* Upgrade Electron to v0.37.6
The main motiviation for such upgrade is that an error manifesting
itself as `Cannot read property 'object' of undefined` on certain Linux
systems was fixed in v0.37.4.
See https://github.com/electron/electron/issues/5229
Signed-off-by: Juan Cruz Viotti <jviottidc@gmail.com>
* Make use of shell module by requiring `shell`
Otherwise we get a strange issue when trying to stub it:
TypeError: Attempted to wrap undefined property openExternal as function
Signed-off-by: Juan Cruz Viotti <jviottidc@gmail.com>
This is useful to prompt the user to install the `.desktop` file.
The `Description` key in `Etcher.desktop` was changed to `Comment` since
`desktop-file-validate` complained with:
Etcher.desktop: error: file contains key "Description" in group "Desktop
Entry", but keys extending the format should start with "X-"
After checking the desktop file format specification, the correct key
should be "Comment"
(https://specifications.freedesktop.org/desktop-entry-spec/latest/ar01s05.html).
See: bc6e519964 (commitcomment-17164442)
Signed-off-by: Juan Cruz Viotti <jviottidc@gmail.com>
This PR fixes a frequent issue users were having where opening
`Etcher.app` would result in:
"Etcher.app" is damaged and can't be opened. You should move it to
the trash.
Checking the code-signature of the application returned the following
error message:
$ spctl -a -v Etcher.app
Etcher.app: invalid signature (code or signature have been modified)
The solution is based on the following paragraphs from Apple's "OS X
Code Signing in Depth" technical note:
https://developer.apple.com/library/mac/technotes/tn2206/_index.html
> Code signing uses extended attributes to store signatures in non-Mach-O
> executables such as script files. If the extended attributes are lost
> then the program's identity will be broken. Thus, when you ship your
> script, you must use a mechanism that preserves extended attributes.
>
> One way to guarantee preservation of extended attributes is by packing
> up your signed code in a read-write disk image (DMG) file before signing
> and then, after signing, converting to read-only. You probably don't
> need to use a disk image until the final package stage so another less
> heavy-handed method would be to use ZIP or XIP files.
In summary, what we now do is:
- Create a temporal read-write DMG image.
- Perform the code-signing *inside* the DMG image.
- Convert the temporal DMG image into a compressed read-only image.
Sadly, this custom workflow doesn't fit in `electron-packager` nor
`electron-builder`, so we had to re-implement the features those
packages provide us in a nice encapsulated way ourselves.
Signed-off-by: Juan Cruz Viotti <jviottidc@gmail.com>
The `bluebird` module contains a directory called "release", which gets
omitted by `electron-packager`.
After some experimentation, there doesn't seems to be a way to make
`electron-packager` ignore a pattern only on the current directory,
therefore we change the name of our output directory to something that
can't possibly collide with something else.
