Files
Lumotia/docs/release/install-warnings.md
Jake 3770815fbf
Some checks failed
check / cargo check (macos-latest) (push) Has been cancelled
check / cargo check (ubuntu-22.04) (push) Has been cancelled
check / cargo check (windows-latest) (push) Has been cancelled
check / svelte build + lint (push) Has been cancelled
agent: lumotia — v0.1 release-completion run
Closes the code-side v0.1 ship gate. All quality gates green:
cargo fmt/clippy/test (~327 tests), npm check (0/0), vitest 13/13,
scripts/dogfood-rebrand-drill.sh 8/8.

Phase F — first-run onboarding promoted to v0.1
- FirstRunPage with skip-to-main + failure recovery + event recording
- Six onboarding commands (record/list/has-completed + lumotia_events)
- Storage migration v17 (onboarding_events + lumotia_events tables)

UI hardening (in-scope items from v0.1-ui-hardening.md)
- StatusPill + PostCaptureCard components, 21st preview entry
- Sidebar recording-as-sacred-state (opacity + aria-disabled, reduced-motion)
- Settings 6-section regroup + Help section + Activation log + Privacy toggle
- Error-state copy sweep (DictationPage + SettingsPage, plain-language)
- Global :focus-visible rule, textarea outlines restored
- Ctrl+K / Ctrl+, / Escape bindings in +layout

LLM resilience
- rule_based_extract_tasks (regex-free imperative-verb extractor) +
  extract_tasks_with_fallback wrapper — task extraction never returns zero
- tokio::time::timeout(120s) wraps cleanup/tags/tasks commands

Release artefacts
- LICENSE (canonical AGPL-3.0), CHANGELOG (Keep-a-Changelog format)
- v0.1-release-notes, privacy-and-ai-use, install-warnings,
  tester-onboarding-kit, tester-acceptance-runbook, code-signing-setup,
  apple-silicon-rb08-runbook, virtual-audio-setup, v0.1-contrast-audit
- Workspace versioning + AGPL spdx; npm exact-pin (10 ranges removed)
- AppImage SHA-256 sidecar in build.yml
- README v0.1 section + Reporting-issues; canonical repo slug

Closure pass — items moved from human-required to code-complete
- KI-02 Linux idle inhibit: zbus 5 → org.freedesktop.login1.Manager.Inhibit
- KI-03 Windows sleep prevention: SetThreadExecutionState(ES_CONTINUOUS|...)
- acquire/release_idle_inhibit Tauri commands, wired in DictationPage
- Diagnostic-bundle frontend wire-up (Settings → Help button)
- WCAG-AA contrast fix via .btn-filled-text utility (no token changes)
- 8 destructive-action sites wrapped in plain-language confirm() guards
- KNOWN-ISSUES.md + v0.1-known-limitations.md updated (KI-02/03 fixed)

Scripts
- pre-tag-verify.sh, tag-day.sh, smoke-linux + driver
- parse-diagnostic-bundle.sh, parse-activation-log.py

Per-item audit trail: docs/release/v0.1-completion-status.md
Remaining: W-01…W-08 (signing certs, hardware probes, smoke matrix,
tester recruitment) — see docs/release/v0.1-known-limitations.md.
2026-05-15 06:59:08 +01:00

2.7 KiB

name, type, tags, description
name type tags description
install-warnings release
release
v0.1
install
gatekeeper
smartscreen
sha256
user-facing
Per-platform first-install warnings for Lumotia v0.1. macOS Gatekeeper workaround (no Apple notarisation in v0.1). Windows SmartScreen workaround (no EV signing in v0.1). Linux AppImage SHA-256 verification. Linked from v0.1-release-notes.md and README.md.

First-install warnings — Lumotia v0.1

When you install a new unsigned app, your OS will say something. This page tells you what to expect on each platform and what to do. The warnings are expected.

macOS — Gatekeeper warning

What you'll see. One of:

  • "App can't be opened because it is from an unidentified developer."
  • "[App] is damaged and can't be opened. You should move it to the Trash."

Why it happens. Lumotia v0.1 is not notarised with an Apple Developer ID. macOS Gatekeeper blocks unsigned apps by default. Neither message means the file is damaged or malicious.

What to do. Two options, either works:

  1. System Settings → Privacy & Security → Security section → click "Open Anyway" next to the Lumotia entry, then confirm.
  2. In Finder, Control-click the app → Open → click Open in the dialog.

macOS remembers your choice; you only do this once.

When this goes away. When we ship a notarised build with an Apple Developer ID. Tracked in the v0.1 release checklist; see KNOWN-ISSUES.md for status.


Windows — SmartScreen warning

What you'll see. A blue dialog: "Windows protected your PC."

Why it happens. Lumotia v0.1 ships without an EV code-signing certificate. SmartScreen flags installers from publishers without established reputation.

What to do.

  1. Click "More info" in the SmartScreen dialog.
  2. Click "Run anyway".

SmartScreen does not re-block the app on relaunch after you've done this once.

When this goes away. When we ship an EV-signed installer.


Linux — AppImage verification

No OS-level warning on Linux. Verify the file yourself before running it.

Verify the download. The release page publishes a .sha256 file alongside the AppImage:

sha256sum -c lumotia-0.1.0-linux-x86_64.AppImage.sha256

Or compare manually:

sha256sum lumotia-0.1.0-linux-x86_64.AppImage

Check the output against the value in the .sha256 file. A match means the file is intact.

Mark it executable before running:

chmod +x lumotia-0.1.0-linux-x86_64.AppImage
./lumotia-0.1.0-linux-x86_64.AppImage

GPG signing. Not available in v0.1. When a signing key is published, it will appear on the release page.

When this changes. GPG signing is deferred to a near-term point release.