Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

code object is not signed at al #3731

Open
3 tasks done
t3rrey opened this issue Oct 8, 2024 · 2 comments
Open
3 tasks done

code object is not signed at al #3731

t3rrey opened this issue Oct 8, 2024 · 2 comments

Comments

@t3rrey
Copy link

t3rrey commented Oct 8, 2024

Pre-flight checklist

  • I have read the contribution documentation for this project.
  • I agree to follow the code of conduct that this project uses.
  • I have searched the issue tracker for a bug that matches the one I want to file, without success.

Electron Forge version

7.5.0

Electron version

31.1.2

Operating system

Mac 15.0

Last known working Electron Forge version

7.5.0

Expected behavior

Trying to sign my Mac app. it seems to want to sign but when I inspect if signed doesn't seem to be working.

I have replace ids with **

Actual behavior

"@electron-forge/cli": "7.5.0",
    "@electron-forge/maker-deb": "7.5.0",
    "@electron-forge/maker-dmg": "7.5.0",
    "@electron-forge/maker-rpm": "7.5.0",
    "@electron-forge/maker-squirrel": "7.5.0",
    "@electron-forge/maker-zip": "7.5.0",

npm run package

> [email protected] package
> electron-vite build --outDir=dist && DEBUG=electron-osx-sign* electron-forge package

[sentry-vite-plugin] Warning: No auth token provided. Will not create release. Please set the `authToken` option. You can find information on how to generate a Sentry auth token here: https://docs.sentry.io/api/auth/
[sentry-vite-plugin] Warning: No auth token provided. Will not upload source maps. Please set the `authToken` option. You can find information on how to generate a Sentry auth token here: https://docs.sentry.io/api/auth/
[sentry-vite-plugin] Warning: No auth token provided. Will not create release. Please set the `authToken` option. You can find information on how to generate a Sentry auth token here: https://docs.sentry.io/api/auth/
[sentry-vite-plugin] Warning: No auth token provided. Will not upload source maps. Please set the `authToken` option. You can find information on how to generate a Sentry auth token here: https://docs.sentry.io/api/auth/
vite v5.4.8 building SSR bundle for production...
[sentry-vite-plugin] Info: Sending telemetry data on issues and performance to Sentry. To disable telemetry, set `options.telemetry` to `false`.
✓ 292 modules transformed.
dist/main/index.js  479.38 kB │ map: 1,091.00 kB
✓ built in 840ms
vite v5.4.8 building SSR bundle for production...
✓ 1 modules transformed.
dist/preload/index.js  5.60 kB │ map: 13.82 kB
✓ built in 10ms
vite v5.4.8 building for production...
[sentry-vite-plugin] Info: Sending telemetry data on issues and performance to Sentry. To disable telemetry, set `options.telemetry` to `false`.
✓ 11937 modules transformed.
../../dist/renderer/index.html                            0.33 kB
../../dist/renderer/assets/record-beep-DyiI7JPO.mp3      10.79 kB
../../dist/renderer/assets/disconnect_1-ce3WBeJW.mp3     14.40 kB
../../dist/renderer/assets/start-1-C8bjaql6.mp3          38.88 kB
../../dist/renderer/assets/alarm-DUaqX_fH.mp3            91.20 kB
../../dist/renderer/assets/index-E6d_L8kD.css           230.10 kB
../../dist/renderer/assets/index-BT8G0qu1.js          3,444.49 kB │ map: 7,718.11 kB
✓ built in 8.38s
✔ Checking your system
❯ Preparing to package application
✔ Preparing to package application
❯ Running packaging hooks
❯ Running generateAssets hook
✔ Running generateAssets hook
❯ Running prePackage hook
✔ Running prePackage hook
✔ Running packaging hooks
❯ Packaging application
› Determining targets...
❯ Packaging for arm64 on darwin
❯ Copying files
❯ Preparing native dependencies
❯ Finalizing package
✔ Copying files
✔ Preparing native dependencies: 1 / 1
  electron-osx-sign [email protected] +0ms
  electron-osx-sign:warn No `identity` passed in arguments... +0ms
  electron-osx-sign Finding `Developer ID Application` certificate for distribution outside the Mac App Store... +1ms
  electron-osx-sign Executing... security find-identity -v +0ms
  electron-osx-sign Identity:
 > Name: Developer ID Application: ************* (**********)
 > Hash: ******************** +31ms
  electron-osx-sign Found 1 identity. +0ms
  electron-osx-sign Pre-sign operation enabled for provisioning profile:
 * Disable by setting `pre-embed-provisioning-profile` to `false`. +0ms
  electron-osx-sign No `provisioning-profile` passed in arguments, will find in current working directory and in user library... +0ms
  electron-osx-sign No provisioning profile found, will not embed profile in app contents. +2ms
  electron-osx-sign Signing application...
 > Application: /var/folders/ln/0_xp3s510ks_t8v3gldcdjv40000gn/T/electron-packager/tmp-NT0IIG/recorder.app
 > Platform: darwin
 > Additional binaries: undefined
 > Identity: undefined +0ms
  electron-osx-sign Walking... /var/folders/ln/0_xp3s510ks_t8v3gldcdjv40000gn/T/electron-packager/tmp-NT0IIG/recorder.app/Contents +0ms
✔ Finalizing package
✔ Packaging for arm64 on darwin
✔ Packaging application
❯ Running postPackage hook
✔ Running postPackage hook

codesign --verify --deep --strict --verbose=2 out/make/recorder-2.0.0-arm64.dmg
out/make/recorder-2.0.0-arm64.dmg: code object is not signed at all

Steps to reproduce

run npm run package

Additional information

No response
@JB-CHAUVIN
Copy link

Same problem for me with version 7.5.0 :

◼ Running postPackage hook

An unhandled rejection has occurred inside Forge:
Error: Failed to codesign your application with code: 1

WindowNinja.app: code object is not signed at all


Executable=/private/var/folders/9_/25wkdh197hscz_x9t13s195h0000gn/T/electron-packager/tmp-ehusM4/WindowNinja.app/Contents/MacOS/WindowNinja
Identifier=Electron
Format=app bundle with Mach-O universal (x86_64 arm64)
CodeDirectory v=20400 size=513 flags=0x20002(adhoc,linker-signed) hashes=13+0 location=embedded
VersionPlatform=1
VersionMin=720896
VersionSDK=917504
Hash type=sha256 size=32
CandidateCDHash sha256=4f1ac00a17b89a49949aca1e66a3f45ae230a3a9
CandidateCDHashFull sha256=4f1ac00a17b89a49949aca1e66a3f45ae230a3a97e318d29d6b4ebbbcc44432b
Hash choices=sha256
CMSDigest=4f1ac00a17b89a49949aca1e66a3f45ae230a3a97e318d29d6b4ebbbcc44432b
CMSDigestType=2
Executable Segment base=0
Executable Segment limit=16384
Executable Segment flags=0x1
Page size=4096
CDHash=4f1ac00a17b89a49949aca1e66a3f45ae230a3a9
Signature=adhoc
Info.plist=not bound
TeamIdentifier=not set
Sealed Resources=none
Internal requirements=none
at /Users/cegedim/Documents/Perso/Perso/WindowNinja/app/node_modules/@electron/notarize/lib/check-signature.js:74:19
    at Generator.next (<anonymous>)
    at fulfilled (/Users/cegedim/Documents/Perso/Perso/WindowNinja/app/node_modules/@electron/notarize/lib/check-signature.js:28:58)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
error Command failed with exit code 1.
info Visit https://yarnpkg.com/en/docs/cli/run for documentation about this command.

@nikwen
Copy link

nikwen commented Nov 27, 2024

Forge currently doesn't sign the DMG. However, it signs the .app file inside of the DMG. Signing the DMG is not necessary.

It is possible on macOS to sign the DMG in addition to the .app but I don't know of any advantages it would bring.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@nikwen @JB-CHAUVIN @t3rrey