mirror of
https://github.com/nodejs/node.git
synced 2024-11-24 20:29:23 +01:00
6db6af4057
Includes hardened-runtime patch from gdams from https://github.com/nodejs/node/issues/29216#issuecomment-546932966 PR-URL: https://github.com/nodejs/node/pull/31459 Refs: https://github.com/nodejs/node/issues/29216 Reviewed-By: Christian Clauss <cclauss@me.com> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com> Reviewed-By: Ash Cripps <ashley.cripps@ibm.com> Signed-off-by: Rod Vagg <rod@vagg.org>
21 lines
416 B
Bash
21 lines
416 B
Bash
#!/bin/bash
|
|
|
|
set -x
|
|
set -e
|
|
|
|
if [ "X$SIGN" == "X" ]; then
|
|
echo "No SIGN environment var. Skipping codesign." >&2
|
|
exit 0
|
|
fi
|
|
|
|
# All macOS executable binaries in the bundle must be codesigned with the
|
|
# hardened runtime enabled.
|
|
# See https://github.com/nodejs/node/pull/31459
|
|
|
|
codesign \
|
|
--sign "$SIGN" \
|
|
--entitlements tools/osx-entitlements.plist \
|
|
--options runtime \
|
|
--timestamp \
|
|
"$PKGDIR"/bin/node
|