electron-installer-codesign - npm Package Compare versions

Comparing version 0.1.0 to 0.1.1

index.js

@@ -5,15 +5,17 @@ /* eslint no-console:0 */
 var del = require('del');
-var spawn = require('child_process').spawn;
-var exec = require('child_process').exec;
+var run = require('electron-installer-run');
 var glob = require('glob');
 var async = require('async');
-var format = require('util').format;
+var chalk = require('chalk');
+var figures = require('figures');
 var debug = require('debug')('electron-installer-codesign');
 
 function checkAppExists(opts, fn) {
-  debug('checking appPath exists...', opts.appPath);
+  debug('checking appPath `%s` exists...', opts.appPath);
   fs.exists(opts.appPath, function(exists) {
     if (!exists) {
+      debug('appPath `%s` does not exist!', opts.appPath);
       return fn(new Error(opts.appPath + ' does not exist.'));
     }
+    debug('appPath exists');
     fn();
@@ -25,3 +27,6 @@ });
 function cleanup(opts, fn) {
-  del(opts.appPath + '/*.cstemp', fn);
+  debug('running cleanup');
+  del([opts.appPath + '/*.cstemp']).then(function() {
+    fn();
+  });
 }
@@ -38,13 +43,10 @@
   ];
-  var child = spawn('codesign', args);
-  debug('running `codesign %s`', args.join(' '));
-  child.stdout.pipe(process.stdout);
-  child.stderr.pipe(process.stderr);
-  child.on('exit', function(code) {
-    if (code === 0) {
-      return fn(null, src);
+
+  run('codesign', args, function(err) {
+    if (err) {
+      fn(new Error('codesign failed ' + path.basename(src)
+        + '. See output above for more details.'));
+      return;
     }
-    console.error('codesign failed on `%s`', path.basename(src));
-    return fn(new Error('codesign failed ' + path.basename(src)
-      + '. See output above for more details.'));
+    fn(null, src);
   });
@@ -78,17 +80,42 @@ }
 
-function verify(src, cb) {
+function verify(src, fn) {
   debug('verifying signature on `%s`...', src);
-  var cmd = format('codesign --verify -vvv "%s"', src);
-  exec(cmd, function(err, stdout, stderr) {
+
+  var args = [
+    '--verify',
+    '-vvv',
+    src
+  ];
+  run('codesign', args, function(err) {
     if (err) {
-      console.error('codesign --verify failed on `%s`', src, err);
-      console.error('  cmd: %s', cmd);
-      console.error('  stdout: %s', stdout);
-      console.error('  stderr: %s', stderr);
-      return cb(err);
+      return fn(err);
     }
-    cb(null, src);
+    fn(null, src);
   });
 }
 
+/**
+ * @param {String} commonName
+ * @param {Function} fn - Callback.
+ */
+function isIdentityAvailable(commonName, fn) {
+  run('certtool', ['y'], function(err, output) {
+    if (err) {
+      debug('Failed to list certificates.');
+      fn(null, false);
+      return;
+    }
+    if (output.indexOf(commonName) === -1) {
+      debug('Signing identity `%s` not detected.',
+        commonName);
+      fn(null, false);
+      return;
+    }
+
+    debug('The signing identity `%s` is available!', commonName);
+
+    fn(null, true);
+  });
+}
+
 module.exports = function(opts, done) {
@@ -104,1 +131,28 @@ async.series([
 };
+
+module.exports.isIdentityAvailable = isIdentityAvailable;
+module.exports.codesign = codesign;
+module.exports.verify = verify;
+
+module.exports.printWarning = function() {
+  console.error(chalk.yellow.bold(figures.warning),
+    ' User confusion ahead!');
+
+  console.error(chalk.gray(
+    '  The default preferences for OSX Gatekeeper will not',
+    'allow users to run unsigned applications.'));
+
+  console.error(chalk.gray(
+    '  However, we\'re going to continue building',
+    'the app and an installer because you\'re most likely'));
+
+  console.error(chalk.gray(
+    '  a developer trying to test',
+    'the app\'s installation process.'));
+
+  console.error(chalk.gray(
+    '  For more information on OSX Gatekeeper and how to change your',
+    'system preferences to run unsigned applications,'));
+  console.error(chalk.gray('  please see',
+    'https://support.apple.com/en-us/HT202491'));
+};

package.json

 {
   "name": "electron-installer-codesign",
   "description": "Sign your electron apps on OSX.",
-  "version": "0.1.0",
+  "version": "0.1.1",
   "author": "Lucas Hrabovsky <lucas@mongodb.com> (http://imlucas.com)",
@@ -25,4 +25,7 @@ "homepage": "http://github.com/mongodb-js/electron-installer-codesign",
     "async": "^1.5.0",
+    "chalk": "^1.1.1",
     "debug": "^2.2.0",
     "del": "^2.1.0",
+    "electron-installer-run": "^0.1.0",
+    "figures": "^1.4.0",
     "glob": "^6.0.1",
@@ -29,0 +32,0 @@ "minimist": "^1.2.0"

Fixed alerts

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

19052

increased by6.88%

Lines of code

166

increased by34.96%

Number of medium supply chain risk alerts

0

decreased by-100%

Worsened metrics

Dependency count

8

increased by60%

Dependency changes

• + Addedchalk@^1.1.1

• + Addedelectron-installer-run@^0.1.0

• + Addedfigures@^1.4.0

• + Addedansi-regex@2.1.1(transitive)

• + Addedansi-styles@2.2.1(transitive)

• + Addedchalk@1.1.3(transitive)

• + Addedelectron-installer-run@0.1.2(transitive)

• + Addedescape-string-regexp@1.0.5(transitive)

• + Addedfigures@1.7.0(transitive)

• + Addedhas-ansi@2.0.0(transitive)

• + Addedisexe@2.0.0(transitive)

• + Addedstrip-ansi@3.0.1(transitive)

• + Addedsupports-color@2.0.0(transitive)

• + Addedwhich@1.3.1(transitive)