feat: self-bundling cef_host — pub get + flutter build, no make/host steps#14
Merged
Conversation
Make flutter_cef self-bundling so a consumer gets a working app from a plain `flutter build macos` — no `make cef-host`, no manual ditto, no FLUTTER_CEF_HOST. - podspec :after_compile script_phase ditto's native/cef_host/prebuilt/cef_host.app into the built flutter_cef_macos.framework's Versions/A/Frameworks (a pod build phase can't reach the app's top-level Contents/Frameworks — it runs before the app bundle exists; CocoaPods then embeds the framework, host and all, into the app). - resolver probes the framework's Versions/Current/Frameworks (no top-level Frameworks symlink exists), so the embedded host resolves with zero consumer wiring. - no-op when no prebuilt is present (co-dev from-source / FLUTTER_CEF_HOST still win). Proven in the example app: `flutter build macos --debug` + open with NO FLUTTER_CEF_HOST -> resolver finds the embedded host, cef_host (+5 helpers) spawn. The prebuilt is gitignored (fetched at pod install in a later increment). See specs/prebuilt-cef-host/PLAN.md. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
podspec prepare_command runs tool/fetch_cef_host.sh, which downloads + SHA256- verifies the version-matched cef_host.app named in cef_host_prebuilt.json into native/cef_host/prebuilt/ (cached under ~/.cache/flutter_cef; fail-open; FLUTTER_CEF_FROM_SOURCE=1 skips for co-dev). Combined with the INC 0 :after_compile embed, a clean consumer now gets a working app from a single `flutter build macos` — pod install fetches, the build embeds, no make/cef-host, no FLUTTER_CEF_HOST. Artifact hosted (ad-hoc, unsigned — consumers sign their own release) at gs://flutterflow-downloads/flutter_cef_prebuilt/v0.2.0/. Proven end-to-end in the example app from a wiped prebuilt+cache+Pods state. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
…NC 4) release-cef-host.yml builds cef_host ad-hoc (arm64 dev variant), packages + checksums it with provenance, uploads to the tag's GitHub release, and commits the updated cef_host_prebuilt.json back to the default branch — using only GITHUB_TOKEN, no signing secrets (consumers re-sign their own release builds). Point the manifest at the GitHub release host (cef-host-v0.2.0). x86_64 + a hardened release-compiled variant are documented follow-ups. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Why
flutter_cef's Dart/Swift half is a normal pod, but the native
cef_host.app(nested signed app, ~200MB Chromium + 5 helpers) had to be built from source + manually bundled by every consumer — a plainflutter build macosproduced a broken app. This makes the plugin self-bundling:flutter pub get+flutter build macos= working app, nomake cef-host, noFLUTTER_CEF_HOST, no creds.How (all additive + fail-open — existing consumers unaffected until they bump the pin)
:after_compilescript phasedittos the prebuilt into the built framework'sVersions/A/Frameworks; the resolver probesVersions/Current/Frameworks. (A pod phase can't reach the app's top-levelContents/Frameworks— it runs before the app bundle exists.) Proven: example app builds + spawns cef_host with no env.prepare_command→tool/fetch_cef_host.shdownloads + SHA256-verifies the version-matched artifact incef_host_prebuilt.jsonatpod install(cached;FLUTTER_CEF_FROM_SOURCE=1skips for co-dev). Proven end-to-end from a clean state.release-cef-host.ymlbuilds ad-hoc oncef-host-v*tags + uploads to the GitHub release + updates the manifest — GITHUB_TOKEN only, no secrets.Signing
The published prebuilt is ad-hoc — our cred is never on anyone's shipped binary. Debug uses it as-is; a notarized release re-signs it with the consumer's Developer-ID (Campus's existing flow, unchanged).
Follow-ups
x86_64 matrix leg; a hardened release-compiled variant; consumer cleanup (drop
make cef-host) lands in the work_canvas repo.Prebuilt hosted at the
cef-host-v0.2.0pre-release. Seespecs/prebuilt-cef-host/PLAN.md.🤖 Generated with Claude Code