getFilePathIfBinarySync should not rely on filename and extname

[AliasT]

electron-builder/packages/app-builder-lib/electron-osx-sign/util.js

Lines 143 to 162 in 71d3704

	const getFilePathIfBinarySync = module.exports.getFilePathIfBinarySync = function (filePath) {
	const forceAllowedExts = [
	'.dylib', // Dynamic library
	'.node' // Native node addon
	]
	const name = path.basename(filePath)
	const ext = path.extname(filePath)
	// Sometimes .node is the base name, not as a file extension
	// https://github.com/electron/electron-osx-sign/pull/169
	if (forceAllowedExts.includes(ext) || forceAllowedExts.includes(name)) {
	return filePath
	}
	// Still consider the file as binary if extension is empty or seems invalid
	// https://github.com/electron-userland/electron-builder/issues/5465
	if ((ext === '' || ext.indexOf(' ') >= 0) && name[0] !== '.') {
	return isBinaryFile(filePath) ? filePath : undefined
	}
	return undefined
	}

I was trying to embed a python into an electron app. getFilePathIfBinarySync simply checked the files with blank extname, but files like python/bin/python3.7 was ignored by the sign process. Also the .so and .a files.

These files should be included automatically.

[mmaietta]

Hi there!
Would you be willing to open a PR for adding python, .so, and .a files to forceAllowedExts? And also any other files ext you think are mandatory for signing?

For the interim, there's a binaries arg that accepts a list of paths of files you want to force-sign.

electron-builder/packages/app-builder-lib/electron-osx-sign/sign.js

Lines 135 to 141 in 71d3704

	if (opts.binaries) {
	// Accept absolute paths for external binaries, else resolve relative paths from the artifact's app Contents path.
	const userDefinedBinaries = opts.binaries.map(function (destination) { return fs.existsSync(destination) ? destination : path.resolve(appContentsPath, destination)})
	// Insert at front to prioritize signing. We still sort by depth next
	childPaths = userDefinedBinaries.concat(childPaths)
	debuglog('Signing addtional user-defined binaries: ' + JSON.stringify(userDefinedBinaries, null, 1))
	}

[AliasT]

I think isBinaryFile should do most of the work.

- if ((ext === '' || ext.indexOf(' ') >= 0) && name[0] !== '.') { 
    return isBinaryFile(filePath) ? filePath : undefined 
- } 

btw: opts.binaries does not support regex currently.

[mmaietta]

Interesting, electron-osx-sign upstream has the code you suggest
https://github.com/electron/electron-osx-sign/blob/master/util.js#L157-L162

@develar was there a reason why we manually copied electron-osx-sign into the repo? Curious if we can return back to upstream

[AliasT]

#4656 (comment)
#5190 (comment)
electron/osx-sign#169

I modified the code metioned above inside node_modules as workaround without extra work. 🤒