electron-osx-sign - npm Package Compare versions

Comparing version 0.4.16 to 0.4.17

bin/electron-osx-sign-usage.txt

@@ -24,2 +24,6 @@
 
+  --entitlements-loginhelper=file
+    Path to login helper entitlement file. When using App Sandbox, the inherited entitlement should not be used since this is a standalone executable.
+    This option only applies when signing with entitlements.
+
   --gatekeeper-assess, --no-gatekeeper-assess
@@ -26,0 +30,0 @@ Flag to enable/disable Gatekeeper assessment after signing the app. Disabling it is useful for signing with self-signed certificates.

index.d.ts

@@ -13,2 +13,3 @@ declare module "electron-osx-sign" {
     'entitlements-inherit'?: string;
+    'entitlements-loginhelper'?: string;
     'gatekeeper-assess'?: boolean;
@@ -15,0 +16,0 @@ hardenedRuntime?: boolean;

package.json

 {
   "name": "electron-osx-sign",
-  "version": "0.4.16",
+  "version": "0.4.17",
   "description": "Codesign Electron macOS apps",
@@ -5,0 +5,0 @@ "main": "index.js",

README.md

@@ -165,2 +165,7 @@ # electron-osx-sign [![npm][npm_img]][npm_url] [![Build Status][circleci_img]][circleci_url]
 
+`entitlements-loginhelper` - *String*
+
+Path to login helper entitlement file. When using App Sandbox, the inherited entitlement should not be used since this is a standalone executable. *This option only applies when signing with entitlements.*
+Default to the same entitlements file used for signing the app bundle.
+
 `gatekeeper-assess` - *Boolean*
@@ -396,6 +401,6 @@
 
-> electron-osx-sign@0.4.15 pretest electron-osx-sign
+> electron-osx-sign@0.4.17 pretest electron-osx-sign
 > rimraf test/work
 
-> electron-osx-sign@0.4.15 test electron-osx-sign
+> electron-osx-sign@0.4.17 test electron-osx-sign
 > standard && tape test
@@ -402,0 +407,0 @@

sign.js

@@ -219,3 +219,9 @@ /**
           debuglog('Signing... ' + filePath)
-          return execFileAsync('codesign', args.concat('--entitlements', opts['entitlements-inherit'], filePath))
+
+          let entitlementsFile = opts['entitlements-inherit']
+          if (filePath.includes('Library/LoginItems')) {
+            entitlementsFile = opts['entitlements-loginhelper']
+          }
+
+          return execFileAsync('codesign', args.concat('--entitlements', entitlementsFile, filePath))
         })
@@ -341,5 +347,6 @@ .then(function () {
           debugwarn('No `entitlements-inherit` passed in arguments:', '\n',
-            '* Sandbox entitlements file for enclosing app files is default to:', filePath)
+            '* Sandbox entitlements file for enclosed app files is default to:', filePath)
           opts['entitlements-inherit'] = filePath
         }
+        // The default value for opts['entitlements-file'] will be processed later
       } else {
@@ -351,3 +358,3 @@ // Not necessary to have entitlements for non Mac App Store distribution
         } else {
-          // If entitlements is provided as a flag, fallback to default
+          // If entitlements is provided as a boolean flag, fallback to default
           if (opts.entitlements === true) {
@@ -357,3 +364,3 @@ filePath = path.join(__dirname, 'default.entitlements.darwin.plist')
               '* Provide `entitlements` to specify entitlements file for codesign.', '\n',
-              '* Sandbox entitlements file for enclosing app files is default to:', filePath)
+              '* Entitlements file is default to:', filePath)
             opts.entitlements = filePath
@@ -364,5 +371,6 @@ }
             debugwarn('No `entitlements-inherit` passed in arguments:', '\n',
-              '* Sandbox entitlements file for enclosing app files is default to:', filePath)
+              '* Entitlements file for enclosed app files is default to:', filePath)
             opts['entitlements-inherit'] = filePath
           }
+          // The default value for opts['entitlements-file'] will be processed later
         }
@@ -395,2 +403,16 @@ }
 
+      // preAutoEntitlements may update opts.entitlements,
+      // so we wait after it's done before giving opts['entitlements-loginhelper'] its default value
+      preSignOperations.push(function (opts) {
+        if (opts.entitlements) {
+          if (!opts['entitlements-loginhelper']) {
+            // Default to App Sandbox enabled
+            const filePath = opts.entitlements
+            debugwarn('No `entitlements-loginhelper` passed in arguments:', '\n',
+              '* Entitlements file for login helper is default to:', filePath)
+            opts['entitlements-loginhelper'] = filePath
+          }
+        }
+      })
+
       return Promise.mapSeries(preSignOperations, function (preSignOperation) {
@@ -406,2 +428,3 @@ return preSignOperation(opts)
         '> Child entitlements:', opts['entitlements-inherit'], '\n',
+        '> Login helper entitlements:', opts['entitlements-loginhelper'], '\n',
         '> Additional binaries:', opts.binaries, '\n',
@@ -408,0 +431,0 @@ '> Identity:', opts.identity)

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

72594

increased by2.31%

Lines of code

1243

increased by1.72%

Number of lines in readme file

453

increased by1.12%

No dependency changes