From 7e76638f2c5471b161b717f6feb1f3e37135fc13 Mon Sep 17 00:00:00 2001 From: Kenneth Chew <79120643+kthchew@users.noreply.github.com> Date: Fri, 29 Nov 2024 21:10:35 -0500 Subject: [PATCH] Only disable library validation if using ad-hoc signature While not needed for regular releases, it is needed for CI when an Apple Developer account isn't available and you can only perform an ad-hoc signature. Signed-off-by: Kenneth Chew <79120643+kthchew@users.noreply.github.com> --- .github/workflows/build.yml | 4 +++- program_info/AdhocSignedApp.entitlements | 12 ++++++++++++ 2 files changed, 15 insertions(+), 1 deletion(-) create mode 100644 program_info/AdhocSignedApp.entitlements diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2cefa8100..23b4edcd6 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -380,11 +380,13 @@ jobs: if [ -n '${{ secrets.APPLE_CODESIGN_ID }}' ]; then APPLE_CODESIGN_ID='${{ secrets.APPLE_CODESIGN_ID }}' + ENTITLEMENTS_FILE='../program_info/App.entitlements' else APPLE_CODESIGN_ID='-' + ENTITLEMENTS_FILE='../program_info/AdhocSignedApp.entitlements' fi - sudo codesign --sign "$APPLE_CODESIGN_ID" --deep --force --entitlements "../program_info/App.entitlements" --options runtime "PrismLauncher.app/Contents/MacOS/prismlauncher" + sudo codesign --sign "$APPLE_CODESIGN_ID" --deep --force --entitlements "$ENTITLEMENTS_FILE" --options runtime "PrismLauncher.app/Contents/MacOS/prismlauncher" mv "PrismLauncher.app" "Prism Launcher.app" - name: Notarize (macOS) diff --git a/program_info/AdhocSignedApp.entitlements b/program_info/AdhocSignedApp.entitlements new file mode 100644 index 000000000..032308a18 --- /dev/null +++ b/program_info/AdhocSignedApp.entitlements @@ -0,0 +1,12 @@ + + + + + com.apple.security.cs.disable-library-validation + + com.apple.security.device.audio-input + + com.apple.security.device.camera + + +