fix: generate stubExecutableExe and sign it #8959
Conversation
🦋 Changeset detectedLatest commit: eb5d7b3 The changes in this PR will be included in the next version bump. This PR includes changesets to release 8 packages
Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
packages/electron-builder-squirrel-windows/src/SquirrelWindowsTarget.ts
Outdated
Show resolved
Hide resolved
|
|
|
Looks like |
|
Looks like it works sans the package.json not including vendor in the package - good job @beyondkmp I also checked that the number of signings remained the same |
There was a problem hiding this comment.
Adding the vendor directory adds a few megabytes (quick maffs) to the repo, which is the antipattern from what electron-builder-binaries is supposed to be used for. IIRC though, the squirrel windows target/package must be installed separately and isn't part of the electron-builder dependency tree, right? In this case, I think it's safe to add the vendor files (albeit I'll still need to verify file origin). In general though, we should avoid adding vendor files directly to electron-builder unless absolutely necessary (which is the case with this fix)
packages/electron-builder-squirrel-windows/src/SquirrelWindowsTarget.ts
Outdated
Show resolved
Hide resolved
packages/electron-builder-squirrel-windows/src/SquirrelWindowsTarget.ts
Outdated
Show resolved
Hide resolved
Yup, |
my bad. Added. |
|
These vendor files are copied from the GitHub Actions workflow at https://github.com/beyondkmp/Squirrel.Windows/actions/runs/13871759240/job/38819263248 and the other files(like 7zip,nuget) are copiled from https://github.com/electron/windows-installer/tree/main/vendor. https://github.com/Squirrel/Squirrel.Windows/pull/1903/files |
|
@beyondkmp new squirrel.windows in electron-builder-binaries with your patch applied can be found in this "compile" PR. (The CI/CD takes care of generating and committing the artifacts post-merge of the PR through Changesets GHA) |
|
[email protected] using Squirrel 2.0.1 artifact has been released |
… binaries - Added logic to download and copy custom Squirrel binaries if the specified vendor directory is not accessible. - Removed outdated vendor binaries and configuration files to streamline the package.
…line package structure
…proved functionality
…e correct path handling
…ure proper installation
| await fs.promises.cp(vendorDirectory, tmpVendorDirectory, { recursive: true }) | ||
| if (customSquirrelBin && customSquirrelBin.length > 0) { |
There was a problem hiding this comment.
I'm not sure what this is checking for. Are you intending?
!isEmptyOrSpaces(customSquirrelBin) && await exists(customSquirrelBin)
There was a problem hiding this comment.
There was a bit of ambiguity in the wording. What I meant is: if the user has specified a custom Squirrel, we should not overwrite it with our patched version.
packages/electron-builder-squirrel-windows/src/SquirrelWindowsTarget.ts
Outdated
Show resolved
Hide resolved
…r improved binary retrieval
| const vendorDirectory = path.join(path.dirname(windowInstallerPackage), "vendor") | ||
|
|
||
| const squirrelBin = await getBinFromUrl( | ||
| "[email protected]", |
There was a problem hiding this comment.
A special @ character in the path causes the failure.
fix #8952
Root Cause
when createExecutableStubForExe is executed, WriteZipToSetup writes information to the file, essentially creating a new file, which invalidates the original signature.
https://github.com/Squirrel/Squirrel.Windows/blob/51f5e2cb01add79280a53d51e8d0cfa20f8c9f9f/src/Update/Program.cs#L633-L647
How to fix
Apply a patch to the Squirrel Windows source code(Squirrel/Squirrel.Windows#1903). For the existing stub exe files, don't generate them anymore. Then, a new stub exe can be generated in Electron Builder and signed.