electrobun 0.0.19-beta.103 → 0.0.19-beta.105
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/cli/index.ts +62 -5
package/package.json
CHANGED
package/src/cli/index.ts
CHANGED
|
@@ -402,6 +402,9 @@ const defaultConfig = {
|
|
|
402
402
|
entitlements: {
|
|
403
403
|
// This entitlement is required for Electrobun apps with a hardened runtime (required for notarization) to run on macos
|
|
404
404
|
"com.apple.security.cs.allow-jit": true,
|
|
405
|
+
// Required for bun runtime to work with dynamic code execution and JIT compilation when signed
|
|
406
|
+
"com.apple.security.cs.allow-unsigned-executable-memory": true,
|
|
407
|
+
"com.apple.security.cs.disable-library-validation": true,
|
|
405
408
|
},
|
|
406
409
|
icons: "icon.iconset",
|
|
407
410
|
},
|
|
@@ -847,7 +850,7 @@ if (commandArg === "init") {
|
|
|
847
850
|
// mkdirSync(destLauncherFolder, {recursive: true});
|
|
848
851
|
// }
|
|
849
852
|
// cpSync(zigLauncherBinarySource, zigLauncherDestination, {recursive: true, dereference: true});
|
|
850
|
-
// Copy launcher for all builds (dev, canary, stable)
|
|
853
|
+
// Copy zig launcher for all builds (dev, canary, stable)
|
|
851
854
|
const bunCliLauncherBinarySource = targetPaths.LAUNCHER_RELEASE;
|
|
852
855
|
const bunCliLauncherDestination = join(appBundleMacOSPath, "launcher") + targetBinExt;
|
|
853
856
|
const destLauncherFolder = dirname(bunCliLauncherDestination);
|
|
@@ -1752,7 +1755,7 @@ exec "\$LAUNCHER_BINARY" "\$@"
|
|
|
1752
1755
|
}
|
|
1753
1756
|
|
|
1754
1757
|
if (OS === 'macos') {
|
|
1755
|
-
// Use the launcher
|
|
1758
|
+
// Use the zig launcher for all builds (dev, canary, stable)
|
|
1756
1759
|
mainProc = Bun.spawn([join(bundleExecPath, 'launcher')], {
|
|
1757
1760
|
stdio: ['inherit', 'inherit', 'inherit'],
|
|
1758
1761
|
cwd: bundleExecPath
|
|
@@ -2210,7 +2213,7 @@ function codesignAppBundle(
|
|
|
2210
2213
|
Bun.write(entitlementsFilePath, entitlementsFileContents);
|
|
2211
2214
|
}
|
|
2212
2215
|
|
|
2213
|
-
// Sign frameworks first (CEF framework
|
|
2216
|
+
// Sign frameworks first (CEF framework requires special handling)
|
|
2214
2217
|
const frameworksPath = join(contentsPath, 'Frameworks');
|
|
2215
2218
|
if (existsSync(frameworksPath)) {
|
|
2216
2219
|
try {
|
|
@@ -2218,14 +2221,68 @@ function codesignAppBundle(
|
|
|
2218
2221
|
for (const framework of frameworks) {
|
|
2219
2222
|
if (framework.endsWith('.framework')) {
|
|
2220
2223
|
const frameworkPath = join(frameworksPath, framework);
|
|
2221
|
-
|
|
2224
|
+
|
|
2225
|
+
if (framework === 'Chromium Embedded Framework.framework') {
|
|
2226
|
+
console.log(`Signing CEF framework components: ${framework}`);
|
|
2227
|
+
|
|
2228
|
+
// Sign CEF libraries first
|
|
2229
|
+
const librariesPath = join(frameworkPath, 'Libraries');
|
|
2230
|
+
if (existsSync(librariesPath)) {
|
|
2231
|
+
const libraries = readdirSync(librariesPath);
|
|
2232
|
+
for (const library of libraries) {
|
|
2233
|
+
if (library.endsWith('.dylib')) {
|
|
2234
|
+
const libraryPath = join(librariesPath, library);
|
|
2235
|
+
console.log(`Signing CEF library: ${library}`);
|
|
2236
|
+
execSync(
|
|
2237
|
+
`codesign --force --verbose --timestamp --sign "${ELECTROBUN_DEVELOPER_ID}" --options runtime ${escapePathForTerminal(libraryPath)}`
|
|
2238
|
+
);
|
|
2239
|
+
}
|
|
2240
|
+
}
|
|
2241
|
+
}
|
|
2242
|
+
|
|
2243
|
+
// CEF helper apps are in the main Frameworks directory, not inside the CEF framework
|
|
2244
|
+
// We'll sign them after signing all frameworks
|
|
2245
|
+
}
|
|
2246
|
+
|
|
2247
|
+
// Sign the framework bundle itself (for CEF and any other frameworks)
|
|
2248
|
+
console.log(`Signing framework bundle: ${framework}`);
|
|
2222
2249
|
execSync(
|
|
2223
2250
|
`codesign --force --verbose --timestamp --sign "${ELECTROBUN_DEVELOPER_ID}" --options runtime ${escapePathForTerminal(frameworkPath)}`
|
|
2224
2251
|
);
|
|
2225
2252
|
}
|
|
2226
2253
|
}
|
|
2227
2254
|
} catch (err) {
|
|
2228
|
-
console.log("
|
|
2255
|
+
console.log("Error signing frameworks:", err);
|
|
2256
|
+
throw err; // Re-throw to fail the build since framework signing is critical
|
|
2257
|
+
}
|
|
2258
|
+
}
|
|
2259
|
+
|
|
2260
|
+
// Sign CEF helper apps (they're in the main Frameworks directory, not inside CEF framework)
|
|
2261
|
+
const cefHelperApps = [
|
|
2262
|
+
'bun Helper.app',
|
|
2263
|
+
'bun Helper (GPU).app',
|
|
2264
|
+
'bun Helper (Plugin).app',
|
|
2265
|
+
'bun Helper (Alerts).app',
|
|
2266
|
+
'bun Helper (Renderer).app'
|
|
2267
|
+
];
|
|
2268
|
+
|
|
2269
|
+
for (const helperApp of cefHelperApps) {
|
|
2270
|
+
const helperPath = join(frameworksPath, helperApp);
|
|
2271
|
+
if (existsSync(helperPath)) {
|
|
2272
|
+
const helperExecutablePath = join(helperPath, 'Contents', 'MacOS', helperApp.replace('.app', ''));
|
|
2273
|
+
if (existsSync(helperExecutablePath)) {
|
|
2274
|
+
console.log(`Signing CEF helper executable: ${helperApp}`);
|
|
2275
|
+
const entitlementFlag = entitlementsFilePath ? `--entitlements ${entitlementsFilePath}` : '';
|
|
2276
|
+
execSync(
|
|
2277
|
+
`codesign --force --verbose --timestamp --sign "${ELECTROBUN_DEVELOPER_ID}" --options runtime ${entitlementFlag} ${escapePathForTerminal(helperExecutablePath)}`
|
|
2278
|
+
);
|
|
2279
|
+
}
|
|
2280
|
+
|
|
2281
|
+
console.log(`Signing CEF helper bundle: ${helperApp}`);
|
|
2282
|
+
const entitlementFlag = entitlementsFilePath ? `--entitlements ${entitlementsFilePath}` : '';
|
|
2283
|
+
execSync(
|
|
2284
|
+
`codesign --force --verbose --timestamp --sign "${ELECTROBUN_DEVELOPER_ID}" --options runtime ${entitlementFlag} ${escapePathForTerminal(helperPath)}`
|
|
2285
|
+
);
|
|
2229
2286
|
}
|
|
2230
2287
|
}
|
|
2231
2288
|
|