starred/yaak-mountain-loop
1
0
Fork 0
mirror of https://github.com/mountain-loop/yaak.git synced 2026-02-22 10:37:45 +01:00
Code Issues 8 Packages Projects Releases 10 Wiki Activity

Separate entitlements for main app, yaaknode, and yaakprotoc

Browse Source
This commit is contained in:
Gregory Schier
2026-01-11 14:05:47 -08:00
parent 494e9efb64
commit 72a7e6963d
4 changed files with 22 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
.github/workflows/release.yml vendored
View File

@@ -119,10 +119,9 @@ jobs:
security import certificate.p12 -P "$APPLE_CERTIFICATE_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
security list-keychain -d user -s $KEYCHAIN_PATH
# Sign vendored binaries with hardened runtime
codesign --force --options runtime --sign "$APPLE_SIGNING_IDENTITY" crates-tauri/yaak-app/vendored/protoc/yaakprotoc || true
# Node.js needs entitlements for JIT and loading plugins with different Team IDs
codesign --force --options runtime --entitlements crates-tauri/yaak-app/macos/entitlements.plist --sign "$APPLE_SIGNING_IDENTITY" crates-tauri/yaak-app/vendored/node/yaaknode || true
# Sign vendored binaries with hardened runtime and their specific entitlements
codesign --force --options runtime --entitlements crates-tauri/yaak-app/macos/entitlements.yaakprotoc.plist --sign "$APPLE_SIGNING_IDENTITY" crates-tauri/yaak-app/vendored/protoc/yaakprotoc || true
codesign --force --options runtime --entitlements crates-tauri/yaak-app/macos/entitlements.yaaknode.plist --sign "$APPLE_SIGNING_IDENTITY" crates-tauri/yaak-app/vendored/node/yaaknode || true
- uses: tauri-apps/tauri-action@v0
env: