forked from macvim-dev/macvim
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsign-developer-id
More file actions
executable file
·47 lines (41 loc) · 2.46 KB
/
sign-developer-id
File metadata and controls
executable file
·47 lines (41 loc) · 2.46 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
#!/bin/sh
# Utility script to sign MacVim with a valid Developer ID with hardened runtime
# along with a provided entitlments file. This script requires a Developer ID
# cert already installed on the computer.
# Use the following to verify:
# codesign -d --verbose=4 --entitlements - <MacVim_app>
if [[ $# == 0 || $# == 1 ]]; then
echo "Usage: sign-developer-id <MacVim_app> <entitlements_file>"
exit -1
fi
set -e
macvim_path=$1
entitlements=$2
if [[ "$macvim_path" =~ dmg ]]; then
set -x
codesign -f -s "Developer ID Application" -o runtime --timestamp "$macvim_path"
else
# Sign bottom-up to make sure everything is signed in order.
# Note: Not using --deep because it's been deprecated since macOS 13, and
# also it doesn't catch all the binaries anyway so it's better to just be
# explicit and sign everything in order to be clear what we are doing.
if [ -d "$macvim_path/Contents/Frameworks/Sparkle.framework/Versions/A" ]; then
(set -x
codesign -f -s "Developer ID Application" -o runtime --timestamp "$macvim_path/Contents/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app/Contents/MacOS/fileop"
codesign -f -s "Developer ID Application" -o runtime --timestamp "$macvim_path/Contents/Frameworks/Sparkle.framework/Versions/A/Resources/Autoupdate.app")
fi
if [ -d $macvim_path/Contents/Frameworks/Sparkle.framework/Versions/B ]; then
(set -x
codesign -f -s "Developer ID Application" -o runtime --timestamp "$macvim_path/Contents/Frameworks/Sparkle.framework/Versions/B/Autoupdate"
codesign -f -s "Developer ID Application" -o runtime --timestamp "$macvim_path/Contents/Frameworks/Sparkle.framework/Versions/B/Updater.app")
fi
if [ -d $macvim_path/Contents/Frameworks/Sparkle.framework ]; then
(set -x
codesign -f -s "Developer ID Application" -o runtime --timestamp "$macvim_path/Contents/Frameworks/Sparkle.framework")
fi
set -x
codesign -f -s "Developer ID Application" -o runtime --timestamp "$macvim_path/Contents/Library/QuickLook/QLStephen.qlgenerator/Contents/MacOS/QLStephen"
codesign -f -s "Developer ID Application" -o runtime --timestamp --entitlements $entitlements "$macvim_path/Contents/bin/xxd"
codesign -f -s "Developer ID Application" -o runtime --timestamp --entitlements $entitlements "$macvim_path/Contents/MacOS/Vim"
codesign -f -s "Developer ID Application" -o runtime --timestamp --entitlements $entitlements "$macvim_path"
fi