electron-osx-sign - npm Package Compare versions

6

bin/electron-osx-sign-usage.txt

		@@ -24,2 +24,6 @@

		--gatekeeper-assess, --no-gatekeeper-assess
		Flag to enable Gatekeeper assessment after signing the app. Disabling it is useful for signing with self-signed certificates.
		Gatekeeper assessment is enabled by default on ``darwin'' platform.

		--help
		@@ -50,3 +54,3 @@ Flag to display all commands.

		--provisioning-profile
		--provisioning-profile=file
		Path to provisioning profile.
		@@ -53,0 +57,0 @@

6

bin/electron-osx-sign.js

		@@ -9,7 +9,9 @@ #!/usr/bin/env node
		'pre-auto-entitlements',
		'pre-embed-provisioning-profile'
		'pre-embed-provisioning-profile',
		'gatekeeper-assess'
		],
		'default': {
		'pre-auto-entitlements': true,
		'pre-embed-provisioning-profile': true
		'pre-embed-provisioning-profile': true,
		'gatekeeper-assess': true
		}
		@@ -16,0 +18,0 @@ })

28

flat.js

		@@ -14,3 +14,2 @@ /**
		const debugwarn = util.debugwarn
		const debugerror = util.debugerror
		const execFileAsync = util.execFileAsync
		@@ -139,19 +138,14 @@ const validateOptsAppAsync = util.validateOptsAppAsync
		module.exports.flat = function (opts, cb) {
		// Default callback function if none provided
		if (!cb) {
		cb = function (err) {
		if (err) {
		debugerror('Flat failed:')
		if (err.message) debugerror(err.message)
		else if (err.stack) debugerror(err.stack)
		else debugerror(err)
		return
		}
		flatAsync(opts)
		.then(function () {
		debuglog('Application flattened, saved to: ' + opts.app)
		}
		}

		flatAsync(opts)
		.then(cb)
		.catch(cb)
		if (cb) cb()
		})
		.catch(function (err) {
		debuglog('Flat failed:')
		if (err.message) debuglog(err.message)
		else if (err.stack) debuglog(err.stack)
		else debuglog(err)
		if (cb) cb(err)
		})
		}

12

index.d.ts

		@@ -6,3 +6,2 @@ interface BaseSignOptions {
		keychain?: string;
		version?: string;
		}
		@@ -14,2 +13,10 @@
		'entitlements-inherit'?: string;
		'gatekeeper-assess'?: boolean;
		ignore?: string;
		'pre-auto-entitlements'?: boolean;
		'pre-embed-provisioning-profile'?: boolean;
		'provisioning-profile'?: string;
		'requirements'?: string;
		'type'?: string;
		version?: string;
		}
		@@ -21,4 +28,5 @@
		interface FlatOptions extends BaseSignOptions {
		install?: string;
		pkg?: string;
		install?: string;
		scripts?: string;
		}
		@@ -25,0 +33,0 @@

23

package.json

		{
		"name": "electron-osx-sign",
		"version": "0.4.1",
		"version": "0.4.2",
		"description": "Codesign Electron macOS apps",
		@@ -21,21 +21,21 @@ "main": "index.js",
		"dependencies": {
		"bluebird": "^3.3.5",
		"bluebird": "^3.4.6",
		"compare-version": "^0.1.2",
		"debug": "^2.2.0",
		"isbinaryfile": "^3.0.0",
		"debug": "^2.3.2",
		"isbinaryfile": "^3.0.1",
		"minimist": "^1.2.0",
		"plist": "^1.2.0",
		"plist": "^2.0.1",
		"tempfile": "^1.1.1"
		},
		"devDependencies": {
		"electron-download": "^2.1.2",
		"eslint": "^2.11.1",
		"electron-download": "^3.0.1",
		"eslint": "^3.10.0",
		"eslint-config-eslint": "^3.0.0",
		"extract-zip": "^1.5.0",
		"mkdirp": "^0.5.1",
		"rimraf": "^2.5.2",
		"rimraf": "^2.5.4",
		"run-series": "^1.1.4",
		"run-waterfall": "^1.1.3",
		"standard": "^7.0.1",
		"tape": "^4.5.1"
		"standard": "^8.5.0",
		"tape": "^4.6.2"
		},
		@@ -51,3 +51,6 @@ "scripts": {
		]
		},
		"engines": {
		"node": ">=0.4.0"
		}
		}

32

README.md

		@@ -52,11 +52,29 @@ # electron-osx-sign [![npm][npm_img]][npm_url] [![Build Status][travis_img]][travis_url]
		```sh
		# To sign distribution version
		electron-osx-sign path/to/my.app
		```

		The script above being sufficient, it is, however, recommended to make use of `opts.version` while signing for example:
		```sh
		# To sign development version
		electron-osx-sign path/to/my.app --type=development
		```

		```sh
		electron-osx-sign path/to/my.app --version=1.2.0
		# It is recommended to place the provisioning profile(s) under the current working directory for electron-osx-sign to pick up automatically; and to specify provisioning profile to be embedded explicitly
		electron-osx-sign path/to/my.app --provisioning-profile=path/to/my.provisioningprofile
		```

		```sh
		# To specify the entitlements file (.plist)
		electron-osx-sign path/to/my.app --entitlements=path/to/my.entitlements
		# Or (.entitlements)
		electron-osx-sign path/to/my.app --entitlements=path/to/my-entitlements.plist
		```

		It is recommended to make use of `opts.version` while signing legacy versions, for example:

		```sh
		electron-osx-sign path/to/my.app --version=0.34.0
		```

		Run `electron-osx-sign --help` or see [electron-osx-sign-usage.txt](https://github.com/electron-userland/electron-osx-sign/blob/master/bin/electron-osx-sign-usage.txt) for CLI-specific options.
		@@ -137,2 +155,8 @@

		`gatekeeper-assess` - Boolean

		Flag to enable Gatekeeper assessment after signing the app. Disabling it is useful for signing with self-signed certificates.
		Gatekeeper assessment is enabled by default on `darwin` platform.
		Default to `true`.

		`identity` - String
		@@ -329,6 +353,6 @@

		> electron-osx-sign@0.4.1 pretest electron-osx-sign
		> electron-osx-sign@0.4.2 pretest electron-osx-sign
		> rimraf test/work

		> electron-osx-sign@0.4.1 test electron-osx-sign
		> electron-osx-sign@0.4.2 test electron-osx-sign
		> standard && tape test
		@@ -335,0 +359,0 @@

93

sign.js

		@@ -7,7 +7,5 @@ /**

		const child = require('child_process')
		const path = require('path')

		const Promise = require('bluebird')

		const compareVersion = require('compare-version')
		@@ -18,3 +16,2 @@
		const debugwarn = util.debugwarn
		const debugerror = util.debugerror
		const getAppContentsPath = util.getAppContentsPath
		@@ -42,5 +39,5 @@ const execFileAsync = util.execFileAsync
		}
		// TODO: Loop check every binary file for existence, reject promise if any not found
		// TODO: Presence check for binary files, reject if any does not exist
		}
		resolve(undefined)
		resolve()
		})
		@@ -63,3 +60,3 @@ }
		if (opts['provisioning-profile']) {
		if (typeof opts['provisioning-profile'] !== 'string' \|\| !(opts['provisioning-profile'] instanceof ProvisioningProfile)) return Promise.reject(new Error('Path to provisioning profile should be a string or a ProvisioningProfile object.'))
		if (typeof opts['provisioning-profile'] !== 'string' && !(opts['provisioning-profile'] instanceof ProvisioningProfile)) return Promise.reject(new Error('Path to provisioning profile should be a string or a ProvisioningProfile object.'))
		}
		@@ -90,27 +87,19 @@
		// Verify with codesign
		var promise = new Promise(function (resolve, reject) {
		debuglog('Verifying application bundle with codesign...')
		child.execFile('codesign', [
		'--verify',
		'--deep',
		'--strict',
		'--verbose=2',
		opts.app
		], function (err, stdout, stderr) {
		if (err) {
		debugerror(err)
		reject('Failed to verify application bundle. See details in debug log. (electron-osx-sign:error)')
		return
		}
		debuglog('Result:\n' + stderr)
		resolve(undefined)
		})
		})
		var compareVersion = require('compare-version')
		var osRelease = require('os').release()
		debuglog('Verifying application bundle with codesign...')
		var promise = execFileAsync('codesign', [
		'--verify',
		'--deep',
		compareVersion(osRelease, '15.0.0') >= 0 ? '--strict' : '', // Only pass strict flag in El Capitan and later
		'--verbose=2',
		opts.app
		])

		// Additionally test Gatekeeper acceptance for darwin platform
		if (opts.platform === 'darwin') {
		promise = promise.then(function () {
		return new Promise(function (resolve, reject) {
		if (opts.platform === 'darwin' && opts['gatekeeper-assess'] !== false) {
		promise = promise
		.then(function () {
		debuglog('Verifying Gatekeeper acceptance for darwin platform...')
		child.execFile('spctl', [
		return execFileAsync('spctl', [
		'--assess',
		@@ -122,16 +111,8 @@ '--type', 'execute',
		opts.app
		], function (err, stdout, stderr) {
		if (err) {
		debugerror(err)
		reject('Failed to pass Gatekeeper. See details in debug log. (electron-osx-sign:error)')
		return
		}
		debuglog('Result:\n' + stderr)
		resolve(undefined)
		})
		])
		})
		})
		}

		return promise
		.thenReturn()
		}
		@@ -211,2 +192,3 @@
		})

		// Check entitlements if applicable
		@@ -219,4 +201,3 @@ if (opts.entitlements) {
		'--display',
		'--entitlements',
		'-',
		'--entitlements', ':-', // Write to standard output and strip off the blob header
		opts.app
		@@ -226,9 +207,10 @@ ])
		.then(function (result) {
		debuglog('Entitlements (prefixed with blob header):\n' + result)
		debuglog('Entitlements:', '\n',
		result)
		})
		}

		return promise
		})
		})
		.thenReturn(undefined)
		}
		@@ -374,19 +356,14 @@
		module.exports.sign = function (opts, cb) {
		// Default callback function if none provided
		if (!cb) {
		cb = function (err) {
		if (err) {
		debugerror('Sign failed:')
		if (err.message) debugerror(err.message)
		else if (err.stack) debugerror(err.stack)
		else debugerror(err)
		return
		}
		signAsync(opts)
		.then(function () {
		debuglog('Application signed: ' + opts.app)
		}
		}

		signAsync(opts)
		.then(cb)
		.catch(cb)
		if (cb) cb()
		})
		.catch(function (err) {
		debuglog('Sign failed:')
		if (err.message) debuglog(err.message)
		else if (err.stack) debuglog(err.stack)
		else debuglog(err)
		if (cb) cb(err)
		})
		}

8

util-entitlements.js

		@@ -12,5 +12,4 @@ /**

		const debug = require('debug')

		const util = require('./util')
		const debuglog = util.debuglog
		const getAppContentsPath = util.getAppContentsPath
		@@ -27,4 +26,2 @@ const readFileAsync = util.readFileAsync
		module.exports.preAutoEntitlements = function (opts) {
		const debuglog = debug('electron-osx-sign:pre-auto-entitlements')

		// If entitlements file not provided, default will be used. Fixes #41
		@@ -42,3 +39,3 @@ var appInfoPath = path.join(getAppContentsPath(opts), 'Info.plist')
		if (!entitlements['com.apple.security.app-sandbox']) {
		// Only automate when app sandbox enabled
		// Only automate when app sandbox enabled by user
		return
		@@ -105,4 +102,3 @@ }
		})
		.thenReturn(undefined)
		})
		}

8

util-identities.js

		@@ -7,7 +7,4 @@ /**

		const Promise = require('bluebird')

		const util = require('./util')
		const debuglog = util.debuglog
		const debugerror = util.debugerror
		const flatList = util.flatList
		@@ -44,10 +41,5 @@ const execFileAsync = util.execFileAsync
		}
		return undefined
		})
		})
		.then(flatList)
		.catch(function (err) {
		debugerror(err)
		return Promise.reject(new Error('Error in finding identities. See details in debug log. (electron-osx-sign:error)'))
		})
		}

18

util-provisioning-profiles.js

		@@ -10,4 +10,2 @@ /**
		const Promise = require('bluebird')

		const debug = require('debug')
		const plist = require('plist')
		@@ -18,3 +16,2 @@
		const debugwarn = util.debugwarn
		const debugerror = util.debugerror
		const getAppContentsPath = util.getAppContentsPath
		@@ -80,6 +77,2 @@ const flatList = util.flatList
		})
		.catch(function (err) {
		debugerror(err)
		return Promise.reject(new Error('Error in decoding provisioning profile. See details in debug log. (electron-osx-sign:error)'))
		})
		}
		@@ -122,6 +115,2 @@
		.then(flatList)
		.catch(function (err) {
		debugerror(err)
		return Promise.reject(new Error('Error in finding provisioning profiles. See details in debug log. (electron-osx-sign:error)'))
		})
		}
		@@ -136,4 +125,2 @@
		module.exports.preEmbedProvisioningProfile = function (opts) {
		const debuglog = debug('electron-osx-sign:pre-embed-provisioning-profile')

		function embedProvisioningProfile () {
		@@ -154,6 +141,3 @@ if (opts['provisioning-profile']) {
		return copyFileAsync(opts['provisioning-profile'].filePath, embeddedFilePath)
		} else {
		debugerror(err)
		return Promise.reject(new Error('Error checking existing embedded provisioning profile. See details in debug log. (electron-osx-sign:error)'))
		}
		} else throw err
		})
		@@ -160,0 +144,0 @@ }

88

util.js

		@@ -12,3 +12,2 @@ /**
		const Promise = require('bluebird')

		const debug = require('debug')
		@@ -31,11 +30,31 @@
		/** @function */
		const debugerror = module.exports.debugerror = debug('electron-osx-sign:error')
		debugerror.log = console.error.bind(console)
		const isBinaryFileAsync = module.exports.isBinaryFileAsync = Promise.promisify(require('isbinaryfile'))

		/** @function */
		const isBinaryFileAsync = module.exports.isBinaryFileAsync = Promise.promisify(require('isbinaryfile'))
		const removePassword = function (input) {
		return input.replace(/(-P \|pass:\|\/p\|-pass )([^ ]+)/, function (match, p1, p2) {
		return `${p1}***`
		})
		}

		/** @function */
		module.exports.execFileAsync = Promise.promisify(child.execFile)
		module.exports.execFileAsync = function (file, args, options) {
		if (debuglog.enabled) {
		debuglog('Executing...', file, args && Array.isArray(args) ? removePassword(args.join(' ')) : '')
		}

		return new Promise(function (resolve, reject) {
		child.execFile(file, args, options, function (err, stdout, stderr) {
		if (err) {
		debuglog('Error executing file:', '\n',
		'> Stdout:', stdout, '\n',
		'> Stderr:', stderr)
		reject(err)
		return
		}
		resolve(stdout)
		})
		})
		}

		/** @function */
		@@ -154,20 +173,10 @@ const lstatAsync = module.exports.lstatAsync = Promise.promisify(fs.lstat)
		module.exports.validateOptsAppAsync = function (opts) {
		return new Promise(function (resolve, reject) {
		if (!opts.app) {
		reject(new Error('Path to aplication must be specified.'))
		return
		}
		if (path.extname(opts.app) !== '.app') {
		reject(new Error('Extension of application must be `.app`.'))
		return
		}
		return lstatAsync(opts.app)
		.then(function () {
		resolve(undefined)
		})
		.catch(function (err) {
		debugerror(err)
		reject(new Error('Application not found. See details in debug log. (electron-osx-sign:error)'))
		})
		})
		if (!opts.app) {
		return Promise.reject(new Error('Path to aplication must be specified.'))
		}
		if (path.extname(opts.app) !== '.app') {
		return Promise.reject(new Error('Extension of application must be `.app`.'))
		}
		return lstatAsync(opts.app)
		.thenReturn()
		}
		@@ -182,24 +191,16 @@
		module.exports.validateOptsPlatformAsync = function (opts) {
		return new Promise(function (resolve, reject) {
		if (opts.platform) {
		if (opts.platform === 'mas' \|\| opts.platform === 'darwin') {
		resolve()
		return
		} else {
		debugwarn('`platform` passed in arguments not supported, checking Electron platform...')
		}
		if (opts.platform) {
		if (opts.platform === 'mas' \|\| opts.platform === 'darwin') {
		return Promise.resolve()
		} else {
		debugwarn('No `platform` passed in arguments, checking Electron platform...')
		debugwarn('`platform` passed in arguments not supported, checking Electron platform...')
		}
		return detectElectronPlatformAsync(opts)
		.then(function (platform) {
		opts.platform = platform
		resolve()
		})
		.catch(function (err) {
		// NB: This should logically not happen as detectElectronPlatformAsync should not give any rejections. However, it is put here just in case.
		debugerror(err)
		reject(new Error('Unable to decide Electron platform. See details in debug log. (electron-osx-sign:error)'))
		})
		})
		} else {
		debugwarn('No `platform` passed in arguments, checking Electron platform...')
		}

		return detectElectronPlatformAsync(opts)
		.then(function (platform) {
		opts.platform = platform
		})
		}
		@@ -256,3 +257,2 @@
		}
		return undefined
		})
		@@ -259,0 +259,0 @@ })

.npmignore

Sorry, the diff of this file is not supported yet

.travis.yml

Sorry, the diff of this file is not supported yet

electron-osx-sign - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics

Dependency changes