New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
applesign - npm Package Compare versions
Comparing version 4.2.0 to 4.2.1
@@ -12,2 +12,3 @@ 'use strict'; | ||
| const MH_BUNDLE = 8; | ||
| const CSSLOT_CODEDIRECTORY = 0; | ||
@@ -173,9 +174,46 @@ function isMacho (filePath) { | ||
| function getIdentifier (path) { | ||
| const data = fs.readFileSync(path); | ||
| const bin = parseMacho(data); | ||
| for (const cmd of bin.cmds) { | ||
| if (cmd.type === 'code_signature') { | ||
| return parseIdentifier(data.slice(cmd.dataoff)); | ||
| } | ||
| } | ||
| function parseIdentifier (data) { | ||
| const count = data.readUInt32BE(8); | ||
| for (let i = 0; i < count; i++) { | ||
| const base = 8 * i; | ||
| const type = data.readUInt32BE(base + 12); | ||
| const blob = data.readUInt32BE(base + 16); | ||
| if (type === CSSLOT_CODEDIRECTORY) { | ||
| const size = data.readUInt32BE(blob + 4); | ||
| const directory = data.slice(blob + 8, blob + size); | ||
| const identOffset = directory.readUInt32BE(12); | ||
| const identifier = []; | ||
| let cursor = identOffset; | ||
| while (cursor < size) { | ||
| const charCode = data.readUInt8(blob + cursor); | ||
| if (charCode === 0) { | ||
| break; | ||
| } | ||
| identifier.push(String.fromCharCode(charCode)); | ||
| cursor++; | ||
| } | ||
| return identifier.join(''); | ||
| } | ||
| } | ||
| return null; | ||
| } | ||
| } | ||
| module.exports = { | ||
| entitlements: entitlements, | ||
| isMacho: isMacho, | ||
| isBitcode: isBitcode, | ||
| isEncrypted: isEncrypted, | ||
| isTruncated: isTruncated, | ||
| enumerateLibraries: enumerateLibraries | ||
| entitlements, | ||
| isMacho, | ||
| isBitcode, | ||
| isEncrypted, | ||
| isTruncated, | ||
| enumerateLibraries, | ||
| getIdentifier | ||
| }; |
@@ -12,2 +12,3 @@ 'use strict'; | ||
| const rimraf = require('rimraf'); | ||
| const bin = require('./bin'); | ||
@@ -139,4 +140,4 @@ let use7zip = false; | ||
| } | ||
| const identifier = await getIdentifier(file); | ||
| if (identifier !== undefined) { | ||
| const identifier = bin.getIdentifier(file); | ||
| if (identifier !== null && identifier !== '') { | ||
| args.push('-I' + identifier); | ||
@@ -148,13 +149,2 @@ } | ||
| async function getIdentifier (file) { | ||
| const res = await execProgram(getTool('codesign'), ['-dv', file], null); | ||
| const lines = res.stderr.split('\n'); | ||
| for (const line of lines) { | ||
| const splt = line.split('Identifier='); | ||
| if (splt.length === 2) { | ||
| return splt[1]; | ||
| } | ||
| } | ||
| } | ||
| async function verifyCodesign (file, keychain, cb) { | ||
@@ -161,0 +151,0 @@ const args = ['-v', '--no-strict']; |
@@ -98,3 +98,3 @@ { | ||
| "name": "applesign", | ||
| "version": "4.2.0" | ||
| "version": "4.2.1" | ||
| } |
No alert changes
Improved metrics
- Total package byte prevSize
- increased by0.83%
96232
- Lines of code
- increased by1.12%
2438
No dependency changes