBarRestarter or any 'restarter' variants); always use current names: Product TouchBarFix, repo touchbarfix, domain touchbarfix.com, bundle ID com.produktentdecker.touchbarfix, and updated GitHub URLs
Applied to files:
index-backup-hero.htmlApp/Resources/TouchBarFixAppStore.entitlements
📚 Learning: 2025-08-24T10:17:20.456Z
Learnt from: CR
PR: ProduktEntdecker/touchbarfix#0
File: 5-documentation/CLAUDE.md:0-0
Timestamp: 2025-08-24T10:17:20.456Z
Learning: Applies to 5-documentation/**/vercel.json : Keep Vercel deployment configuration aligned with touchbarfix.com (single production deployment)
Applied to files:
index-backup-hero.html
📚 Learning: 2025-09-04T15:09:30.329Z
Learnt from: CR
PR: ProduktEntdecker/touchbarfix#0
File: 5-documentation/AGENTS.md:0-0
Timestamp: 2025-09-04T15:09:30.329Z
Learning: Applies to 5-documentation/**/index.html : Include attribution string on the landing page: "Created by Dr. Florian Steiner, AI Product Manager • Co-created with Claude Code"
Applied to files:
index-backup-hero.htmltrust-enhanced-index.html
📚 Learning: 2025-09-04T15:09:30.329Z
Learnt from: CR
PR: ProduktEntdecker/touchbarfix#0
File: 5-documentation/AGENTS.md:0-0
Timestamp: 2025-09-04T15:09:30.329Z
Learning: Applies to 5-documentation/App/Resources/*.entitlements : Enable hardened runtime via codesigning and entitlements as required
Applied to files:
App/Resources/TouchBarFixAppStore.entitlements
📚 Learning: 2025-08-24T10:17:20.456Z
Learnt from: CR
PR: ProduktEntdecker/touchbarfix#0
File: 5-documentation/CLAUDE.md:0-0
Timestamp: 2025-08-24T10:17:20.456Z
Learning: Applies to 5-documentation/**/Info.plist : Set CFBundleIdentifier to com.produktentdecker.touchbarfix and app metadata to current branding (TouchBarFix)
Applied to files:
App/Resources/TouchBarFixAppStore.entitlementsbuild-appstore.sh
📚 Learning: 2025-09-04T15:08:42.351Z
Learnt from: CR
PR: ProduktEntdecker/touchbarfix#0
File: CLAUDE.md:0-0
Timestamp: 2025-09-04T15:08:42.351Z
Learning: Applies to App/**/Info.plist : Ensure Bundle Identifier is com.produktentdecker.touchbarfix and app metadata reflect current branding
Applied to files:
App/Resources/TouchBarFixAppStore.entitlementsbuild-appstore.sh
📚 Learning: 2025-08-24T10:17:20.456Z
Learnt from: CR
PR: ProduktEntdecker/touchbarfix#0
File: 5-documentation/CLAUDE.md:0-0
Timestamp: 2025-08-24T10:17:20.456Z
Learning: Applies to 5-documentation/**/Package.swift : Ensure Package.swift uses the correct executable/product naming (TouchBarFix) and updated dependencies; no references to old 'restarter' naming
Applied to files:
App/Resources/TouchBarFixAppStore.entitlementsbuild-appstore.sh
📚 Learning: 2025-09-04T15:08:42.351Z
Learnt from: CR
PR: ProduktEntdecker/touchbarfix#0
File: CLAUDE.md:0-0
Timestamp: 2025-09-04T15:08:42.351Z
Learning: Applies to App/Sources/**/*.swift : Ensure in-app strings and UI text use the current product name “TouchBarFix” (no legacy branding)
Applied to files:
App/Resources/TouchBarFixAppStore.entitlementsbuild-appstore.sh
📚 Learning: 2025-09-04T15:09:30.329Z
Learnt from: CR
PR: ProduktEntdecker/touchbarfix#0
File: 5-documentation/AGENTS.md:0-0
Timestamp: 2025-09-04T15:09:30.329Z
Learning: Applies to 5-documentation/App/Sources/**/*.swift : Whitelist only allowed processes (e.g., TouchBarServer, ControlStrip) for interactions
Applied to files:
App/Resources/TouchBarFixAppStore.entitlements
📚 Learning: 2025-09-04T15:09:30.329Z
Learnt from: CR
PR: ProduktEntdecker/touchbarfix#0
File: 5-documentation/AGENTS.md:0-0
Timestamp: 2025-09-04T15:09:30.329Z
Learning: Applies to 5-documentation/App/Resources/*.entitlements : Use least-privilege entitlements (minimal set only)
Applied to files:
App/Resources/TouchBarFixAppStore.entitlements
📚 Learning: 2025-08-24T10:17:20.456Z
Learnt from: CR
PR: ProduktEntdecker/touchbarfix#0
File: 5-documentation/CLAUDE.md:0-0
Timestamp: 2025-08-24T10:17:20.456Z
Learning: Applies to 5-documentation/App/Sources/**/*.swift : Security hardening must remain enabled (process whitelisting, input validation, hardened runtime) and reflect current branding
Applied to files:
App/Resources/TouchBarFixAppStore.entitlements
📚 Learning: 2025-09-03T15:32:33.526Z
Learnt from: CR
PR: ProduktEntdecker/scanbook#0
File: CLAUDE.md:0-0
Timestamp: 2025-09-03T15:32:33.526Z
Learning: Applies to 5-documentation/LESSONS-FROM-TOUCHBARFIX.md : Reference 5-documentation/LESSONS-FROM-TOUCHBARFIX.md for applied learnings from previous projects
Applied to files:
trust-enhanced-index.html
📚 Learning: 2025-09-04T15:09:30.329Z
Learnt from: CR
PR: ProduktEntdecker/touchbarfix#0
File: 5-documentation/AGENTS.md:0-0
Timestamp: 2025-09-04T15:09:30.329Z
Learning: Applies to 5-documentation/.github/workflows/**/*.yml : Verify signed app with `spctl -a -vvv TouchBarFix.app` in CI
Applied to files:
build-appstore.sh
📚 Learning: 2025-09-04T15:08:42.351Z
Learnt from: CR
PR: ProduktEntdecker/touchbarfix#0
File: CLAUDE.md:0-0
Timestamp: 2025-09-04T15:08:42.351Z
Learning: Applies to Package.swift : Keep executable/product naming consistent with TouchBarFix in Package.swift
Applied to files:
build-appstore.sh
📚 Learning: 2025-09-04T15:09:30.329Z
Learnt from: CR
PR: ProduktEntdecker/touchbarfix#0
File: 5-documentation/AGENTS.md:0-0
Timestamp: 2025-09-04T15:09:30.329Z
Learning: Applies to 5-documentation/App/build-app.sh : Codesign the app with hardened runtime enabled during build
Applied to files:
build-appstore.sh
🪛 Shellcheck (0.10.0)
build-appstore.sh
[warning] 11-11: RED appears unused. Verify use (or export if used externally).
(SC2034)
🪛 markdownlint-cli2 (0.17.2)
1-business/SEO Article.md
1-1: Bare URL used
(MD034, no-bare-urls)
🔍 Remote MCP Linear
Relevant Linear issue & comments
-
Issue: TOU-1 "Add icon to GitHub near the CTA Button to increase trust" — status: In Progress; priority: Urgent; assignee/creator: Florian Steiner; branch: info/tou-1-add-icon-to-github-near-the-cta-button-to-increase-trust. Attachment links this PR (PR #17).
-
Issue comments:
- "Starting work..." (2025-09-15T10:52:02) and a follow-up confirming completion: "✅ Completed: Added GitHub icon next to both CTA buttons..." (2025-09-15T10:53:54). These confirm the implemented scope in the PR.
🔇 Additional comments (3)
App/Resources/TouchBarFixAppStore.entitlements (1)
5-15: Scope check: do we actually need Apple Events?If the app only runs
pkill TouchBarServer(no GUI scripting), Apple Events may be unnecessary; fewer entitlements = easier review. If you do need AE, consider target‑scoping via LSAppleEvents declarations rather than exceptions.Would you confirm whether the app sends AE to System Events or any other app?
index-backup-hero.html (1)
1-424: Scope mismatch with PR objective.This file adds a full landing variant; the PR objective is “add GitHub icon next to CTA buttons on index.html”. Consider moving page additions to a separate PR.
Would you split content/marketing page additions from the small UI trust tweak?
trust-enhanced-index.html (1)
145-146: Verify/download and rating numbers; avoid static counters unless sourced.“5,247 downloads” and “4.8/5 (127)” should be either dynamic or clearly sourced. Otherwise, prefer generic phrasing.
Apply (if you can’t source dynamically):
- <span class="font-semibold">5,247 downloads</span> in the last 30 days + Trusted by thousands of Mac users- <p class="text-3xl font-bold text-green-600">4.8/5</p> - <p class="text-sm text-gray-600">Average Rating</p> + <p class="text-3xl font-bold text-green-600">Loved by Mac users</p> + <p class="text-sm text-gray-600">Great feedback</p>Also applies to: 242-251
| <?xml version="1.0" encoding="UTF-8"?> | ||
| <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> | ||
| <plist version="1.0"> | ||
| <dict> | ||
| <!-- App Store Sandbox Required --> | ||
| <key>com.apple.security.app-sandbox</key> | ||
| <true/> | ||
|
|
||
| <!-- Hardened Runtime --> | ||
| <key>com.apple.security.cs.allow-unsigned-executable-memory</key> | ||
| <false/> | ||
|
|
||
| <!-- Allow AppleScript for Touch Bar control --> | ||
| <key>com.apple.security.automation.apple-events</key> | ||
| <true/> | ||
|
|
||
| <!-- Temporary exception for System Events access --> | ||
| <key>com.apple.security.temporary-exception.apple-events</key> | ||
| <array> | ||
| <string>com.apple.systemevents</string> | ||
| </array> | ||
|
|
||
| <!-- User-selected file access (for future features) --> | ||
| <key>com.apple.security.files.user-selected.read-only</key> | ||
| <true/> | ||
|
|
||
| <!-- Network access for update checks (App Store handles this) --> | ||
| <key>com.apple.security.network.client</key> | ||
| <false/> | ||
|
|
||
| <!-- Accessibility for Touch Bar interaction --> | ||
| <key>com.apple.security.device.usb</key> | ||
| <false/> | ||
| </dict> | ||
| </plist> No newline at end of file |
There was a problem hiding this comment.
💡 Verification agent
🧩 Analysis chain
App Store viability risk: killing Apple processes may be rejected under sandbox.
Even with sandbox + AE, an MAS app that terminates Apple system components (e.g., TouchBarServer) is likely to be rejected. Consider Developer ID + notarization distribution instead of MAS for this utility.
🌐 Web query:
Are “temporary exception” entitlements permitted for Mac App Store apps? Do MAS sandboxed apps have permission to terminate Apple system processes like TouchBarServer?
💡 Result:
Short answers:
-
Yes — macOS "temporary exception" entitlements exist and may be included in a Mac App Store (MAS) app, but you must declare each temporary-exception entitlement and justify its use in App Store Connect (and follow Apple’s guidance / bug-report process if it’s a workaround). [1][2]
-
No — a sandboxed MAS app is not allowed free ability to kill or manipulate system processes (e.g. TouchBarServer). The sandbox blocks operations like signaling arbitrary PIDs, and Apple warns that requesting broad exception access to system components (Finder / System Events / other OS services) will likely cause rejection; the usual supported patterns are scripting-targets / Apple‑events for limited automation or separate unsandboxed helpers (with strong limitations), not terminating system daemons from a sandboxed MAS app. [2][3][4]
Sources:
- App Sandbox temporary-exception entitlements (entitlement keys and App Store Connect requirements). [1][2]
- Apple Technical Q&A on sandboxing and automation (notes that requesting exceptions for Finder/System Events is likely to be rejected). [3]
- Community/engineering discussion showing sandbox prevents killall/kill and that helper/un-sandboxed approaches (XPC / user-enabled helpers) are the alternatives. [4]
If you want, I can quote the exact entitlement keys you'd need for a specific capability or suggest an App-Store-acceptable design to achieve your goal (e.g., scripted activation, Apple Events with scripting-targets, or a user-approved helper).
App Store rejection risk — MAS sandboxed apps cannot terminate Apple system processes
Temporary-exception entitlements can be declared in App Store Connect and justified, but they do not grant a sandboxed MAS app permission to kill or manipulate Apple system daemons (e.g., TouchBarServer); attempting this will very likely cause App Store rejection. File: App/Resources/TouchBarFixAppStore.entitlements. Fix: remove/avoid any process‑termination behavior or switch to Developer ID + notarization; if you must remain on MAS, redesign to use App‑Store‑acceptable patterns (Apple Events scripting targets, limited automation, or an approved helper/XPC approach).
🤖 Prompt for AI Agents
App/Resources/TouchBarFixAppStore.entitlements lines 1-35: the entitlements file
indicates temporary exceptions for Apple Events but the review warns the app may
attempt to terminate or manipulate Apple system daemons (e.g., TouchBarServer),
which will trigger App Store rejection; remove any code that kills or
manipulates Apple system processes and instead redesign to one of the approved
options: remove process-termination behavior entirely, implement Touch Bar
interactions via user-directed Apple Events targets or approved automation, move
to a Developer ID-signed + notarized distribution if low-level process control
is required, or implement a properly sandboxed helper/XPC with only allowed
entitlements; update entitlements and app logic accordingly to avoid using
temporary exceptions as a mechanism to control system daemons.
| <!-- Temporary exception for System Events access --> | ||
| <key>com.apple.security.temporary-exception.apple-events</key> | ||
| <array> | ||
| <string>com.apple.systemevents</string> | ||
| </array> |
There was a problem hiding this comment.
Remove temporary Apple Events exception (not allowed for Mac App Store).
com.apple.security.temporary-exception.apple-events is a temporary entitlement and generally rejected for MAS submissions. Keep com.apple.security.automation.apple-events and explain usage via Info.plist description instead.
Apply:
- <!-- Temporary exception for System Events access -->
- <key>com.apple.security.temporary-exception.apple-events</key>
- <array>
- <string>com.apple.systemevents</string>
- </array>Outside this file, add to Info.plist:
<key>NSAppleEventsUsageDescription</key>
<string>TouchBarFix sends Apple Events to perform safe automation required to restart Touch Bar software.</string>🤖 Prompt for AI Agents
App/Resources/TouchBarFixAppStore.entitlements lines 17-21: remove the temporary
Apple Events exception block (the
com.apple.security.temporary-exception.apple-events key and its array entry)
since MAS rejects it; keep any com.apple.security.automation.apple-events
entitlement intact if needed; then, outside this file add an
NSAppleEventsUsageDescription entry to the app Info.plist with a clear usage
string (e.g., "TouchBarFix sends Apple Events to perform safe automation
required to restart Touch Bar software.") to explain the behavior to users and
satisfy App Store requirements.
| # Use App Store compatible manager | ||
| echo "📝 Switching to App Store compatible code..." | ||
| if [ -f Sources/TouchBarManager.swift ]; then | ||
| mv Sources/TouchBarManager.swift Sources/TouchBarManager.original.swift | ||
| fi | ||
| cp Sources/TouchBarManagerAppStore.swift Sources/TouchBarManager.swift | ||
|
|
There was a problem hiding this comment.
Avoid leaving the repo in a swapped state; restore on exit.
If the script aborts, TouchBarManager.swift remains renamed. Add a trap to restore automatically.
Apply:
echo "📝 Switching to App Store compatible code..."
+orig_swapped=0
if [ -f Sources/TouchBarManager.swift ]; then
mv Sources/TouchBarManager.swift Sources/TouchBarManager.original.swift
+ orig_swapped=1
fi
cp Sources/TouchBarManagerAppStore.swift Sources/TouchBarManager.swift
+
+# Always restore original on exit
+cleanup() {
+ if [ "${orig_swapped}" = "1" ] && [ -f Sources/TouchBarManager.original.swift ]; then
+ mv Sources/TouchBarManager.original.swift Sources/TouchBarManager.swift
+ fi
+}
+trap cleanup EXIT INT TERM🤖 Prompt for AI Agents
In build-appstore.sh around lines 24 to 30, the script moves
Sources/TouchBarManager.swift aside and copies an App Store variant but doesn't
restore the original if the script aborts; add a trap on EXIT (and optionally on
INT/TERM) that checks for Sources/TouchBarManager.original.swift and moves it
back to Sources/TouchBarManager.swift (and removes the AppStore copy if present)
so the repo is always restored on script exit, and set the trap immediately
after the original is moved to ensure restoration happens even on errors.
| IDENTITY="Developer ID Application: FLORIAN MICHAEL STEINER (D3SM7HA325)" | ||
|
|
||
| # For App Store, we need to use "3rd Party Mac Developer Application" certificate | ||
| # Check if App Store certificate exists | ||
| if security find-identity -v -p codesigning | grep -q "3rd Party Mac Developer Application"; then | ||
| IDENTITY=$(security find-identity -v -p codesigning | grep "3rd Party Mac Developer Application" | head -1 | awk '{print $2}') | ||
| echo "Using App Store certificate: $IDENTITY" | ||
| else | ||
| echo -e "${YELLOW}⚠️ Warning: No App Store certificate found. Using Developer ID for testing.${NC}" | ||
| echo "To submit to App Store, you need a '3rd Party Mac Developer Application' certificate." | ||
| fi |
There was a problem hiding this comment.
Don’t commit a personal signing identity; make it configurable.
Use env var with a sensible auto-detect fallback; avoid leaking real name/Team ID into the repo.
Apply:
-IDENTITY="Developer ID Application: FLORIAN MICHAEL STEINER (D3SM7HA325)"
+IDENTITY="${SIGN_IDENTITY:-}"
+
+# Prefer “3rd Party Mac Developer Application” for MAS; else fallback to Developer ID (testing only).
if security find-identity -v -p codesigning | grep -q "3rd Party Mac Developer Application"; then
- IDENTITY=$(security find-identity -v -p codesigning | grep "3rd Party Mac Developer Application" | head -1 | awk '{print $2}')
+ IDENTITY="${IDENTITY:-$(security find-identity -v -p codesigning | awk -F\" '/3rd Party Mac Developer Application/{print $2; exit}')}"
echo "Using App Store certificate: $IDENTITY"
else
- echo -e "${YELLOW}⚠️ Warning: No App Store certificate found. Using Developer ID for testing.${NC}"
+ echo -e "${YELLOW}⚠️ Warning: No App Store certificate found. Using Developer ID for testing.${NC}"
+ IDENTITY="${IDENTITY:-$(security find-identity -v -p codesigning | awk -F\" '/Developer ID Application/{print $2; exit}')}"
echo "To submit to App Store, you need a '3rd Party Mac Developer Application' certificate."
fi
+[ -n "${IDENTITY}" ] || { echo -e "${RED:-}❌ No signing identity found${NC:-}"; exit 1; }📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| IDENTITY="Developer ID Application: FLORIAN MICHAEL STEINER (D3SM7HA325)" | |
| # For App Store, we need to use "3rd Party Mac Developer Application" certificate | |
| # Check if App Store certificate exists | |
| if security find-identity -v -p codesigning | grep -q "3rd Party Mac Developer Application"; then | |
| IDENTITY=$(security find-identity -v -p codesigning | grep "3rd Party Mac Developer Application" | head -1 | awk '{print $2}') | |
| echo "Using App Store certificate: $IDENTITY" | |
| else | |
| echo -e "${YELLOW}⚠️ Warning: No App Store certificate found. Using Developer ID for testing.${NC}" | |
| echo "To submit to App Store, you need a '3rd Party Mac Developer Application' certificate." | |
| fi | |
| IDENTITY="${SIGN_IDENTITY:-}" | |
| # Prefer “3rd Party Mac Developer Application” for MAS; else fallback to Developer ID (testing only). | |
| # For App Store, we need to use "3rd Party Mac Developer Application" certificate | |
| # Check if App Store certificate exists | |
| if security find-identity -v -p codesigning | grep -q "3rd Party Mac Developer Application"; then | |
| IDENTITY="${IDENTITY:-$(security find-identity -v -p codesigning | awk -F\" '/3rd Party Mac Developer Application/{print $2; exit}')}" | |
| echo "Using App Store certificate: $IDENTITY" | |
| else | |
| echo -e "${YELLOW}⚠️ Warning: No App Store certificate found. Using Developer ID for testing.${NC}" | |
| IDENTITY="${IDENTITY:-$(security find-identity -v -p codesigning | awk -F\" '/Developer ID Application/{print $2; exit}')}" | |
| echo "To submit to App Store, you need a '3rd Party Mac Developer Application' certificate." | |
| fi | |
| [ -n "${IDENTITY}" ] || { echo -e "${RED:-}❌ No signing identity found${NC:-}"; exit 1; } |
🤖 Prompt for AI Agents
In build-appstore.sh around lines 56 to 66, remove the hard-coded personal
signing identity and instead read an environment variable (e.g.,
APP_SIGN_IDENTITY) as the primary identity; if APP_SIGN_IDENTITY is empty,
auto-detect by running security find-identity -v -p codesigning and grepping for
"3rd Party Mac Developer Application" (fall back to Developer ID only if no App
Store cert is found), assign the result to IDENTITY, and echo which source was
used (env vs auto-detect vs fallback), ensuring no personal name/Team ID is
committed in the script.
| TouchBarFix restarts the TouchBarServer process when it freezes. This is the same command IT professionals use: <code class="bg-gray-100 px-2 py-1 rounded text-sm">sudo pkill TouchBarServer</code><br> | ||
| We've automated it into a simple app for convenience. Compatible with macOS Big Sur through Sonoma. | ||
| </p> |
There was a problem hiding this comment.
Inconsistent with “No Admin Password Required”: remove sudo from examples.
Elsewhere you claim no admin password is needed. Use non‑sudo examples consistently.
Apply:
-... the same command IT professionals use: <code class="bg-gray-100 px-2 py-1 rounded text-sm">sudo pkill TouchBarServer</code>
+... the same command IT professionals use: <code class="bg-gray-100 px-2 py-1 rounded text-sm">pkill TouchBarServer</code>-<code class="text-sm">sudo pkill "Touch Bar agent"<br>sudo pkill TouchBarServer</code>
+<code class="text-sm">pkill "Touch Bar agent"<br>pkill TouchBarServer</code>Also applies to: 236-238
🤖 Prompt for AI Agents
In index-backup-hero.html around lines 149-151 (and also apply same change at
lines 236-238), the example command uses "sudo pkill TouchBarServer" which
contradicts the page's claim that no admin password is required; remove the
"sudo" prefix in both locations and replace the example with the non-sudo
command "pkill TouchBarServer" so examples are consistent with the "No Admin
Password Required" statement, and update any surrounding text if it references
requiring sudo.
1 participant
Summary
Linear Issue
Fixes TOU-1: Add icon to GitHub near the CTA Button to increase trust
Changes
index.htmlto add GitHub icon with SVG next to both CTA buttonsTest Plan
@coderabbitai please review
🤖 Generated with Claude Code
Summary by CodeRabbit
New Features
Style
Documentation
Chores