fix(bootstrap): copy macOS app with ditto so it isn't reported as damaged#2391
Merged
Conversation
Installing the desktop app used cpSync to copy OpenWork.app out of the mounted DMG. Node's recursive copy left framework symlinks (e.g. Squirrel.framework Versions/Current) pointing at the temporary DMG mount path, which is unmounted right after install. The dangling links break the bundle's code signature, so macOS Gatekeeper reports 'OpenWork is damaged and can't be opened.' Fix: copy .app bundles with ditto (Apple-supported, preserves relative framework symlinks + signature), with a cp -R fallback, and strip the com.apple.quarantine flag on the freshly installed (already-notarized) app. Verified: a fresh install now passes codesign --verify --deep --strict (valid on disk, satisfies Designated Requirement) and spctl --assess (accepted, source=Notarized Developer ID).
Contributor
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Symptom
After
openwork-bootstrap install app, launching the app showed:Root cause
It wasn't signing or quarantine. The DMG asset the manifest resolves is correctly signed + notarized (Developer ID: Different AI inc.). The install copy corrupted the bundle.
installDmg/installFromDirectoryusedcpSync(..., { recursive: true })to copyOpenWork.appout of the mounted DMG. Node's recursive copy preserved framework symlinks but pointed them at the temporary DMG mount path, which is unmounted right after install:Dangling framework links break the code signature, so Gatekeeper reports the app as "damaged."
Fix
.appbundles withdittoon macOS (Apple-supported; preserves relative framework symlinks + signature), with acp -Rfallback.com.apple.quarantineon the freshly installed (already-notarized) app so first launch isn't blocked.cpSync).Verification
Fresh install via the prod manifest:
Squirrel -> Versions/Current/Squirrel,Current -> Acodesign --verify --deep --strict→valid on disk,satisfies its Designated Requirement(exit 0)spctl --assess --type execute→accepted,source=Notarized Developer ID,Different AI inc. (F5DJWB4CCV)pnpm --filter openwork-bootstrap checkandtestpass.Note: the landing serves
bin/openwork.mjsat/openwork-bootstrap.mjsvia a prebuild copy, so this reaches the installer on the next landing deploy.