From 8c5eac3c120b2abf78e42e136cfc60ee0f0c79db Mon Sep 17 00:00:00 2001 From: sethlu Date: Thu, 7 Apr 2016 15:58:13 +0800 Subject: [PATCH 1/2] opts.ignore to filter out undesired file paths for signing Fix https://github.com/electron-userland/electron-osx-sign/issues/30 --- index.js | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/index.js b/index.js index 52f3851..6b6ab0e 100644 --- a/index.js +++ b/index.js @@ -87,9 +87,6 @@ function generateAppFrameworksPath (opts) { } function signApplication (opts, callback) { - var operations = [] - var appContentsPath = generateAppContentsPath(opts) - function isFileBinary (filePath) { var buf = fs.readFileSync(filePath) for (var i = 0, l = buf.length; i < l; i++) { @@ -143,6 +140,19 @@ function signApplication (opts, callback) { }) } + function ignoreFilePath (opts, filePath) { + if (opts.ignore) { + if (typeof opts.ignore === 'function') { + return opts.ignore(filePath) + } else if (typeof opts.ignore === 'string') { + return filePath.match(opts.ignore) + } + } + return false + } + + var operations = [] + var appContentsPath = generateAppContentsPath(opts) var childPaths = [] walkSync(appContentsPath) if (opts.binaries) childPaths = childPaths.concat(opts.binaries) @@ -158,6 +168,7 @@ function signApplication (opts, callback) { if (opts.entitlements) { // Sign with entitlements childPaths.forEach(function (filePath) { + if (ignoreFilePath(opts, filePath)) return operations.push(function (cb) { child.execFile('codesign', args.concat('--entitlements', opts['entitlements-inherit'], filePath), function (err, stdout, stderr) { if (err) return cb(err) @@ -176,6 +187,7 @@ function signApplication (opts, callback) { } else { // Otherwise normally childPaths.forEach(function (filePath) { + if (ignoreFilePath(opts, filePath)) return operations.push(function (cb) { child.execFile('codesign', args.concat(filePath), function (err, stdout, stderr) { if (err) return cb(err) @@ -275,6 +287,9 @@ function sign (opts, cb) { if (opts.binaries) { if (!Array.isArray(opts.binaries)) return cb(new Error('Additional binaries should be an Array.')) } + if (opts.ignore) { + if (typeof opts.ignore !== 'function' || typeof opts.ignore !== 'string') return cb(new Error('Ignore filter should be either a function or a string.')) + } series([ function (cb) { // Checking identity with series for async execution of child process From 37ad13d970a4513e13dcf2fb8f547fc7cd3b66f0 Mon Sep 17 00:00:00 2001 From: sethlu Date: Fri, 8 Apr 2016 00:26:05 +0800 Subject: [PATCH 2/2] Document opts.ignore in electron-osx-sign --- README.md | 5 +++++ bin/electron-osx-sign-usage.txt | 1 + 2 files changed, 6 insertions(+) diff --git a/README.md b/README.md index 456028d..2ef7ce1 100644 --- a/README.md +++ b/README.md @@ -105,6 +105,11 @@ Signing platform `mas` will look for `3rd Party Mac Developer Application: * (*) The keychain name. Default to system default keychain (`login.keychain`). +`ignore` - *String* + +Regex or function that signals ignoring a file before signing. +Default to undefined. + `platform` - *String* Build platform of Electron. diff --git a/bin/electron-osx-sign-usage.txt b/bin/electron-osx-sign-usage.txt index 1a2abe7..dd30273 100644 --- a/bin/electron-osx-sign-usage.txt +++ b/bin/electron-osx-sign-usage.txt @@ -7,4 +7,5 @@ entitlements Path to entitlements file for signing Mac App Store entitlements-inherit Path to child entitlements file for signing frameworks and bundles of Mac App Store application. identity Name of certificate to use when signing. Default to retrieve from keychain specified, see below. keychain The keychain name. Default to system default keychain (`login.keychain`). +ignore Regex that signals ignoring a file before signing. Default to undefined. platform Build platform of Electron. Allowed values: `darwin`, `mas`. Default to auto detect from application package.