apunkt/SurfSense
1
0
Fork 0
mirror of https://github.com/MODSetter/SurfSense.git synced 2026-06-06 20:15:17 +02:00
Code Issues Projects Releases Packages Wiki Activity

feat(desktop): enable hardened runtime and entitlements for mac signing

Browse source 
Made-with: Cursor
This commit is contained in:
DESKTOP-RTLN3BA\$punk 2026-04-30 15:39:12 -07:00
parent e5b2ac7918
commit 3a73912a86
2 changed files with 39 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

35
surfsense_desktop/build/entitlements.mac.plist Normal file
View file

@ -0,0 +1,35 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<!-- Required for Electron's V8 JIT under hardened runtime -->
<key>com.apple.security.cs.allow-jit</key>
<true/>
<key>com.apple.security.cs.allow-unsigned-executable-memory</key>
<true/>
<!-- node-mac-permissions and other native deps load dylibs at runtime -->
<key>com.apple.security.cs.allow-dyld-environment-variables</key>
<true/>
<key>com.apple.security.cs.disable-library-validation</key>
<true/>
<!-- Networking (OAuth, API calls, auto-updater, deep links) -->
<key>com.apple.security.network.client</key>
<true/>
<key>com.apple.security.network.server</key>
<true/>
<!-- Screen Capture / Screenshot Assist -->
<key>com.apple.security.device.camera</key>
<true/>
<!-- Accessibility / Apple Events used by general-assist -->
<key>com.apple.security.automation.apple-events</key>
<true/>
<!-- File access for folder watcher / agent filesystem features -->
<key>com.apple.security.files.user-selected.read-write</key>
<true/>
</dict>
</plist>

5
surfsense_desktop/electron-builder.yml
View file

@ -46,8 +46,11 @@ mac:
icon: assets/icon.icns
category: public.app-category.productivity
artifactName: "${productName}-${version}-${arch}.${ext}"
hardenedRuntime: false
hardenedRuntime: true
gatekeeperAssess: false
entitlements: build/entitlements.mac.plist
entitlementsInherit: build/entitlements.mac.plist
notarize: true
extendInfo:
NSAccessibilityUsageDescription: "SurfSense uses accessibility features to bring the app to the foreground and interact with the active application when you use desktop assists."
NSScreenCaptureUsageDescription: "SurfSense uses screen capture so you can attach a selected region to chat (Screenshot Assist) or capture the full screen from the composer."