MCPcopy
hub / github.com/codeaashu/claude-code / codesignRipgrepIfNecessary

Function codesignRipgrepIfNecessary

src/utils/ripgrep.ts:620–679  ·  view source on GitHub ↗
()

Source from the content-addressed store, hash-verified

618
619let alreadyDoneSignCheck = false
620async function codesignRipgrepIfNecessary() {
621 if (process.platform !== 'darwin' || alreadyDoneSignCheck) {
622 return
623 }
624
625 alreadyDoneSignCheck = true
626
627 // Only sign the standalone vendored rg binary (npm builds)
628 const config = getRipgrepConfig()
629 if (config.mode !== 'builtin') {
630 return
631 }
632 const builtinPath = config.command
633
634 // First, check to see if ripgrep is already signed
635 const lines = (
636 await execFileNoThrow('codesign', ['-vv', '-d', builtinPath], {
637 preserveOutputOnError: false,
638 })
639 ).stdout.split('\n')
640
641 const needsSigned = lines.find(line => line.includes('linker-signed'))
642 if (!needsSigned) {
643 return
644 }
645
646 try {
647 const signResult = await execFileNoThrow('codesign', [
648 '--sign',
649 '-',
650 '--force',
651 '--preserve-metadata=entitlements,requirements,flags,runtime',
652 builtinPath,
653 ])
654
655 if (signResult.code !== 0) {
656 logError(
657 new Error(
658 `Failed to sign ripgrep: ${signResult.stdout} ${signResult.stderr}`,
659 ),
660 )
661 }
662
663 const quarantineResult = await execFileNoThrow('xattr', [
664 '-d',
665 'com.apple.quarantine',
666 builtinPath,
667 ])
668
669 if (quarantineResult.code !== 0) {
670 logError(
671 new Error(
672 `Failed to remove quarantine: ${quarantineResult.stdout} ${quarantineResult.stderr}`,
673 ),
674 )
675 }
676 } catch (e) {
677 logError(e)

Callers 3

ripGrepFileCountFunction · 0.85
ripGrepStreamFunction · 0.85
ripGrepFunction · 0.85

Calls 2

execFileNoThrowFunction · 0.85
logErrorFunction · 0.70

Tested by

no test coverage detected