Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
nexe converted node.js file no longer produces valid Mach-O (fails codesign)
See original GitHub issueThis is a
- Bug Report
- Feature Request
- Other
Hi,
I used nexe to transform a Node.js file to an executable used by a macOS application.
I recently updated to 2.0.0-rc.29 (from a version a ~year ago) and it no longer works.
First, I had an issue where Xcode codesign would fail:
codesign says my main executable failed strict validation.
- Your Mach-O executable does not conform to modern Mach-O layout rules.
- You may be using a third party development product that hasn't been brought up to date, or post-processed your file in unsupported ways.
That got fixed by the following issues / hack:
https://github.com/nexe/nexe/issues/446 https://github.com/nexe/nexe/issues/470
But then I had another error:
caught error in https
ReferenceError: net is not defined
at Server.server.on (_third_party_main.js:212:14)
at Server.emit (events.js:182:13)
at onParserExecuteCommon (_http_server.js:535:14)
at onParserExecute (_http_server.js:482:3)
These are the “imports” I used:
const http = require('http');
const httpProxy = require('http-proxy');
const fs = require('fs');
const parseDomain = require('parse-domain');
I guess this is a result of “resources” not working:
Nexe relies on mangling the base binary which inherently breaks signing. Using the patch shown in that comment should allow you to embed your application fully. However, resources will not work.
Is there any way around this? Maybe I should use something else? Or maybe there is planned support for it?
Thank you, and I appreciate the library. It helped to quickly transform code written in Node to be used in macOS.
- Platform(OS/Version): macOS 10.13.15
- Host Node Version: v10.3.0
- Target Node Version: v10.3.0
- Nexe version: 2.0.0-rc.29
- Python Version: 2.7.10
Issue Analytics
- State:
- Created 5 years ago
- Reactions:3
- Comments:9
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
OSX signing is evil. Basically, you can’t sign something which has had stuff appended to it (like a new nexe app has). I recently spend 2 weeks making my (heavily modified old NEXE app using lockwrap for a filesystem) work for OSX. The solution I came up with was as follows: Because an OSX ‘APP’ is normally delivered as a folder structure, you can include data files in your deployment. So, quite simply, I modified my ‘internal’ nexe javascript (the stuff which is compiled in) to look for the packaged filesystem in a known datafile, and if that failed, look on the end of the exe (e.g. for win32 or linux). This allows you to sign the (now valid) OSX plain executable, and the data file get’s signed separately, then it all works, and even passed their new ‘let apple virus scan it’ system… 😃.
Now trying to upgrade from node 6.9.11 to node 12.10.0 using latest nexe… more heavy nexe modifications required 😃 (but once done the OSX should still be fine).
p.s. if someone really wants a challenge, check out my fork of isign - OSX signing without OSX - I gave up at the last hurdle, but maybe someone with better python/openssl experience can take it on…
The signing is: sudo codesign -vvvv --force --options runtime --timestamp --entitlements ./osx-entitlements.plist -fs “my stuff” ./dmg.12.13.0/myapp.app
and test: echo test signing codesign -dv --verbose=4 ./dmg.12.13.0/myapp.app echo test signing with spctl spctl --assess --verbose ./dmg.12.13.0/myapp.app
what fun OSX is!