Deep signing equivalent? #240
Comments
|
Would it make sense to simply run it this way, to get every included binary?
|
|
Note that this doesn't seem to work because escaping spaces or quoting filenames when doing shell expansion this way isn't picked up by |
|
I noticed there was an open PR #231 that hasn't been merged yet, but this was somewhat impacting to my build pipeline...especially since the newest version of Mac requires a hardened runtime now. I got around this by creating a hook that deep signs the finished .app after it's been packaged. You'd just need to change the app name in the const { exec } = require('child_process');
const config = {
hooks: {
postPackage: (forgeConfig, options) => {
if (process.platform == "darwin") {
let appPath = path.resolve(options.outputPaths[0], 'CHANGEME.app');
console.log(`Signing App: ${appPath}`);
exec(`codesign --force --deep --sign - ${appPath}`,
(err, stdout, stderr) => {
if (err) {
console.log(`ERROR: ${err}`);
}
if (stdout) {
console.log(stdout);
}
if (stderr) {
console.log(stderr);
}
});
}
}
},
} |
|
Hello, is there any progress on this issue? I can't move forward when I encounter this problem at present. |
|
🎉 This issue has been resolved in version 1.3.0 🎉 The release is available on: Your semantic-release bot 📦🚀 |
and others
Hi,
Is there a way to run
electron-osx-signwith the equivalent of the--deepflag from Apple's owncodesigntool, so that it will recursively walk directories and sign included binaries? I have some Pyinstaller-bundled dependencies of my Electron app that work fine on Windows and Linux and under earlier versions of macOS, but I'm having trouble working out a way of signing them with the available Electron tooling without having to package an app bundle within an app bundle, which won't pass notarization, or expand a list of every.dyliband.soin the bundle...Thanks!
The text was updated successfully, but these errors were encountered: