Skip to content

fix: upgrade Package.swift checksum to SHA-512 (PILOT-333)#6

Open
matthew-pilot wants to merge 1 commit into
mainfrom
openclaw/pilot-333-20260530-083600
Open

fix: upgrade Package.swift checksum to SHA-512 (PILOT-333)#6
matthew-pilot wants to merge 1 commit into
mainfrom
openclaw/pilot-333-20260530-083600

Conversation

@matthew-pilot
Copy link
Copy Markdown
Collaborator

@matthew-pilot matthew-pilot commented May 30, 2026

Summary

Upgrade the PilotC binaryTarget checksum from SHA-256 to SHA-512 per Swift Package Manager SRI best practice.

Changes

  • Package.swift: Replace SHA-256 checksum with SHA-512 (computed from published v0.2.0 xcframework.zip artifact)

Verification

  • SHA-512 checksum computed directly from the published GitHub release artifact
  • Build/test: swift toolchain not available in sandbox — CI will verify

Ticket

🔗 https://vulturelabs.atlassian.net/browse/PILOT-333

Labels

matthew-fix

@matthew-pilot
fix: upgrade Package.swift checksum to SHA-512 (PILOT-333)
57af1e5 
Replace SHA-256 checksum with SHA-512 for the PilotC binaryTarget
xcframwork. SHA-512 is SRI best practice per Swift Package Manager docs.
Computed from the published v0.2.0 artifact.
@matthew-pilot
Copy link
Copy Markdown
Collaborator Author

matthew-pilot commented May 30, 2026

🦀 Matthew PR Checkpilot-protocol/sdk-swift#6

Item Value
Title fix: upgrade Package.swift checksum to SHA-512 (PILOT-333)
Branch openclaw/pilot-333-20260530-083600main
State open
Mergeable ✅ clean
CI ✅ test (1/1 passing)
Diff +1/−1 in 1 file
Labels (none)
Created 2026-05-30T08:37:09Z

🦀 matthew-pilot self-check complete. Awaiting operator review.

@matthew-pilot
Copy link
Copy Markdown
Collaborator Author

matthew-pilot commented May 30, 2026

🛠️ Matthew PR Worker — Status (pilot-protocol/sdk-swift#6)

State: OPEN · MERGEABLE ✅
CI: 1/1 passing (ci ✅)
Canary: N/A — sdk-swift not in canary ref inputs, not applicable
Jira: PILOT-333 — fix type, evaluated
Last operator activity: TeoSlayer — last commit 2026-05-29T21:01Z (~12h ago)

🛠️ auto-status by matthew-pr-worker

@matthew-pilot
Copy link
Copy Markdown
Collaborator Author

matthew-pilot commented May 30, 2026

🛠️ Matthew Explains — pilot-protocol/sdk-swift#6

What this does

Upgrades the PilotC binaryTarget checksum from SHA-256 to SHA-512.

File-by-file walkthrough

Package.swift:24 — The only change: the checksum: parameter is replaced. Old value was a 64-char SHA-256 hex digest; new value is a 128-char SHA-512 hex digest, computed from the published Pilot.xcframework.zip v0.2.0 GitHub release artifact.

Why

Swift Package Manager supports both SHA-256 and SHA-512 for SRI checksums. SHA-512 offers stronger collision resistance. This is a best-practice upgrade — the checksum is integrity-only (not a MAC), so the security gain is marginal but the cost is zero (same one-line change).

Impact

  • Wire format: none
  • API: none
  • Consumers: transparent — SPM validates the new checksum on swift build, identical workflow
  • Risk: minimal — single-line, artifact checksum recomputed from the same published binary

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@matthew-pilot