[Snyk] Upgrade electron-osx-sign from 0.3.2 to 0.4.15

[snyk-bot]

Snyk has created this PR to upgrade electron-osx-sign from 0.3.2 to 0.4.15.

✨What is Merge Advice?

We check thousands of dependency upgrade pull requests and CI tests every day to see which upgrades were successfully merged. After crunching this data, we give a recommendation on how safe we think the change is for you to merge without causing issues. Learn more, and share your feedback to help improve this feature. 🙏

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 19 versions ahead of your current version.
• The recommended version was released 5 months ago, on 2019-11-27.

Release notes

Package name: electron-osx-sign

• 0.4.15 - 2019-11-27
• 0.4.14 - 2019-09-26
• 0.4.13 - 2019-09-10
• 0.4.12 - 2019-07-26
  

  Release 0.4.12

• 0.4.11 - 2018-10-23
  

  This is a minor patch introducing support for the hardened runtime (introduced in Mojave), with a plist dependency security update.

  Added:

  • --hardened-runtime option to pass to codesign enabling hardened runtime (#176).

  Security:

  • Fix plist dependency vulnerability (#175).
• 0.4.10 - 2018-03-07
  

  Due to a release issue with v0.4.9 on npm (#165), please use v0.4.10 instead though there being no activity on the repo.

• 0.4.8 - 2018-01-16
  

  This is a minor patch that adds support to adjust --strict option passed to codesign on macOS ^10.11.

  Added:

  • --strict-verify, --strict-verify=options, --no-strict-verify options to pass to codesign (issue #161).

  Fixed:

  • Avoid false-positive when existing com.apple.security.application-groups in entitlements is string (#161).
• 0.4.7 - 2017-08-06
  

  This is a minor patch that introduces passing ignore options as an array (#142) and few other changes.

  Changes:

  • electron-osx-sign version is now displayed in the debug log at the beginning of the procedure (#143).
  • tempfile dependency is removed (#146).

  Added:

  • opts.ignore now supports an array of previously available ignore options like electron-packager (#142).
• 0.4.6 - 2017-06-02
  

  This is a minor patch fixing an issue resulted from using identity hash for codesigning (#135/#136).

• 0.4.5 - 2017-05-21
  

  This update deprecates electron-osx-flat due to packages like electron-builder having supported better package building tools. It also introduces codesigning with explicit SHA-1 hashed certs (#132, #134) that resolves a minor issue in codesign encountering segmentation fault as discussed here.

  Added:

  • --timestamp=timestamp option to pass timestamp authority server to codesign (#133).
• 0.4.4 - 2017-03-01
  

  Minor changes.

• 0.4.3 - 2017-01-19
  

  This release introduces minor updates with signing verification that do not affect performance in macOS El Capitan and above and enhance compatibility with earlier system versions.

  Fixed:

  • --strict flag only passed in macOS El Capitan and above.
• 0.4.2 - 2016-12-20
• 0.4.1 - 2016-11-01
• 0.4.0 - 2016-11-01
• 0.4.0-beta4 - 2016-06-01
• 0.4.0-beta3 - 2016-06-01
• 0.4.0-beta2 - 2016-06-01
• 0.4.0-beta - 2016-06-01
• 0.3.2 - 2016-09-17

from electron-osx-sign GitHub release notes

Commit messages

Package name: electron-osx-sign

• 7d080dd Release 0.4.15
• bae6f58 Merge pull request #216 from outofambit/fix/hardened-runtime-opt-type
• 8157085 Merge branch 'master' into fix/hardened-runtime-opt-type
• 4a47bba Merge pull request #215 from JohnTendik/add-keychain-for-decoding-profileprovision
• f8aadaa Merge pull request #214 from ffflorian/fix/identity-validation
• dfa8827 fix: Add identity-validation to FlatOptions types
• 5e62e06 Merge pull request #213 from ffflorian/fix/npmignore
• 24f413e add ts type for hardenedRuntime option
• a3573ab fix test issues
• 4b3dc51 added keychain arg to GetProvisioningProfileAsync
• faee80c fix: Don't publish test files
• 912ca2c Merge pull request #208 from netop/master
• 927256e lint: fixed spacing issue
• 9feb1c1 doc: small spelling update
• 1a53bc4 feat: adding signature-size option
• ebc478e Release 0.4.14
• 0acea42 chore: Format text
• 92c0086 Merge pull request #205 from shiqi/sy-flags
• d7514d0 review feedback
• aba7b48 review feedback
• a0d0a4a adding signature-flags
• a54325a Release 0.4.13
• c012137 Merge pull request #204 from electron/update-test-doc
• 17b3bf1 A bit more precise about which versions are tested

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}