From b29b81e458554168c45ad02a399b4d6f53a79f24 Mon Sep 17 00:00:00 2001 From: Winter Date: Sat, 22 Oct 2022 13:19:07 -0400 Subject: [PATCH] vscode: don't fixup on darwin Editing the `code` binary within the app bundle causes the bundle's signature to be invalidated, which prevents launching starting with macOS Ventura, because VS Code is notarized. See https://eclecticlight.co/2022/06/17/app-security-changes-coming-in-ventura/ for more information. --- pkgs/applications/editors/vscode/generic.nix | 3 ++- pkgs/applications/editors/vscode/vscode.nix | 5 +++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/pkgs/applications/editors/vscode/generic.nix b/pkgs/applications/editors/vscode/generic.nix index 3c0d5653691c..59910c89428b 100644 --- a/pkgs/applications/editors/vscode/generic.nix +++ b/pkgs/applications/editors/vscode/generic.nix @@ -12,6 +12,7 @@ # Attributes inherit from specific versions , version, src, meta, sourceRoot, commandLineArgs , executableName, longName, shortName, pname, updateScript +, dontFixup ? false # sourceExecutableName is the name of the binary in the source archive, over # which we have no control , sourceExecutableName ? executableName @@ -21,7 +22,7 @@ let inherit (stdenv.hostPlatform) system; unwrapped = stdenv.mkDerivation { - inherit pname version src sourceRoot; + inherit pname version src sourceRoot dontFixup; passthru = { inherit executableName longName tests updateScript; diff --git a/pkgs/applications/editors/vscode/vscode.nix b/pkgs/applications/editors/vscode/vscode.nix index 7788105e1d4f..637aefc3074d 100644 --- a/pkgs/applications/editors/vscode/vscode.nix +++ b/pkgs/applications/editors/vscode/vscode.nix @@ -46,6 +46,11 @@ in updateScript = ./update-vscode.sh; + # Editing the `code` binary within the app bundle causes the bundle's signature + # to be invalidated, which prevents launching starting with macOS Ventura, because VS Code is notarized. + # See https://eclecticlight.co/2022/06/17/app-security-changes-coming-in-ventura/ for more information. + dontFixup = stdenv.isDarwin; + meta = with lib; { description = '' Open source source code editor developed by Microsoft for Windows,