Fix toolbar appearance

2026-04-09 18:57:22 +02:00 · 2025-08-10 14:58:44 -07:00
18 changed files with 163 additions and 272 deletions
--- a/Sources/Packages/Package.swift
+++ b/Sources/Packages/Package.swift
@@ -6,7 +6,7 @@ import PackageDescription
 let package = Package(
    name: "SecretivePackages",
    platforms: [
-        .macOS(.v14)
+        .macOS(.v15)
    ],
    products: [
        .library(
@@ -27,16 +27,13 @@ let package = Package(
        .library(
            name: "Brief",
            targets: ["Brief"]),
-        .library(
-            name: "Common",
-            targets: ["Common"]),
    ],
    dependencies: [
    ],
    targets: [
        .target(
            name: "SecretKit",
-            dependencies: ["Common"],
+            dependencies: [],
            swiftSettings: swiftSettings
        ),
        .testTarget(
@@ -46,17 +43,17 @@ let package = Package(
        ),
        .target(
            name: "SecureEnclaveSecretKit",
-            dependencies: ["Common", "SecretKit"],
+            dependencies: ["SecretKit"],
            swiftSettings: swiftSettings
        ),
        .target(
            name: "SmartCardSecretKit",
-            dependencies: ["Common", "SecretKit"],
+            dependencies: ["SecretKit"],
            swiftSettings: swiftSettings
        ),
        .target(
            name: "SecretAgentKit",
-            dependencies: ["Common", "SecretKit", "SecretAgentKitHeaders"],
+            dependencies: ["SecretKit", "SecretAgentKitHeaders"],
            swiftSettings: swiftSettings
        ),
        .systemLibrary(
@@ -68,18 +65,13 @@ let package = Package(
        ,
        .target(
            name: "Brief",
-            dependencies: ["Common"],
+            dependencies: [],
            swiftSettings: swiftSettings
        ),
        .testTarget(
            name: "BriefTests",
            dependencies: ["Brief"]
        ),
-        .target(
-            name: "Common",
-            dependencies: [],
-            swiftSettings: swiftSettings
-        ),
    ]
 )

--- a/Sources/Packages/Sources/Brief/Updater.swift
+++ b/Sources/Packages/Sources/Brief/Updater.swift
@@ -1,15 +1,14 @@
 import Foundation
 import Observation
-import os
-import Common
+import Synchronization

 /// A concrete implementation of ``UpdaterProtocol`` which considers the current release and OS version.
@Observable public final class Updater: UpdaterProtocol, ObservableObject, Sendable {

    public var update: Release? {
-        _update.lockedValue
+        _update.withLock { $0 }
    }
-    private let _update: OSAllocatedUnfairLock<Release?> = .init(uncheckedState: nil)
+    private let _update: Mutex<Release?> = .init(nil)
    public let testBuild: Bool

    /// The current OS version.
@@ -54,7 +53,9 @@ import Common
        guard !release.critical else { return }
        defaults.set(true, forKey: release.name)
        await MainActor.run {
-            _update.lockedValue = nil
+            _update.withLock { value in
+                value = nil
+            }
        }
    }

@@ -75,7 +76,9 @@ extension Updater {
        let latestVersion = SemVer(release.name)
        if latestVersion > currentVersion {
            await MainActor.run {
-                _update.lockedValue = release
+                _update.withLock { value in
+                    value = release
+                }
            }
        }
    }
--- a/Sources/Packages/Sources/Brief/UpdaterProtocol.swift
+++ b/Sources/Packages/Sources/Brief/UpdaterProtocol.swift
@@ -1,5 +1,5 @@
 import Foundation
-import os
+import Synchronization

 /// A protocol for retreiving the latest available version of an app.
 public protocol UpdaterProtocol: Observable {
--- a/Sources/Packages/Sources/Common/Locks.swift
+++ b/Sources/Packages/Sources/Common/Locks.swift
@@ -1,14 +0,0 @@
-import os
-
-public extension OSAllocatedUnfairLock where State: Sendable {
-    
-    var lockedValue: State {
-        get {
-            withLock { $0 }
-        }
-        nonmutating set {
-            withLock { $0 = newValue }
-        }
-    }
-
-}
--- a/Sources/Packages/Sources/SecretKit/OpenSSH/OpenSSHCertificateHandler.swift
+++ b/Sources/Packages/Sources/SecretKit/OpenSSH/OpenSSHCertificateHandler.swift
@@ -1,6 +1,6 @@
 import Foundation
 import OSLog
-import os
+import Synchronization

 /// Manages storage and lookup for OpenSSH certificates.
 public final class OpenSSHCertificateHandler: Sendable {
@@ -8,7 +8,7 @@ public final class OpenSSHCertificateHandler: Sendable {
    private let publicKeyFileStoreController = PublicKeyFileStoreController(homeDirectory: NSHomeDirectory())
    private let logger = Logger(subsystem: "com.maxgoedjen.secretive.secretagent", category: "OpenSSHCertificateHandler")
    private let writer = OpenSSHKeyWriter()
-    private let keyBlobsAndNames: OSAllocatedUnfairLock<[AnySecret: (Data, Data)]> = .init(uncheckedState: [:])
+    private let keyBlobsAndNames: Mutex<[AnySecret: (Data, Data)]> = .init([:])

    /// Initializes an OpenSSHCertificateHandler.
    public init() {
@@ -32,7 +32,10 @@ public final class OpenSSHCertificateHandler: Sendable {
    /// - Parameter secret: The secret to check for a certificate.
    /// - Returns: A boolean describing whether or not the certificate handler has a certifiicate associated with a given secret
    public func hasCertificate<SecretType: Secret>(for secret: SecretType) -> Bool {
-        keyBlobsAndNames.lockedValue[AnySecret(secret)] != nil
+        keyBlobsAndNames.withLock {
+            $0[AnySecret(secret)] != nil
+        }
+        
    }


@@ -64,7 +67,9 @@ public final class OpenSSHCertificateHandler: Sendable {
    /// - Parameter secret: The secret to search for a certificate with
    /// - Returns: A (``Data``, ``Data``) tuple containing the certificate and certificate name, respectively.
    public func keyBlobAndName<SecretType: Secret>(for secret: SecretType) throws -> (Data, Data)? {
-        keyBlobsAndNames.lockedValue[AnySecret(secret)]
+        keyBlobsAndNames.withLock {
+            $0[AnySecret(secret)]
+        }
    }
    
    /// Attempts to find an OpenSSH Certificate  that corresponds to a ``Secret``
--- a/Sources/Packages/Sources/SecretKit/SecretStoreList.swift
+++ b/Sources/Packages/Sources/SecretKit/SecretStoreList.swift
@@ -1,22 +1,21 @@
 import Foundation
 import Observation
-import os
-import Common
+import Synchronization

 /// A "Store Store," which holds a list of type-erased stores.
@Observable public final class SecretStoreList: Sendable {

    /// The Stores managed by the SecretStoreList.
    public var stores: [AnySecretStore] {
-        __stores.lockedValue
+        __stores.withLock { $0 }
    }
-    private let __stores: OSAllocatedUnfairLock<[AnySecretStore]> = .init(uncheckedState: [])
+    private let __stores: Mutex<[AnySecretStore]> = .init([])
    
    /// A modifiable store, if one is available.
    public var modifiableStore: AnySecretStoreModifiable? {
        __modifiableStore.withLock { $0 }
    }
-    private let __modifiableStore: OSAllocatedUnfairLock<AnySecretStoreModifiable?> = .init(uncheckedState: nil)
+    private let __modifiableStore: Mutex<AnySecretStoreModifiable?> = .init(nil)

    /// Initializes a SecretStoreList.
    public init() {
@@ -32,7 +31,9 @@ import Common
    /// Adds a non-type-erased modifiable SecretStore.
    public func add<SecretStoreType: SecretStoreModifiable>(store: SecretStoreType) {
        let modifiable = AnySecretStoreModifiable(modifiable: store)
-        __modifiableStore.lockedValue = modifiable
+        __modifiableStore.withLock {
+            $0 = modifiable
+        }
        __stores.withLock {
            $0.append(modifiable)
        }
@@ -40,11 +41,15 @@ import Common

    /// A boolean describing whether there are any Stores available.
    public var anyAvailable: Bool {
-        __stores.lockedValue.contains(where: \.isAvailable)
+        __stores.withLock {
+            $0.reduce(false, { $0 || $1.isAvailable })
+        }
    }

    public var allSecrets: [AnySecret] {
-        __stores.lockedValue.flatMap(\.secrets)
+        __stores.withLock {
+            $0.flatMap(\.secrets)
+        }
    }

 }
--- a/Sources/Packages/Sources/SecretKit/Types/SigningRequestProvenance.swift
+++ b/Sources/Packages/Sources/SecretKit/Types/SigningRequestProvenance.swift
@@ -2,7 +2,7 @@ import Foundation
 import AppKit

 /// Describes the chain of applications that requested a signature operation.
-public struct SigningRequestProvenance: Equatable, Sendable {
+public struct SigningRequestProvenance: Equatable {

    /// A list of processes involved in the request.
    /// - Note: A chain will typically consist of many elements even for a simple request. For example, running `git fetch` in Terminal.app would generate a request chain of `ssh` -> `git` -> `zsh` -> `login` -> `Terminal.app`
@@ -30,7 +30,7 @@ extension SigningRequestProvenance {
 extension SigningRequestProvenance {

    /// Describes a process in a `SigningRequestProvenance` chain.
-    public struct Process: Equatable, Sendable {
+    public struct Process: Equatable {

        /// The pid of the process.
        public let pid: Int32
--- a/Sources/Packages/Sources/SecureEnclaveSecretKit/SecureEnclaveStore.swift
+++ b/Sources/Packages/Sources/SecureEnclaveSecretKit/SecureEnclaveStore.swift
@@ -4,8 +4,7 @@ import Security
 import CryptoKit
@preconcurrency import LocalAuthentication
 import SecretKit
-import os
-import Common
+import Synchronization

 extension SecureEnclave {

@@ -18,11 +17,11 @@ extension SecureEnclave {
        public let id = UUID()
        public let name = String(localized: "secure_enclave")
        public var secrets: [Secret] {
-            _secrets.lockedValue
+            _secrets.withLock { $0 }
        }
-        private let _secrets: OSAllocatedUnfairLock<[Secret]> = .init(uncheckedState: [])
+        private let _secrets: Mutex<[Secret]> = .init([])

-        private let persistedAuthenticationContexts: OSAllocatedUnfairLock<[Secret: PersistentAuthenticationContext]> = .init(uncheckedState: [:])
+        private let persistedAuthenticationContexts: Mutex<[Secret: PersistentAuthenticationContext]> = .init([:])

        /// Initializes a Store.
        public init() {
@@ -106,40 +105,42 @@ extension SecureEnclave {
        }
        
        public func sign(data: Data, with secret: Secret, for provenance: SigningRequestProvenance) throws -> Data {
-            var context: LAContext
-            if let existing = persistedAuthenticationContexts.lockedValue[secret], existing.valid {
-                context = existing.context
-            } else {
+            let context: Mutex<LAContext>
+//            if let existing = persistedAuthenticationContexts.withLock({ $0 })[secret], existing.valid {
+//                context = existing.context
+//            } else {
                let newContext = LAContext()
                newContext.localizedCancelTitle = String(localized: "auth_context_request_deny_button")
-                context = newContext
+                context = .init(newContext)
+//            }
+            return try context.withLock { context in
+                context.localizedReason = String(localized: "auth_context_request_signature_description_\(provenance.origin.displayName)_\(secret.name)")
+                let attributes = KeychainDictionary([
+                    kSecClass: kSecClassKey,
+                    kSecAttrKeyClass: kSecAttrKeyClassPrivate,
+                    kSecAttrApplicationLabel: secret.id as CFData,
+                    kSecAttrKeyType: Constants.keyType,
+                    kSecAttrTokenID: kSecAttrTokenIDSecureEnclave,
+                    kSecAttrApplicationTag: Constants.keyTag,
+                    kSecUseAuthenticationContext: context,
+                    kSecReturnRef: true
+                ])
+                var untyped: CFTypeRef?
+                let status = SecItemCopyMatching(attributes, &untyped)
+                if status != errSecSuccess {
+                    throw KeychainError(statusCode: status)
+                }
+                guard let untypedSafe = untyped else {
+                    throw KeychainError(statusCode: errSecSuccess)
+                }
+                let key = untypedSafe as! SecKey
+                var signError: SecurityError?
+                
+                guard let signature = SecKeyCreateSignature(key, .ecdsaSignatureMessageX962SHA256, data as CFData, &signError) else {
+                    throw SigningError(error: signError)
+                }
+                return signature as Data
            }
-            context.localizedReason = String(localized: "auth_context_request_signature_description_\(provenance.origin.displayName)_\(secret.name)")
-            let attributes = KeychainDictionary([
-                kSecClass: kSecClassKey,
-                kSecAttrKeyClass: kSecAttrKeyClassPrivate,
-                kSecAttrApplicationLabel: secret.id as CFData,
-                kSecAttrKeyType: Constants.keyType,
-                kSecAttrTokenID: kSecAttrTokenIDSecureEnclave,
-                kSecAttrApplicationTag: Constants.keyTag,
-                kSecUseAuthenticationContext: context,
-                kSecReturnRef: true
-            ])
-            var untyped: CFTypeRef?
-            let status = SecItemCopyMatching(attributes, &untyped)
-            if status != errSecSuccess {
-                throw KeychainError(statusCode: status)
-            }
-            guard let untypedSafe = untyped else {
-                throw KeychainError(statusCode: errSecSuccess)
-            }
-            let key = untypedSafe as! SecKey
-            var signError: SecurityError?
-            
-            guard let signature = SecKeyCreateSignature(key, .ecdsaSignatureMessageX962SHA256, data as CFData, &signError) else {
-                throw SigningError(error: signError)
-            }
-            return signature as Data
        }

        public func verify(signature: Data, for data: Data, with secret: Secret) throws -> Bool {
@@ -178,7 +179,7 @@ extension SecureEnclave {
        }

        public func existingPersistedAuthenticationContext(secret: Secret) -> PersistedAuthenticationContext? {
-            guard let persisted = persistedAuthenticationContexts.lockedValue[secret], persisted.valid else { return nil }
+            guard let persisted = persistedAuthenticationContexts.withLock({ $0 })[secret], persisted.valid else { return nil }
            return persisted
        }

--- a/Sources/Packages/Sources/SmartCardSecretKit/SmartCardStore.swift
+++ b/Sources/Packages/Sources/SmartCardSecretKit/SmartCardStore.swift
@@ -1,5 +1,5 @@
 import Foundation
-import os
+import Synchronization
 import Observation
 import Security
 import CryptoTokenKit
@@ -19,7 +19,7 @@ extension SmartCard {
    /// An implementation of Store backed by a Smart Card.
    @Observable public final class Store: SecretStore {

-        private let state: OSAllocatedUnfairLock<State> = .init(uncheckedState: .init())
+        private let state: Mutex<State> = .init(.init())
        public var isAvailable: Bool {
            state.withLock { $0.isAvailable }
        }
--- a/Sources/Packages/Tests/BriefTests/ReleaseParsingTests.swift
+++ b/Sources/Packages/Tests/BriefTests/ReleaseParsingTests.swift
@@ -2,6 +2,7 @@ import Testing
 import Foundation
@testable import Brief

+
@Suite struct ReleaseParsingTests {

    @Test
--- a/Sources/Packages/Tests/SecretAgentKitTests/AgentTests.swift
+++ b/Sources/Packages/Tests/SecretAgentKitTests/AgentTests.swift
@@ -1,10 +1,8 @@
 import Foundation
-import os
 import Testing
 import CryptoKit
@testable import SecretKit
@testable import SecretAgentKit
-import Common

@Suite struct AgentTests {

@@ -92,35 +90,34 @@ import Common
    @Test func witnessSignature() async {
        let stubReader = StubFileHandleReader(availableData: Constants.Requests.requestSignature)
        let list = storeList(with: [Constants.Secrets.ecdsa256Secret])
-        let witnessed: OSAllocatedUnfairLock<Bool> = .init(uncheckedState: false)
+        var witnessed = false
        let witness = StubWitness(speakNow: { _, trace  in
            return false
        }, witness: { _, trace in
-            witnessed.lockedValue = true
+            witnessed = true
        })
        let agent = Agent(storeList: list, witness: witness)
        await agent.handle(reader: stubReader, writer: stubWriter)
-        let value = witnessed.lockedValue
-        #expect(value)
+        #expect(witnessed)
    }

    @Test func requestTracing() async {
        let stubReader = StubFileHandleReader(availableData: Constants.Requests.requestSignature)
        let list = storeList(with: [Constants.Secrets.ecdsa256Secret])
-        let speakNowTrace: OSAllocatedUnfairLock<SigningRequestProvenance?> = .init(uncheckedState: nil)
-        let witnessTrace: OSAllocatedUnfairLock<SigningRequestProvenance?> = .init(uncheckedState: nil)
+        var speakNowTrace: SigningRequestProvenance! = nil
+        var witnessTrace: SigningRequestProvenance! = nil
        let witness = StubWitness(speakNow: { _, trace  in
-            speakNowTrace.lockedValue = trace
+            speakNowTrace = trace
            return false
        }, witness: { _, trace in
-            witnessTrace.lockedValue = trace
+            witnessTrace = trace
        })
        let agent = Agent(storeList: list, witness: witness)
        await agent.handle(reader: stubReader, writer: stubWriter)
-        #expect(witnessTrace.lockedValue == speakNowTrace.lockedValue)
-        #expect(witnessTrace.lockedValue?.origin.displayName == "Finder")
-        #expect(witnessTrace.lockedValue?.origin.validSignature == true)
-        #expect(witnessTrace.lockedValue?.origin.parentPID == 1)
+        #expect(witnessTrace == speakNowTrace)
+        #expect(witnessTrace.origin.displayName == "Finder")
+        #expect(witnessTrace.origin.validSignature == true)
+        #expect(witnessTrace.origin.parentPID == 1)
    }

    // MARK: Exception Handling
--- a/Sources/Packages/Tests/SecretAgentKitTests/StubWitness.swift
+++ b/Sources/Packages/Tests/SecretAgentKitTests/StubWitness.swift
@@ -3,8 +3,8 @@ import SecretAgentKit

 struct StubWitness {

-    let speakNow: @Sendable (AnySecret, SigningRequestProvenance) -> Bool
-    let witness: @Sendable (AnySecret, SigningRequestProvenance) -> ()
+    let speakNow: (AnySecret, SigningRequestProvenance) -> Bool
+    let witness: (AnySecret, SigningRequestProvenance) -> ()

 }

--- a/Sources/SecretAgent/Notifier.swift
+++ b/Sources/SecretAgent/Notifier.swift
@@ -4,7 +4,7 @@ import AppKit
 import SecretKit
 import SecretAgentKit
 import Brief
-import os
+import Synchronization

 final class Notifier: Sendable {

@@ -84,10 +84,10 @@ final class Notifier: Sendable {
        try? await notificationCenter.add(request)
    }

-    func notify(update: Release, ignore: (@Sendable (Release) -> Void)?) {
+    func notify(update: Release, ignore: ((Release) -> Void)?) {
        notificationDelegate.state.withLock { [update] state in
            state.release = update
-            state.ignore = ignore
+//            state.ignore = ignore
        }
        let notificationCenter = UNUserNotificationCenter.current()
        let notificationContent = UNMutableNotificationContent()
@@ -141,7 +141,7 @@ extension Notifier {
 final class NotificationDelegate: NSObject, UNUserNotificationCenterDelegate, Sendable {

    struct State {
-        typealias PersistAuthentication = (@Sendable (AnySecret, AnySecretStore, TimeInterval?) async -> Void)
+        typealias PersistAuthentication = ((AnySecret, AnySecretStore, TimeInterval?) async -> Void)
        typealias Ignore = ((Release) -> Void)
        fileprivate var release: Release?
        fileprivate var ignore: Ignore?
@@ -151,7 +151,7 @@ final class NotificationDelegate: NSObject, UNUserNotificationCenterDelegate, Se
        fileprivate var pendingPersistableSecrets: [String: AnySecret] = [:]
    }
    
-    fileprivate let state: OSAllocatedUnfairLock<State> = .init(uncheckedState: .init())
+    fileprivate let state: Mutex<State> = .init(.init())
    
    func userNotificationCenter(_ center: UNUserNotificationCenter, openSettingsFor notification: UNNotification?) {

@@ -170,10 +170,9 @@ final class NotificationDelegate: NSObject, UNUserNotificationCenterDelegate, Se
    }

    func handleUpdateResponse(response: UNNotificationResponse) {
-        let id = response.actionIdentifier
        state.withLock { state in
            guard let update = state.release else { return }
-            switch id {
+            switch response.actionIdentifier {
            case Notifier.Constants.updateActionIdentitifier, UNNotificationDefaultActionIdentifier:
                NSWorkspace.shared.open(update.html_url)
            case Notifier.Constants.ignoreActionIdentitifier:
@@ -185,21 +184,15 @@ final class NotificationDelegate: NSObject, UNUserNotificationCenterDelegate, Se
    }

    func handlePersistAuthenticationResponse(response: UNNotificationResponse) async {
-        guard let secretID = response.notification.request.content.userInfo[Notifier.Constants.persistSecretIDKey] as? String,
-              let storeID = response.notification.request.content.userInfo[Notifier.Constants.persistStoreIDKey] as? String else {
-            return
-        }
-        let id = response.actionIdentifier
-              
-        let (secret, store, persistOptions, callback): (AnySecret?, AnySecretStore?, TimeInterval?, State.PersistAuthentication?) = state.withLock { state in
-            guard let secret = state.pendingPersistableSecrets[secretID],
-                let store = state.pendingPersistableStores[storeID]
-            else { return (nil, nil, nil, nil) }
-            state.pendingPersistableSecrets[secretID] = nil
-            return (secret, store, state.persistOptions[id], state.persistAuthentication)
-        }
-        guard let secret, let store, let persistOptions else { return }
-        await callback?(secret, store, persistOptions)
+//        let (secret, store, persistOptions, callback): (AnySecret?, AnySecretStore?, TimeInterval?, State.PersistAuthentication?) = state.withLock { state in
+//            guard let secretID = response.notification.request.content.userInfo[Notifier.Constants.persistSecretIDKey] as? String, let secret = state.pendingPersistableSecrets[secretID],
+//                  let storeID = response.notification.request.content.userInfo[Notifier.Constants.persistStoreIDKey] as? String, let store = state.pendingPersistableStores[storeID]
+//            else { return (nil, nil, nil, nil) }
+//            state.pendingPersistableSecrets[secretID] = nil
+//            return (secret, store, state.persistOptions[response.actionIdentifier], state.persistAuthentication)
+//        }
+//        guard let secret, let store, let persistOptions else { return }
+//        await callback?(secret, store, persistOptions)
    }

    
--- a/Sources/Secretive.xcodeproj/project.pbxproj
+++ b/Sources/Secretive.xcodeproj/project.pbxproj
@@ -646,7 +646,6 @@
 					"$(inherited)",
 					"@executable_path/../Frameworks",
 				);
-				MACOSX_DEPLOYMENT_TARGET = 14.0;
 				MARKETING_VERSION = 1;
 				PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.Host;
 				PRODUCT_NAME = "$(TARGET_NAME)";
@@ -676,7 +675,6 @@
 					"$(inherited)",
 					"@executable_path/../Frameworks",
 				);
-				MACOSX_DEPLOYMENT_TARGET = 14.0;
 				MARKETING_VERSION = 1;
 				PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.Host;
 				PRODUCT_NAME = "$(TARGET_NAME)";
@@ -775,7 +773,6 @@
 					"$(inherited)",
 					"@executable_path/../Frameworks",
 				);
-				MACOSX_DEPLOYMENT_TARGET = 14.0;
 				MARKETING_VERSION = 1;
 				PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.Host;
 				PRODUCT_NAME = "$(TARGET_NAME)";
@@ -799,7 +796,6 @@
 					"$(inherited)",
 					"@executable_path/../Frameworks",
 				);
-				MACOSX_DEPLOYMENT_TARGET = 14.0;
 				MARKETING_VERSION = 1;
 				PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretAgent;
 				PRODUCT_NAME = "$(TARGET_NAME)";
@@ -825,7 +821,6 @@
 					"$(inherited)",
 					"@executable_path/../Frameworks",
 				);
-				MACOSX_DEPLOYMENT_TARGET = 14.0;
 				MARKETING_VERSION = 1;
 				PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretAgent;
 				PRODUCT_NAME = "$(TARGET_NAME)";
@@ -852,7 +847,6 @@
 					"$(inherited)",
 					"@executable_path/../Frameworks",
 				);
-				MACOSX_DEPLOYMENT_TARGET = 14.0;
 				MARKETING_VERSION = 1;
 				PRODUCT_BUNDLE_IDENTIFIER = com.maxgoedjen.Secretive.SecretAgent;
 				PRODUCT_NAME = "$(TARGET_NAME)";
--- a/Content/PreviewUpdater.swift
+++ b/Content/PreviewUpdater.swift
@@ -1,25 +1,32 @@
 import Foundation
-import os
+import Synchronization
 import Observation
 import Brief

@Observable class PreviewUpdater: UpdaterProtocol {

    var update: Release? {
-        _update.lockedValue
+        _update.withLock { $0 }
    }
-    let _update: OSAllocatedUnfairLock<Release?> = .init(uncheckedState: nil)
+    let _update: Mutex<Release?> = .init(nil)

    let testBuild = false

    init(update: Update = .none) {
        switch update {
        case .none:
-            _update.lockedValue = nil
+            _update.withLock {
+                $0 = nil
+            }
        case .advisory:
-            _update.lockedValue = Release(name: "10.10.10", prerelease: false, html_url: URL(string: "https://example.com")!, body: "Some regular update")
+            _update.withLock {
+                $0 = Release(name: "10.10.10", prerelease: false, html_url: URL(string: "https://example.com")!, body: "Some regular update")
+            }
        case .critical:
-            _update.lockedValue = Release(name: "10.10.10", prerelease: false, html_url: URL(string: "https://example.com")!, body: "Critical Security Update")
+            _update.withLock {
+                $0 = Release(name: "10.10.10", prerelease: false, html_url: URL(string: "https://example.com")!, body: "Critical Security Update")
+
+            }
        }
    }

--- a/Sources/Secretive/Views/ContentView.swift
+++ b/Sources/Secretive/Views/ContentView.swift
@@ -44,9 +44,14 @@ struct ContentView: View {

 extension ContentView {

-
-    func toolbarItem(_ view: some View, id: String) -> ToolbarItem<String, some View> {
-        ToolbarItem(id: id) { view }
+    @ToolbarContentBuilder
+    func toolbarItem(_ view: some View, id: String) -> some ToolbarContent {
+        if #available(macOS 26.0, *) {
+            ToolbarItem(id: id) { view }
+                .sharedBackgroundVisibility(.hidden)
+        } else {
+            ToolbarItem(id: id) { view }
+        }
    }

    var needsSetup: Bool {
--- a/Sources/Secretive/Views/SetupView.swift
+++ b/Sources/Secretive/Views/SetupView.swift
@@ -2,124 +2,6 @@ import SwiftUI

 struct SetupView: View {

-    @Binding var visible: Bool
-    @Binding var setupComplete: Bool
-    
-    @State var installed = false
-    @State var updates = false
-    @State var sshConfig = false
-
-    var body: some View {
-        VStack(spacing: 0) {
-            NewStepView(title: "setup_agent_title", description: "setup_agent_description") {
-                OnboardingButton("setup_agent_install_button", installed) {
-                    Task {
-                        await LaunchAgentController().install()
-                        installed = true
-                    }
-                }
-            }
-            Divider()
-            NewStepView(title: "setup_updates_title", description: "setup_updates_description") {
-                OnboardingButton("setup_updates_ok", false) {
-                    Task {
-                        updates = true
-                    }
-                }
-            }
-            Divider()
-            NewStepView(title: "setup_ssh_title", description: "setup_ssh_description") {
-                HStack {
-                    OnboardingButton("setup_ssh_added_manually_button", false) {
-                        sshConfig = true
-                    }
-                    OnboardingButton("Add Automatically", false) {
-//                        let controller = ShellConfigurationController()
-//                        if controller.addToShell(shellInstructions: selectedShellInstruction) {
-//                        }
-                        sshConfig = true
-                    }
-                }
-            }
-        }
-        .background(.white.opacity(0.1), in: RoundedRectangle(cornerRadius: 10))
-            .frame(minWidth: 500, idealWidth: 500, minHeight: 500, idealHeight: 500)
-            .padding()
-
-    }
-    
-}
-
-struct OnboardingButton: View {
-
-    let label: LocalizedStringResource
-    let complete: Bool
-    let action: () -> Void
-    
-    init(_ label: LocalizedStringResource, _ complete: Bool, action: @escaping () -> Void) {
-        self.label = label
-        self.complete = complete
-        self.action = action
-    }
-    
-    var body: some View {
-        Button(action: action) {
-            HStack(spacing: 6) {
-                Text(label)
-                if complete {
-                    Image(systemName: "checkmark.circle.fill")
-                }
-            }
-            .padding(.vertical, 2)
-        }
-        .disabled(complete)
-        .styled
-    }
-        
-}
-
-extension View {
-    
-    @ViewBuilder
-    var styled: some View {
-        if #available(macOS 26.0, *) {
-            buttonStyle(.glassProminent)
-        } else {
-            buttonStyle(.borderedProminent)
-        }
-    }
-    
-}
-
-struct NewStepView<Content: View>: View {
-    
-    let title: LocalizedStringResource
-    let description: LocalizedStringResource
-    let actions: Content
-    
-    init(title: LocalizedStringResource, description: LocalizedStringResource, actions: () -> Content) {
-        self.title = title
-        self.description = description
-        self.actions = actions()
-    }
-    
-    var body: some View {
-        HStack {
-            VStack(alignment: .leading, spacing: 6) {
-                Text(title)
-                    .bold()
-                Text(description)
-            }
-            Spacer(minLength: 20)
-            actions
-        }
-        .padding(20)
-    }
-    
-}
-
-struct OldSetupView: View {
-
    @State var stepIndex = 0
    @Binding var visible: Bool
    @Binding var setupComplete: Bool
--- a/Sources/Secretive/Views/ToolbarButtonStyle.swift
+++ b/Sources/Secretive/Views/ToolbarButtonStyle.swift
@@ -16,22 +16,42 @@ struct ToolbarButtonStyle: ButtonStyle {
        self.lightColor = lightColor
        self.darkColor = darkColor
    }
+        
+    @available(macOS 26.0, *)
+    private var glassTint: Color {
+        if !hovering {
+            colorScheme == .light ? lightColor : darkColor
+        } else {
+            colorScheme == .light ? lightColor.exposureAdjust(1) : darkColor.exposureAdjust(1)
+        }
+    }

    func makeBody(configuration: Configuration) -> some View {
-        configuration.label
-            .padding(EdgeInsets(top: 6, leading: 8, bottom: 6, trailing: 8))
-            .background(colorScheme == .light ? lightColor : darkColor)
-            .foregroundColor(.white)
-            .clipShape(RoundedRectangle(cornerRadius: 5))
-            .overlay(
-                RoundedRectangle(cornerRadius: 5)
-                    .stroke(colorScheme == .light ? .black.opacity(0.15) : .white.opacity(0.15), lineWidth: 1)
-                    .background(hovering ? (colorScheme == .light ? .black.opacity(0.1) : .white.opacity(0.05)) : Color.clear)
-            )
-            .onHover { hovering in
-                withAnimation {
+        if #available(macOS 26.0, *) {
+            configuration
+                .label
+                .foregroundColor(.white)
+                .padding(EdgeInsets(top: 6, leading: 8, bottom: 6, trailing: 8))
+                .glassEffect(.regular.tint(glassTint), in: .capsule)
+                .onHover { hovering in
                    self.hovering = hovering
                }
-            }
+        } else {
+            configuration
+                .label
+                .background(colorScheme == .light ? lightColor : darkColor)
+                .foregroundColor(.white)
+                .clipShape(RoundedRectangle(cornerRadius: 5))
+                .overlay(
+                    RoundedRectangle(cornerRadius: 5)
+                        .stroke(colorScheme == .light ? .black.opacity(0.15) : .white.opacity(0.15), lineWidth: 1)
+                        .background(hovering ? (colorScheme == .light ? .black.opacity(0.1) : .white.opacity(0.05)) : Color.clear)
+                )
+                .onHover { hovering in
+                    withAnimation {
+                        self.hovering = hovering
+                    }
+                }
+        }
    }
 }