Re: [hatari-devel] hatari.app from cirrus-ci (was: Re: One scanline short in ST fullscreen)

[ Thread Index | Date Index | More lists.tuxfamily.org/hatari-devel Archives ]


Here is a first patch that reduces the differences between Hatari and Previous. It does not yet fix the quarantine problem, but does fix two other issues: Setting CMAKE_OSX_ARCHITECTURES and CMAKE_OSX_DEPLOYMENT_TARGET must be set before the call to project(). Otherwise it won’t be recognised. Therefore building Hatari as universal binary was broken.
I also added automatic addition of SDL2.framework and png.framework to the bundle. This way you get a runnable application out of the box (else you would have to copy the frameworks to the bundle manually before to make it work). This is necessary since Xcode 15.
I also removed some unused stuff.

I highly recommend applying this patch.

Attachment: hatari_patch.diff
Description: Binary data



Am 15.12.2023 um 06:11 schrieb Andreas Grabher <andreas_g86@xxxxxxxxxx>:

Okay, thank you again for testing! I consider the behaviour with Previous as „normal“ for an application that is not on the App Store. I use many apps that are not signed by paying developers. 

So let‘s try to make Hatari at least work the same way as Previous. I‘ll go through the CMakeFiles.txt on the weekend and try to make them more similar.


Am 15.12.2023 um 04:03 schrieb Bob Carpenter <hatari@xxxxxxxxxx>:

Andreas,

I am happy to help if I can. I am sure that Mac users will want to run Hatari 2.5.0 when it is released. As you know, many Mac users are not comfortable working with Terminal.


Andreas,

Anyway, I get the same message as the previous Previous (no pun intended). MacOS tells me that Apple cannot scan for malicious software. When I right-click on the Previous app, I receive an Open option that allows me to run Previous. After that first time running Previous with the right-click Open option, I can simply double-click Previous in order to get it to run.

Bob C

On Dec 14, 2023, at 7:43 PM, Andreas Grabher <andreas_g86@xxxxxxxxxx> wrote:

Very interesting! Can you also test this binary:

Sorry for the inconvenience! If this works too, I think the problem is in the CMakeList.txt of the base directory or the CMakeList.txt of the src directory. Then we should gradually reduce the differences between Hatari and Previous regarding these files.

One thing I noticed is that compiling Hatari gives me lots of warnings (appended). But they seem to be only deprecation warnings. Anyway maybe disabling macOS GUI is worth a try.

Another thing I noticed is that the Hatari application bundle does not contain the _CodeSignature folder even I did sign it the same way as Previous.
<warnings.txt>

Am 14.12.2023 um 22:12 schrieb Bob Carpenter <hatari@xxxxxxxxxx>:

Yes, Previous behaves differently. Previous gives me a message on my first run that Apple cannot scan it for malicious software and I can only close the window. The next time I ran it from the right-click contextual menu and macOS gives me the option to open the file anyway. Once I do this, I can run Previous. On any subsequent run, Previous runs simply by double-clicking on the app.

With Hatari, it tells me the file is damaged. Even clicking on the right-click menu and opening the file gives me the same damaged error. Once I clear the quarantine flag with “xattr -cr”, only then can I run Hatari.

Bob C

On Dec 14, 2023, at 12:06 PM, Andreas Grabher <andreas_g86@xxxxxxxxxx> wrote:

Please test Previous again to make sure it behaves differently:
https://www.dropbox.com/scl/fi/lqv0n5r0bivjb95eucov8/Previous_2.9c.zip?rlkey=9fro23gt1ussnobtjyau0o309&dl=0

Am 14.12.2023 um 20:01 schrieb Bob Carpenter <hatari@xxxxxxxxxx>:

Andreas,

Yes, your download has the same quarantine issue (need to use xattr -cr to clear the quarantine flag) as the download at cirrus-ci.

Bob C

On Dec 14, 2023, at 11:38 AM, Andreas Grabher <andreas_g86@xxxxxxxxxx> wrote:

I have no payed developer account. I have just built Hatari on my system. You can get it from here:

I signed with these commands:
cd src/hatari.app/Contents/MacOS
codesign --force -s - hatari

Does my build also suffer from the quarantine issue?

I did some minor changes to the CMake files. It automatically copies SDL2.framework and png.framework to the application bundle. This simplifies the build script.

<hatari_build.diff>

Am 14.12.2023 um 18:53 schrieb Bob Carpenter <hatari@xxxxxxxxxx>:

Thomas,

The question is why the file is stuck in quarantine. I know you are not a Mac user so that it something one of the technical Mac users will need to figure out. I do not want to commit myself to this because I have been busy. Right now, I do not know why macOS mistakenly assumes malware or some other problem so the “file is damaged” error appears. I do not know why Troed’s environment did not produce this problem.

Andreas,

Was your code signature for Previous a self-generated (not official $99/year) certificate? As I recall, the only message I received from running Previous is that it was not from a registered developer. I have seen the same message from other emulators the first time I ran them. It is very common for a developer to not pay for a $99/year for an official developer certificate if the software is free.

Bob C

On Dec 14, 2023, at 2:03 AM, Thomas Huth <th.huth@xxxxxxxxx> wrote:

Am Sun, 10 Dec 2023 18:27:14 +0100
schrieb Andreas Grabher <andreas_g86@xxxxxxxxxx>:

Am 10.12.2023 um 17:22 schrieb Thomas Huth <th.huth@xxxxxxxxx>:

Am Sun, 10 Dec 2023 13:03:17 +0000
schrieb Troed Sångberg <troed@xxxxxxxxxxx>:

Hi all,

I'd like to re-iterate that the signing certificate I have through my own company is available to use for Hatari. Yes we'll have to have some sort of agreement on who has access to it, but I'm not too worried about that within our community.

Please do not hesitate to ask - the "only" thing I didn't want to continue doing was to run the VM for nightly builds and be responsible for packaging up new macOS releases since I do not use macOS myself anymore.  

Thanks, but I think we'd need a volunteer with macOS server machine for
that. I don't think this will work with those cirrus-ci cloud machines, or
even if it would work, it sounds somewhat dangerous to me to upload your
certificates to a third party cloud machine that is not under direct
control of someone from the Hatari community... At least I don't want to be
responsible for that, since I cannot garantuee for the safety of those
machines.

Thomas

I saw you just patched the macOS job. There is still that entitlements option. I don’t know what this is for. Maybe try without it and see if the quarantine problem is gone?

No, I think that's not related to the quarantine flag since this is added
by macOS when downloading a file, not when creating a .zip file on the host.

Also, I did not use the entitlements in the last run that you've tested:

https://cirrus-ci.com/task/6699424026460160?logs=main#L680

but you still had to use the xattr stuff there to remove the quarantine
flag.

So I decided to keep the entitlement parameter since I was told that should
fix a problem with microphone access in Falcon mode.

Thomas













Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/