fix(macos): frameworks being signed with entitlements unnecessarily (#12423)

2026-01-31 00:35:19 +01:00 · 2025-01-23 06:14:33 -05:00
parent 9d02c18ac2
commit 9a30bed98c
2 changed files with 11 additions and 1 deletions
--- a/.changes/framework-entitlements.md
+++ b/.changes/framework-entitlements.md
@@ -0,0 +1,5 @@
+---
+'tauri-cli': 'patch:enhance'
+---
+
+Added conditional logic to MacOS codesigning where only executables get the entitlements file when being signed. This solves an issue where the app may not launch when using 3rd party frameworks if certain entitlements are added. Ex: multicast support (must be applied for through apple developer, and the framework would not have that capability).
--- a/crates/tauri-bundler/src/bundle/macos/sign.rs
+++ b/crates/tauri-bundler/src/bundle/macos/sign.rs
@@ -48,9 +48,14 @@ pub fn sign(
  log::info!(action = "Signing"; "with identity \"{}\"", keychain.signing_identity());

  for target in targets {
+    let entitlements_path = if target.is_an_executable {
+      settings.macos().entitlements.as_ref().map(Path::new)
+    } else {
+      None
+    };
    keychain.sign(
      &target.path,
-      settings.macos().entitlements.as_ref().map(Path::new),
+      entitlements_path,
      target.is_an_executable && settings.macos().hardened_runtime,
    )?;
  }