From 41e304f431164f243188952e64728aaec6d5231e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Anders=20=C3=85berg?= Date: Thu, 23 Jan 2025 20:14:10 +0100 Subject: [PATCH] experiment with entitlements and signing the framework --- .github/workflows/build-desktop.yml | 9 +++------ apps/desktop/resources/entitlements.mac.plist | 14 ++++++++------ 2 files changed, 11 insertions(+), 12 deletions(-) diff --git a/.github/workflows/build-desktop.yml b/.github/workflows/build-desktop.yml index eb850e37f46..041da184389 100644 --- a/.github/workflows/build-desktop.yml +++ b/.github/workflows/build-desktop.yml @@ -1441,12 +1441,9 @@ jobs: - name: Resign run: | - codesign -dvvv "./dist/mas-dev-universal/Bitwarden.app" 2>&1 | grep -iE "TeamIdentifier|flags|Format|Identifier|Authority" - - codesign -dvvv "./dist/mas-dev-universal/Bitwarden.app/Contents/PlugIns/autofill-extension.appex" 2>&1 | grep -iE "TeamIdentifier|flags|Format|Identifier|Authority" - - security find-identity -v -p codesigning - + # Resign the Electron Framework + codesign --force --deep --options=runtime --sign "Developer ID Application: 8bit Solutions LLC (LTZ2PFU5D6)" --timestamp --generate-entitlement-der --preserve-metadata=identifier,flags Bitwarden.app/Contents/Frameworks/Electron\ Framework.framework + # Resign the bundle codesign --entitlements resources/entitlements.mas.plist --deep --verbose --options runtime --force --sign "Developer ID Application: 8bit Solutions LLC (LTZ2PFU5D6)" dist/mas-dev-universal/Bitwarden.app - name: Zip masdev asset diff --git a/apps/desktop/resources/entitlements.mac.plist b/apps/desktop/resources/entitlements.mac.plist index e273bcc7eca..a4ebe9ac3cd 100644 --- a/apps/desktop/resources/entitlements.mac.plist +++ b/apps/desktop/resources/entitlements.mac.plist @@ -1,12 +1,14 @@ - - com.apple.security.cs.allow-jit - - - - + com.apple.security.cs.allow-unsigned-executable-memory + + + \ No newline at end of file