From de0eb57dea08dbf7554ac9d5df5af128facb1033 Mon Sep 17 00:00:00 2001 From: Salah Benmoussati <51402489+sbenmoussati@users.noreply.github.com> Date: Fri, 6 Sep 2024 09:34:13 +0200 Subject: [PATCH] SDA-4611 Disable EnableNodeCliInspectArguments electron fuse (#2196) * SDA-4611 Disable EnableNodeCliInspectArguments electron fuse * Semgrep update --- .semgrepignore | 3 ++- package.json | 2 ++ scripts/afterPackHoock.js | 21 +++++++++++++++++++++ 3 files changed, 25 insertions(+), 1 deletion(-) create mode 100644 scripts/afterPackHoock.js diff --git a/.semgrepignore b/.semgrepignore index c3f824af..945774c0 100644 --- a/.semgrepignore +++ b/.semgrepignore @@ -1,2 +1,3 @@ spec/ -Dockerfile \ No newline at end of file +Dockerfile +scripts/afterPackHoock.js \ No newline at end of file diff --git a/package.json b/package.json index 94602581..c6a261d8 100644 --- a/package.json +++ b/package.json @@ -41,6 +41,7 @@ "artifactName": "${productName}-${version}-${os}.${ext}", "asar": true, "asarUnpack": "**/*.node", + "afterPack": "scripts/afterPackHoock.js", "nsis": { "perMachine": false, "oneClick": true, @@ -167,6 +168,7 @@ "url": "https://support.symphony.com" }, "devDependencies": { + "@electron/fuses": "^1.8.0", "@types/cheerio": "^0.22.22", "@types/enzyme": "^3.10.7", "@types/fs-extra": "^9.0.0", diff --git a/scripts/afterPackHoock.js b/scripts/afterPackHoock.js new file mode 100644 index 00000000..93cfb8a0 --- /dev/null +++ b/scripts/afterPackHoock.js @@ -0,0 +1,21 @@ +const path = require('path'); +const { flipFuses, FuseVersion, FuseV1Options } = require('@electron/fuses'); + +module.exports = async function afterPack(context) { + const { + appOutDir, + packager: { appInfo, platform }, + } = context; + const ext = { + darwin: '.app', + win32: '.exe', + }[context.electronPlatformName]; + const electronBinaryPath = path.join( + appOutDir, + `${appInfo.productFilename}${ext}`, + ); + await flipFuses(electronBinaryPath, { + version: FuseVersion.V1, + [FuseV1Options.EnableNodeCliInspectArguments]: false, + }); +};