[feature] Add brew cask install option

[Kiruno-lz]

User description

摘要

Close issues #254 #5

• 添加了brew install --cask的支持
• 对相关文档进行了更新
• 添加了github ci支持自动更新

注意事项

• 含有Formula安装脚本。但是经测试，Tauri 的 DMG bundler 需要调用 macOS 的系统工具（如 hdiutil、create-dmg），在 Homebrew 的沙盒构建环境中这些工具的权限和路径受限，导致打包失败。可以在merge的时候考虑删掉。
• zap的范围参考pearcleaner的范围
• 不太熟悉github ci，虽然检查过了，但是没有进行测试，需要review一下

测试计划

已经在本地进行测试，成功安装、使用、卸载

---

PR Type

Enhancement, Documentation

---

Description

• Added Casks/openless.rb Homebrew Cask for easy macOS installation and updates

• Created .github/workflows/update-cask.yml to auto-update Cask version and checksums on release

• Added Formula/openless.rb for building from source (experimental, may require review)

• Updated English and Chinese READMEs with brew tap/install --cask instructions

---

Diagram Walkthrough

flowchart LR
  A["Casks/openless.rb\n(Homebrew Cask)"] --> B["brew install --cask openless"]
  C["Release trigger"] --> D["CI workflow (update-cask.yml)\nauto-updates Cask"]
  D --> A
  E["README.md & README.zh.md\nadd install docs"] --> B

Loading

File Walkthrough

	Relevant files
Configuration changes	update-cask.yml Automate Cask version and SHA256 updates on release            .github/workflows/update-cask.yml Triggers on published releases matching v*-tauri tags Extracts version and fetches SHA256 for arm64 and x64 DMG assets Replaces version and sha256 in Casks/openless.rb Commits and pushes the updated Cask file automatically +83/-0
Enhancement	openless.rb Add Homebrew Cask definition for OpenLess                                Casks/openless.rb Defines openless Cask with arm64 and x64 DMG download URLs Hardcodes current version 1.2.22 and matching SHA256 checksums Sets auto_updates true and declares zap paths for user data cleanup Includes livecheck block for future version detection +29/-0    openless.rb Add Homebrew Formula for building from source                        Formula/openless.rb Defines Openless Formula building Tauri app from source Downloads qwen-asr submodule as a resource for local ASR Builds with ad-hoc signing (APPLE_SIGNING_IDENTITY=-) and installs .app bundle Provides caveats for linking to /Applications and granting permissions +67/-0
Documentation	README.md Document Homebrew installation in English README                  README.md Adds new subsection for macOS brew installation Documents brew tap, brew install --cask openless, and upgrade commands Includes xattr -cr step for ad-hoc signed app +9/-0      README.zh.md Document Homebrew installation in Chinese README                  README.zh.md Reorders platform list; adds Chinese brew install subsection Mirrors the English installation steps in Chinese +10/-1

---

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 317452d287

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[github-actions]

PR Reviewer Guide 🔍

(Review updated until commit 2b7247c)

Here are some key observations to aid the review process:

🎫 Ticket compliance analysis ❌ 254 - Partially compliant Compliant requirements: Provide a Homebrew Cask / tap install option. Update the README with Homebrew installation instructions. Add CI automation to update the Cask on release. Non-compliant requirements: Configure zap cleanup to remove ~/.openless/, Keychain credentials, and other user data. Requires further human verification: Verify the Homebrew upgrade path works as expected for installed users. Verify macOS Accessibility permission prompts and cleanup behavior on an actual Homebrew-installed app. 5 - Not compliant Non-compliant requirements: Add a keyboard shortcut such as F5 to trigger command execution. Support double-clicking a command to run it. Improve prompt injection for more precise component descriptions.

⏱️ Estimated effort to review: 3 🔵🔵🔵⚪⚪

🧪 No relevant tests

🔒 No security concerns identified

⚡ Recommended focus areas for review Push failure The workflow checks out the release ref and then commits without switching to a branch or passing an explicit refspec. On the release tag checkout this is a detached HEAD, so git push is likely to fail when the release is published. - name: Checkout tap repository uses: actions/checkout@v4 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Extract version from tag id: version run: | TAG="${{ github.event.release.tag_name }}" VERSION="${TAG#v}" VERSION="${VERSION%-tauri}" echo "version=$VERSION" >> "$GITHUB_OUTPUT" echo "Detected version: $VERSION" - name: Fetch release assets SHA256 id: sha256 env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | VERSION="${{ steps.version.outputs.version }}" REPO="${{ github.repository }}" # Fetch release assets info RESPONSE=$(gh api "repos/$REPO/releases/tags/v${VERSION}-tauri") # Extract SHA256 for aarch64 DMG ARM64_SHA=$(echo "$RESPONSE" | jq -r '.assets[] | select(.name | contains("aarch64.dmg")) | .digest' | sed 's/sha256://') # Extract SHA256 for x64 DMG X64_SHA=$(echo "$RESPONSE" | jq -r '.assets[] | select(.name | contains("_x64.dmg")) | .digest' | sed 's/sha256://') echo "arm64_sha=$ARM64_SHA" >> "$GITHUB_OUTPUT" echo "x64_sha=$X64_SHA" >> "$GITHUB_OUTPUT" echo "aarch64 DMG SHA256: $ARM64_SHA" echo "x64 DMG SHA256: $X64_SHA" - name: Update Cask file run: | VERSION="${{ steps.version.outputs.version }}" ARM64_SHA="${{ steps.sha256.outputs.arm64_sha }}" X64_SHA="${{ steps.sha256.outputs.x64_sha }}" CASK_FILE="Casks/openless.rb" # Update version sed -i "s/version \"[^\"]*\"/version \"$VERSION\"/" "$CASK_FILE" # Update SHA256 values sed -i "s/sha256 arm: \"[^\"]*\"/sha256 arm: \"$ARM64_SHA\"/" "$CASK_FILE" sed -i "s/intel: \"[^\"]*\"/intel: \"$X64_SHA\"/" "$CASK_FILE" echo "Updated $CASK_FILE:" cat "$CASK_FILE" - name: Commit and push changes run: | git config --local user.email "github-actions[bot]@users.noreply.github.com" git config --local user.name "github-actions[bot]" VERSION="${{ steps.version.outputs.version }}" git add Casks/openless.rb if git diff --cached --quiet; then echo "No changes to commit" exit 0 fi git commit -m "[cask] Update openless to $VERSION" git push Stale formula The formula is pinned to v1.2.20-tauri, so brew install openless will keep building an older release even after newer releases are published and the Cask is updated. That makes the formula diverge from the current project version. url "https://github.com/appergb/openless/archive/refs/tags/v1.2.20-tauri.tar.gz" sha256 "be1363f7762a42b7e932ec3cc687cfdfb5b550b6cf1c96d52a1f87c906f27863"

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 2b7247c948

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

Check out a branch before pushing cask updates

When this workflow runs from release.published, GitHub documents GITHUB_REF as the release tag (refs/tags/<tag_name>), and actions/checkout defaults to the event ref; this leaves the job on a detached tag checkout. The later git commit succeeds, but git push without a refspec then fails with “You are not currently on a branch”, so every release that needs a cask checksum bump will leave Casks/openless.rb stale unless the checkout targets the tap branch (or the push uses an explicit HEAD:<branch> refspec).

Useful? React with 👍 / 👎.

[github-actions]

Persistent review updated to latest commit 2b7247c

[appergb]

OK，我看到这个 PR 了，请让我审核一下。