brew/Library/Homebrew/os/mac/keg.rb

# typed: true
# frozen_string_literal: true

class Keg
  def change_dylib_id(id, file)
    return if file.dylib_id == id

    @require_relocation = true
    odebug "Changing dylib ID of #{file}\n  from #{file.dylib_id}\n    to #{id}"
    MachO::Tools.change_dylib_id(file, id, strict: false)
    apply_ad_hoc_signature(file)
  rescue MachO::MachOError
    onoe <<~EOS
      Failed changing dylib ID of #{file}
        from #{file.dylib_id}
          to #{id}
    EOS
    raise
  end

  def change_install_name(old, new, file)
    return if old == new

    @require_relocation = true
    odebug "Changing install name in #{file}\n  from #{old}\n    to #{new}"
    MachO::Tools.change_install_name(file, old, new, strict: false)
    apply_ad_hoc_signature(file)
  rescue MachO::MachOError
    onoe <<~EOS
      Failed changing install name in #{file}
        from #{old}
          to #{new}
    EOS
    raise
  end

  def apply_ad_hoc_signature(file)
    return if MacOS.version < :big_sur
    return unless Hardware::CPU.arm?

    odebug "Codesigning #{file}"
    # Use quiet_system to squash notifications about resigning binaries
    # which already have valid signatures.
    return if quiet_system("codesign", "--sign", "-", "--force",
                           "--preserve-metadata=entitlements,requirements,flags,runtime",
                           file)

    # If the codesigning fails, it may be a bug in Apple's codesign utility
    # A known workaround is to copy the file to another inode, then move it back
    # erasing the previous file. Then sign again.
    #
    # TODO: remove this once the bug in Apple's codesign utility is fixed
    Dir::Tmpname.create("workaround") do |tmppath|
      FileUtils.cp file, tmppath
      FileUtils.mv tmppath, file, force: true
    end

    # Try signing again
    odebug "Codesigning (2nd try) #{file}"
    return if quiet_system("codesign", "--sign", "-", "--force",
                           "--preserve-metadata=entitlements,requirements,flags,runtime",
                           file)

    # If it fails again, error out
    onoe <<~EOS
      Failed applying an ad-hoc signature to #{file}
    EOS
  end
end
Move type annotations into files. 2020-10-10 14:16:11 +02:00			`# typed: true`
Add frozen_string_literal to all files. 2019-04-19 15:38:03 +09:00			`# frozen_string_literal: true`

Revert "mach: Avoid reopening the file for relocation" 2017-09-27 02:08:23 -07:00			`class Keg`
			`def change_dylib_id(id, file)`
			`return if file.dylib_id == id`
Update to RuboCop 0.59.1. 2018-09-17 02:45:00 +02:00
Revert "mach: Avoid reopening the file for relocation" 2017-09-27 02:08:23 -07:00			`@require_relocation = true`
Replace `Homebrew.args` with `Context`. 2020-08-02 14:32:31 +02:00			`odebug "Changing dylib ID of #{file}\n from #{file.dylib_id}\n to #{id}"`
Revert "mach: Avoid reopening the file for relocation" 2017-09-27 02:08:23 -07:00			`MachO::Tools.change_dylib_id(file, id, strict: false)`
keg: add codesigning 2020-11-10 23:52:33 +01:00			`apply_ad_hoc_signature(file)`
Revert "mach: Avoid reopening the file for relocation" 2017-09-27 02:08:23 -07:00			`rescue MachO::MachOError`
Use “squiggly” heredocs. 2017-10-15 02:28:32 +02:00			`onoe <<~EOS`
Revert "mach: Avoid reopening the file for relocation" 2017-09-27 02:08:23 -07:00			`Failed changing dylib ID of #{file}`
			`from #{file.dylib_id}`
			`to #{id}`
			`EOS`
			`raise`
			`end`

			`def change_install_name(old, new, file)`
			`return if old == new`
Update to RuboCop 0.59.1. 2018-09-17 02:45:00 +02:00
Revert "mach: Avoid reopening the file for relocation" 2017-09-27 02:08:23 -07:00			`@require_relocation = true`
Replace `Homebrew.args` with `Context`. 2020-08-02 14:32:31 +02:00			`odebug "Changing install name in #{file}\n from #{old}\n to #{new}"`
Revert "mach: Avoid reopening the file for relocation" 2017-09-27 02:08:23 -07:00			`MachO::Tools.change_install_name(file, old, new, strict: false)`
keg: add codesigning 2020-11-10 23:52:33 +01:00			`apply_ad_hoc_signature(file)`
Revert "mach: Avoid reopening the file for relocation" 2017-09-27 02:08:23 -07:00			`rescue MachO::MachOError`
Use “squiggly” heredocs. 2017-10-15 02:28:32 +02:00			`onoe <<~EOS`
Revert "mach: Avoid reopening the file for relocation" 2017-09-27 02:08:23 -07:00			`Failed changing install name in #{file}`
			`from #{old}`
			`to #{new}`
			`EOS`
			`raise`
			`end`
keg: add codesigning 2020-11-10 23:52:33 +01:00
			`def apply_ad_hoc_signature(file)`
			`return if MacOS.version < :big_sur`
			`return unless Hardware::CPU.arm?`

			`odebug "Codesigning #{file}"`
			`# Use quiet_system to squash notifications about resigning binaries`
			`# which already have valid signatures.`
			`return if quiet_system("codesign", "--sign", "-", "--force",`
			`"--preserve-metadata=entitlements,requirements,flags,runtime",`
			`file)`

			`# If the codesigning fails, it may be a bug in Apple's codesign utility`
			`# A known workaround is to copy the file to another inode, then move it back`
			`# erasing the previous file. Then sign again.`
			`#`
			`# TODO: remove this once the bug in Apple's codesign utility is fixed`
			`Dir::Tmpname.create("workaround") do \|tmppath\|`
			`FileUtils.cp file, tmppath`
			`FileUtils.mv tmppath, file, force: true`
			`end`

			`# Try signing again`
			`odebug "Codesigning (2nd try) #{file}"`
			`return if quiet_system("codesign", "--sign", "-", "--force",`
			`"--preserve-metadata=entitlements,requirements,flags,runtime",`
			`file)`

			`# If it fails again, error out`
			`onoe <<~EOS`
			`Failed applying an ad-hoc signature to #{file}`
			`EOS`
			`end`
Revert "mach: Avoid reopening the file for relocation" 2017-09-27 02:08:23 -07:00			`end`