From 494e9efb645af867ab8e2db0fde4a1f1683d7686 Mon Sep 17 00:00:00 2001 From: Gregory Schier Date: Sun, 11 Jan 2026 14:02:20 -0800 Subject: [PATCH] Apply entitlements when signing vendored binaries --- .github/workflows/release.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 9f062984..fcac3dff 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -121,7 +121,8 @@ jobs: # Sign vendored binaries with hardened runtime codesign --force --options runtime --sign "$APPLE_SIGNING_IDENTITY" crates-tauri/yaak-app/vendored/protoc/yaakprotoc || true - codesign --force --options runtime --sign "$APPLE_SIGNING_IDENTITY" crates-tauri/yaak-app/vendored/node/yaaknode || true + # Node.js needs entitlements for JIT and loading plugins with different Team IDs + codesign --force --options runtime --entitlements crates-tauri/yaak-app/macos/entitlements.plist --sign "$APPLE_SIGNING_IDENTITY" crates-tauri/yaak-app/vendored/node/yaaknode || true - uses: tauri-apps/tauri-action@v0 env: