UpdaterCommon: Fix code signing error after updating on macOS #9858
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Upon launching an app, macOS's kernel caches all code signatures from the main executable and any frameworks it uses. When the updater notices a file needs to be updated, it uses
File::Copy()
, which reads the contents of the new file and writes it over the contents of the old file. This operation does not invalidate the code signature cache. Therefore, when Dolphin is launched after the update operation is complete, the cached code signature is used to validate the new files. macOS then proceeds to kill Dolphin due to a code signing error.The solution: Use Rename instead of Copy.
(Thanks to Quinn from the Apple Developer Forums for making a post about this quirk.
Also, this PR only fixes one issue with the macOS updater. If the bundle has the
com.apple.quarantine
xattr set, then the updater may fail to launch. #8915 fixes this issue.)