mirror of
https://github.com/onionshare/onionshare.git
synced 2024-12-24 23:09:42 -05:00
Move get_binary_arches into common, and code sign every binary in the app bundle
This commit is contained in:
parent
c524afd87b
commit
0631d14d78
@ -7,6 +7,8 @@ import shutil
|
||||
import glob
|
||||
import itertools
|
||||
|
||||
from common import get_binary_arches
|
||||
|
||||
root = os.path.dirname(
|
||||
os.path.dirname(
|
||||
os.path.dirname(os.path.abspath(inspect.getfile(inspect.currentframe())))
|
||||
@ -54,6 +56,10 @@ def sign(path, entitlements, identity):
|
||||
)
|
||||
|
||||
|
||||
def get_binaries():
|
||||
pass
|
||||
|
||||
|
||||
@click.group()
|
||||
def main():
|
||||
"""
|
||||
@ -159,7 +165,7 @@ def cleanup_build():
|
||||
"QtSvgWidgets",
|
||||
"QtUiTools",
|
||||
"QtWebEngineQuick",
|
||||
"QtWebEngineQuickDelegatesQml"
|
||||
"QtWebEngineQuickDelegatesQml",
|
||||
]:
|
||||
shutil.rmtree(
|
||||
f"{app_path}/Contents/MacOS/lib/PySide6/Qt/lib/{framework}.framework"
|
||||
@ -229,26 +235,11 @@ def cleanup_build():
|
||||
@click.argument("app_path")
|
||||
def codesign(app_path):
|
||||
"""Sign macOS binaries before packaging"""
|
||||
for path in itertools.chain(
|
||||
glob.glob(f"{app_path}/Contents/Resources/lib/**/*.so", recursive=True),
|
||||
glob.glob(f"{app_path}/Contents/Resources/lib/**/*.dylib", recursive=True),
|
||||
[
|
||||
f"{app_path}/Contents/Frameworks/QtCore.framework/Versions/A/QtCore",
|
||||
f"{app_path}/Contents/Frameworks/QtDBus.framework/Versions/A/QtDBus",
|
||||
f"{app_path}/Contents/Frameworks/QtGui.framework/Versions/A/QtGui",
|
||||
f"{app_path}/Contents/Frameworks/QtWidgets.framework/Versions/A/QtWidgets",
|
||||
f"{app_path}/Contents/Resources/lib/Python",
|
||||
f"{app_path}/Contents/Resources/lib/onionshare/resources/tor/meek-client",
|
||||
f"{app_path}/Contents/Resources/lib/onionshare/resources/tor/obfs4proxy",
|
||||
f"{app_path}/Contents/Resources/lib/onionshare/resources/tor/snowflake-client",
|
||||
f"{app_path}/Contents/Resources/lib/onionshare/resources/tor/tor",
|
||||
f"{app_path}/Contents/Resources/lib/onionshare/resources/tor/libevent-2.1.7.dylib",
|
||||
f"{app_path}/Contents/MacOS/onionshare",
|
||||
f"{app_path}/Contents/MacOS/onionshare-cli",
|
||||
f"{app_path}",
|
||||
],
|
||||
):
|
||||
sign(path, entitlements_plist_path, identity_name_application)
|
||||
bin_universal, bin_silicon, bin_intel = get_binary_arches(app_path)
|
||||
binaries = bin_universal + bin_silicon + bin_intel + [app_path]
|
||||
|
||||
for filename in binaries:
|
||||
sign(filename, entitlements_plist_path, identity_name_application)
|
||||
|
||||
print(f"> Signed app bundle: {app_path}")
|
||||
|
||||
|
32
desktop/scripts/common.py
Normal file
32
desktop/scripts/common.py
Normal file
@ -0,0 +1,32 @@
|
||||
import os
|
||||
import subprocess
|
||||
|
||||
|
||||
def get_binary_arches(app_dir):
|
||||
universal = []
|
||||
silicon = []
|
||||
intel = []
|
||||
for dirpath, dirnames, filenames in os.walk(app_dir):
|
||||
for basename in filenames:
|
||||
filename = os.path.join(dirpath, basename)
|
||||
if os.path.isfile(filename):
|
||||
out = subprocess.check_output(["file", filename]).decode("utf-8")
|
||||
if (
|
||||
"Mach-O 64-bit executable" in out
|
||||
or "Mach-O 64-bit bundle" in out
|
||||
or "Mach-O 64-bit dynamically linked shared library" in out
|
||||
):
|
||||
arm64, x86 = False, False
|
||||
if "arm64" in out:
|
||||
arm64 = True
|
||||
if "x86_64" in out:
|
||||
x86 = True
|
||||
|
||||
if arm64 and x86:
|
||||
universal.append(filename)
|
||||
elif arm64:
|
||||
silicon.append(filename)
|
||||
elif x86:
|
||||
intel.append(filename)
|
||||
|
||||
return universal, silicon, intel
|
@ -5,34 +5,7 @@ import click
|
||||
import subprocess
|
||||
|
||||
|
||||
def get_binary_arches(app_dir):
|
||||
universal = []
|
||||
silicon = []
|
||||
intel = []
|
||||
for dirpath, dirnames, filenames in os.walk(app_dir):
|
||||
for basename in filenames:
|
||||
filename = os.path.join(dirpath, basename)
|
||||
if os.path.isfile(filename):
|
||||
out = subprocess.check_output(["file", filename]).decode("utf-8")
|
||||
if (
|
||||
"Mach-O 64-bit executable" in out
|
||||
or "Mach-O 64-bit bundle" in out
|
||||
or "Mach-O 64-bit dynamically linked shared library" in out
|
||||
):
|
||||
arm64, x86 = False, False
|
||||
if "arm64" in out:
|
||||
arm64 = True
|
||||
if "x86_64" in out:
|
||||
x86 = True
|
||||
|
||||
if arm64 and x86:
|
||||
universal.append(filename)
|
||||
elif arm64:
|
||||
silicon.append(filename)
|
||||
elif x86:
|
||||
intel.append(filename)
|
||||
|
||||
return universal, silicon, intel
|
||||
from common import get_binary_arches
|
||||
|
||||
|
||||
@click.command()
|
||||
|
Loading…
Reference in New Issue
Block a user