Scripts: Make ad-hoc fallback opt-in with stronger TCC warnings

2026-01-04 08:01:02 +13:00
parent 8c7b2aa2d3
commit 99c3fc1128
1 changed files with 10 additions and 2 deletions
--- a/scripts/codesign-mac-app.sh
+++ b/scripts/codesign-mac-app.sh
@@ -57,8 +57,16 @@ select_identity() {

 if [ -z "$IDENTITY" ]; then
  if ! IDENTITY="$(select_identity)"; then
-    echo "WARN: No signing identity found. Falling back to ad-hoc signing (-)." >&2
-    IDENTITY="-"
+    if [[ "${ALLOW_ADHOC_SIGNING:-}" == "1" ]]; then
+      echo "WARN: No signing identity found. Falling back to ad-hoc signing (-)." >&2
+      echo "      !!! WARNING: Ad-hoc signed apps do NOT persist TCC permissions (Accessibility, etc) !!!" >&2
+      echo "      !!! You will need to re-grant permissions every time you restart the app.         !!!" >&2
+      IDENTITY="-"
+    else
+      echo "ERROR: No signing identity found. Set SIGN_IDENTITY to a valid codesigning certificate." >&2
+      echo "       Alternatively, set ALLOW_ADHOC_SIGNING=1 to fallback to ad-hoc signing (limitations apply)." >&2
+      exit 1
+    fi
  fi
 fi