Conversation
|
Merging this would be very appreciated! |
to be clear, I have no idea if it even works, don't own any macOs devices to test it on, |
There was a problem hiding this comment.
Pull request overview
Adds a macOS (Apple Silicon) CI build path and app bundling, along with build-system and source tweaks intended to improve cross-platform compilation (notably on macOS).
Changes:
- Add a macOS GitHub Actions job that builds an arm64 binary and uploads a zipped
.appbundle artifact. - Extend
linux.mkto support platform/arch detection and to build/download third-party deps in a more flexible way (including macOS). - Apply various C/C header adjustments for portability (switch-case scoping, signal defines, packing pragmas, string-compare compatibility, etc.).
Reviewed changes
Copilot reviewed 21 out of 21 changed files in this pull request and generated 7 comments.
Show a summary per file
| File | Description |
|---|---|
| tools/macos_bundle.sh | New script to construct a .app bundle and copy/link Homebrew dylib dependencies. |
| src/thing_stats.c | Adds braces in switch cases to allow declarations cleanly. |
| src/pre_inc.h | Adds strings.h include and strnicmp mapping. |
| src/player_instances.h | Removes #pragma pack directives. |
| src/player_computer.h | Removes #pragma pack directives. |
| src/lvl_script_lib.c | Adds a scoped block + break in a switch default path. |
| src/gui_topmsg.h | Removes #pragma pack directives. |
| src/frontend.h | Removes #pragma pack(1) at file start (affects struct packing). |
| src/front_lvlstats.h | Removes #pragma pack directives. |
| src/config.h | Removes #pragma pack directives. |
| src/config.c | Minor whitespace change. |
| src/bflib_vidraw.h | Replaces max() macro usage in scaling-step macros with explicit ternaries. |
| src/bflib_sprite.h | Removes #pragma pack directives. |
| src/bflib_network.h | Switches packing to #pragma pack(push, 1) / pop scoped around wire structs. |
| src/bflib_guibtns.h | Removes #pragma pack directives. |
| src/bflib_filelst.h | Removes #pragma pack directives. |
| src/bflib_crash.c | Broadens POSIX signal handling beyond Linux and guards non-portable signals. |
| src/bflib_cpu.c | Refactors CPUID helpers under an x86-only guard. |
| src/ariadne.c | Removes an unused counter variable in a nav-tree helper. |
| linux.mk | Adds PLATFORM/ARCH handling, mac support, pkg-config usage changes, and dependency build/download logic. |
| .github/workflows/build-prototype.yml | Adds a macOS build+bundle+upload job. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
|
|
||
| #include <strings.h> | ||
|
|
||
| #ifndef strnicmp | ||
| #define strnicmp strncasecmp | ||
| #endif |
There was a problem hiding this comment.
pre_inc.h now unconditionally includes <strings.h>, which is not available on all toolchains (notably MSVC, and some Windows environments). This can break Windows builds. Guard the include (and any strncasecmp mapping) behind #if !defined(_WIN32)/#if defined(unix) or move the <strings.h> include to the same platform-conditional area where strncasecmp/strnicmp are defined.
| #include <strings.h> | |
| #ifndef strnicmp | |
| #define strnicmp strncasecmp | |
| #endif | |
| #if !defined(_WIN32) | |
| #include <strings.h> | |
| #ifndef strnicmp | |
| #define strnicmp strncasecmp | |
| #endif | |
| #endif |
| #define PANEL_SPRITES_COUNT 514 | ||
| #define FRONTEND_FONTS_COUNT 4 | ||
| // After that much milliseconds in main menu, demo is started | ||
| #define MNU_DEMO_IDLE_TIME 30000 | ||
| /******************************************************************************/ | ||
| #pragma pack(1) | ||
|
|
||
| enum DemoItem_Kind { | ||
| DIK_PlaySmkVideo, |
There was a problem hiding this comment.
#pragma pack(1) was removed, but this header still defines struct NetMessage { ... } // sizeof = 0x41. Without packing, the compiler will typically insert padding after plyr_idx, making the struct larger than 0x41 and potentially breaking any code that relies on the documented size / binary layout. Reintroduce packing around struct NetMessage (preferably via #pragma pack(push, 1)/#pragma pack(pop) scoped to just the structs that need it), or otherwise adjust the struct so its size/layout is stable.
| KFX_INCLUDES = \ | ||
| -Ideps/centijson/include \ | ||
| -Ideps/centitoml \ | ||
| -Ideps/astronomy/include \ | ||
| -Ideps/enet6/include \ | ||
| $(shell pkg-config --cflags-only-I sdl2) \ | ||
| $(shell pkg-config --cflags-only-I SDL2_image) \ | ||
| $(shell pkg-config --cflags-only-I SDL2_mixer) \ | ||
| $(shell pkg-config --cflags-only-I SDL2_net) \ |
There was a problem hiding this comment.
KFX_INCLUDES is defined with a recursive = assignment and contains many $(shell pkg-config ...) calls. Because KFX_INCLUDES is expanded for every compile/link command, this will re-run pkg-config repeatedly and can significantly slow builds/CI. Consider precomputing pkg-config results once using := (or separate PKG_CFLAGS := $(shell ...) / PKG_LIBS := $(shell ...) variables) so the shell commands execute only once per make invocation.
| git clone --depth "$(DEPS_CLONE_DEPTH)" "$(DEPS_ASTRONOMY_REPO)" "$(DEPS_BUILD_DIR)/astronomy"; \ | ||
| if [ -n "$(DEPS_ASTRONOMY_REF)" ]; then git -C "$(DEPS_BUILD_DIR)/astronomy" checkout "$(DEPS_ASTRONOMY_REF)"; fi; \ |
There was a problem hiding this comment.
The git clone step for $(DEPS_ASTRONOMY_REPO) fetches an external repository without pinning to an immutable commit or verifying integrity. If that upstream repo or the network path is compromised, an attacker could inject malicious code into the built binary simply by changing the remote default branch. Pin this dependency to a specific commit (and/or vendor it) and add checksum or signature verification for downloaded sources to prevent supply chain compromise.
| git clone --depth "$(DEPS_CLONE_DEPTH)" "$(DEPS_CENTIJSON_REPO)" "$(DEPS_BUILD_DIR)/centijson"; \ | ||
| if [ -n "$(DEPS_CENTIJSON_REF)" ]; then git -C "$(DEPS_BUILD_DIR)/centijson" checkout "$(DEPS_CENTIJSON_REF)"; fi; \ |
There was a problem hiding this comment.
The git clone step for $(DEPS_CENTIJSON_REPO) pulls code from a third-party GitHub repository without locking to a specific commit or validating integrity. A compromise or malicious update on that remote could silently change what is built here, allowing injected code to run whenever the resulting binary is executed. Pin this dependency to an immutable revision and/or verify checksums or signatures of the fetched sources to harden the build against supply chain attacks.
| git clone --depth "$(DEPS_CLONE_DEPTH)" "$(DEPS_ENET6_REPO)" "$(DEPS_BUILD_DIR)/enet6"; \ | ||
| if [ -n "$(DEPS_ENET6_REF)" ]; then git -C "$(DEPS_BUILD_DIR)/enet6" checkout "$(DEPS_ENET6_REF)"; fi; \ |
There was a problem hiding this comment.
The git clone for $(DEPS_ENET6_REPO) similarly fetches code from an external repository without commit pinning or integrity checks. This allows any change on the remote default branch (including by an attacker who compromises that repo) to alter the code linked into your binary without changes in this repo. Pin to a specific commit or release and add checksum/signature verification for the downloaded sources to mitigate this supply chain risk.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
|
@PieterVdc sorry for naive, out of the blue question: does this mean KeeperFx potentially works on MacOS? I have a MacOS device (M2 Macbook Air) and would be happy to help with any testing. I tried downloading the keeperfx-macos-app from the CI run you linked but it did not seem to be working (though I'm not sure if that's the right thing to run, if it needs some other setup, etc). |
|
hmm right you do need to still download the normal stable from keeperfx, and have already copied the required files from the og game, but thinking about it again, I suppose I can already test intel macos trough a vm, I suppose that'll already catch most prominent issues, and allow me to have more clear install instructions with it likely won't be for the first week though, but I'll get back to it later |
|
Sounds good, do you expect the current build would also work for arm or it needs a whole different build setup? If it's the same build I will try to test it out again with the correct steps |
|
eh I should probably redo the whole thing wouldn't even know the correct instructions |
|
Ok well happy to help with any testing (or other things) if / when ready :). I'm pretty interested in getting this to run natively on macos since I love this game and wine has not been working super well |
completely untested, and atm could probably use extra cleanup, but it produces a mac build