mason.release.sign: use hardened runtime

author John Benediktsson <mrjbq7@gmail.com>

Fri, 20 Jan 2023 17:59:09 +0000 (09:59 -0800)

committer John Benediktsson <mrjbq7@gmail.com>

Fri, 20 Jan 2023 17:59:09 +0000 (09:59 -0800)
author John Benediktsson <mrjbq7@gmail.com>
Fri, 20 Jan 2023 17:59:09 +0000 (09:59 -0800)
committer John Benediktsson <mrjbq7@gmail.com>
Fri, 20 Jan 2023 17:59:09 +0000 (09:59 -0800)
diff --git a/extra/mason/release/sign/sign.factor b/extra/mason/release/sign/sign.factor

index 189c27d7ed4469f4b5c5b9ecd0a4eb8f890ba894..c71caf2ade75408b67c2136a3267ed783640e820 100644 (file)
--- a/extra/mason/release/sign/sign.factor
+++ b/extra/mason/release/sign/sign.factor
@@ -1,6 +1,6 @@
  ! Copyright (C) 2016 Doug Coleman.
  ! See https://factorcode.org/license.txt for BSD license.
-USING: io.backend io.pathnames kernel literals mason.common
+USING: io.backend io.pathnames kernel literals make mason.common
  sequences system ;
  IN: mason.release.sign
  
@@ -34,11 +34,16 @@ M: macosx sign-factor-app
          "libfactor.dylib"
          "libfactor-ffi-test.dylib"
      } [
-        ${
-            "codesign" "--force" "--sign"
-            "Developer ID Application"
-            cert-path
-        } swap make-factor-path suffix short-running-process
+        [
+            "codesign" ,
+            "--entitlements" ,
+            "factor.entitlements" make-factor-path ,
+            "--option" , "runtime" , ! Hardened Runtime
+            "--force" , "--sign" ,
+            "Developer ID Application" ,
+            cert-path ,
+            make-factor-path ,
+        ] { } make short-running-process
      ] each ;
  
  M:: windows sign-factor-app ( -- )
author	John Benediktsson <mrjbq7@gmail.com>
	Fri, 20 Jan 2023 17:59:09 +0000 (09:59 -0800)
committer	John Benediktsson <mrjbq7@gmail.com>
	Fri, 20 Jan 2023 17:59:09 +0000 (09:59 -0800)