Closed vscheuber closed 6 months ago
it appears that switching over to the new fork is frictionless. I tested the MacOS binary only but it built and ran just like with the Vercel version.
The first pipeline run failed with the new yao-pkg version but it is unclear if that was because of pkg or Apple tightening up the code signing requirements:
codesign -f -s 'Developer ID Application' --options runtime --entitlements entitlements.plist --timestamp --deep frodo
shell: /bin/bash -e {0}
env:
NODE_VERSION: 18
frodo: main executable failed strict validation
It appears that we were using the --no-signature
option in pkg
but Apple appears to now require ad-hoc signatures and replaces them when codesign-ing. On my local workstation, the pipeline error was reproducible with the --no-signature
option and not reproducible when omitting the option.
So it is unclear if the switch to yao-pkg/pkg
caused this or coincided with Apple requiring ad-hoc signatures.
Removing the --no-signature
option fixed the pipeline.
It appears Vercel is no longer actively maintaining vercel/pkg, our current SEA (single executable application) tool.
There is a new fork, yao-pkg/pkg by one of the maintainers, which looks interesting and worth following until the Node.js SEA capabilities are far enough to switch.