fix: skip unsupported PowerShell scripts in Windows signing#3169
fix: skip unsupported PowerShell scripts in Windows signing#3169wwwillchen merged 3 commits intodyad-sh:mainfrom
Conversation
|
@BugBot run |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
π‘ Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 8d2a5ac410
βΉοΈ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with π.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
![devin-ai-integration[bot]](https://avatars.githubusercontent.com/in/811515?s=60&v=4){kind=small}
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces a mechanism to remove specific PowerShell scripts from native dependencies that cause Windows Authenticode signing failures. It adds a utility function to handle the file removal, integrates it into the Electron Forge configuration via an afterCopy hook, and includes a corresponding test suite. The review feedback suggests refactoring the afterCopy hook to use an async function for improved readability and to simplify the promise handling.
There was a problem hiding this comment.
Pull request overview
Adds a packaging-time cleanup step to remove bundled PowerShell helper scripts (from node-pty) that cause Windows signing to fail, and documents the rationale.
Changes:
- Introduces
removeUnsupportedWindowsSigningFiles()and a list of unsupported paths. - Hooks the cleanup into Electron Forge packaging via
packagerConfig.afterCopywhen Windows signing is enabled. - Adds a Vitest unit test for the cleanup helper and updates native module documentation.
Reviewed changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
| src/lib/windows_signing.ts | Adds helper + path list to delete unsupported .ps1 files before signing. |
| src/tests/windows_signing.test.ts | Adds unit test for the cleanup helper. |
| forge.config.ts | Wires cleanup into Forge packaging when Windows signing is enabled. |
| rules/native-modules.md | Documents the Windows signing failure mode and mitigation. |
π‘ Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- fix Windows signing cleanup paths for Forge afterCopy hooks - keep the existing callback hook shape for packager type compatibility Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
This comment was marked as resolved.
This comment was marked as resolved.
Sorry, something went wrong.
|
@BugBot run |
There was a problem hiding this comment.
β Bugbot reviewed your changes and found no new issues!
Comment @cursor review or bugbot run to trigger another review on this PR
Reviewed by Cursor Bugbot for commit 9dabf6c. Configure here.
π€ Claude Code Review SummaryPR Confidence: 5/5All trusted review threads were addressed or resolved, and the branch passes formatting, lint, type-checks, and tests after the follow-up fix. Unresolved ThreadsNo unresolved threads Resolved Threads
Product Principle SuggestionsNo suggestions π€ Generated by Claude Code |
Claude Code Review SummaryPR Confidence: 5/5All trusted review threads were addressed or resolved, and the branch passes formatting, lint, type-checks, and tests after the follow-up fix. Unresolved ThreadsNo unresolved threads Resolved Threads
Product Principle SuggestionsNo suggestions Generated by Claude Code |
![dyad-assistant[bot]](https://avatars.githubusercontent.com/in/3027874?s=60&v=4){kind=small}
| @@ -0,0 +1,18 @@ | |||
| import fs from "node:fs/promises"; | |||
There was a problem hiding this comment.
π‘ MEDIUM | missing-why-comment
No explanation of the signtool failure mode
This module has zero comments explaining why these specific files must be removed. A future maintainer (or anyone debugging a regression) will see a file that deletes two random .ps1 files and have no context for why. The "why" exists in rules/native-modules.md but is not discoverable from the code.
π‘ Suggestion: Add a file-level JSDoc comment explaining: (1) signtool.exe recursively signs .ps1 files inside packaged native dependencies, (2) node-pty's winpty debug helpers are not Authenticode-signable and are not loaded at runtime, (3) removing them is the minimal intervention to let signing succeed. Reference rules/native-modules.md.
| export const UNSUPPORTED_WINDOWS_SIGNING_RELATIVE_PATHS = [ | ||
| "node_modules/node-pty/deps/winpty/misc/ConinMode.ps1", | ||
| "node_modules/node-pty/deps/winpty/misc/IdentifyConsoleWindow.ps1", | ||
| ] as const; |
There was a problem hiding this comment.
π‘ MEDIUM | brittleness
Hardcoded file list will silently break on node-pty upgrades
This pins two exact paths inside node-pty's winpty deps. If node-pty adds, renames, or moves .ps1 helpers in a future version, signtool.exe will fail again with the same Number of errors: 2 error this PR is fixing β and it will need to be re-diagnosed from scratch. Because fs.rm({ force: true }) silently succeeds on missing files, the CI error message will be the signtool failure, not a clear "this file no longer exists."
π‘ Suggestion: Either switch to a glob-based removal (e.g., recursively delete *.ps1 under node_modules/node-pty/deps/winpty/), or at minimum add a comment pinning the verified node-pty version and reminding maintainers to revisit this list on upgrade.
| await fs.rm(absolutePath, { force: true }); | ||
| }), | ||
| ); | ||
| } |
There was a problem hiding this comment.
π‘ MEDIUM | file-placement
Build-time helper lives under src/lib/ alongside runtime app code
src/lib/ in this repo contains runtime app code (toast.tsx, errors.ts, queryKeys.ts, etc.) that ships in the Electron bundle. This new helper is only consumed by forge.config.ts at package time and has no runtime purpose. There is already a windowsSign.ts at the repo root β that's the natural neighbor for a build-time Windows signing helper. Placing build tooling under src/lib/ blurs the runtime/build boundary and risks future runtime code importing signing internals.
π‘ Suggestion: Move this file (and its test) next to windowsSign.ts at the repo root, or into a dedicated build/ or scripts/ directory.
| ).rejects.toThrow(); | ||
| }), | ||
| ); | ||
| }); |
There was a problem hiding this comment.
π‘ MEDIUM | weak-test
Test is tautological and provides little signal
The test iterates UNSUPPORTED_WINDOWS_SIGNING_RELATIVE_PATHS, creates files at exactly those paths, calls the function, and verifies files at exactly those paths are gone. This only proves fs.rm works β it doesn't validate that the constant points to the right locations in a real Electron Forge afterCopy build tree, nor that the removal is scoped (the test would also pass if the function did fs.rm(buildPath, { recursive: true })).
This is the same shape of test that failed to catch the resources/app.asar.unpacked/ path bug flagged earlier in this PR β a tautological test over the constant can never catch an incorrect constant.
π‘ Suggestion: Make the constant module-private and have the test assert on concrete, hardcoded path literals (e.g., directly write "node_modules/node-pty/deps/winpty/misc/ConinMode.ps1" in the test). Additionally, create a sibling file that should not be deleted and assert it is still present after the call β this catches over-broad deletion and anchors the test to expected behavior rather than the implementation's own data.
π Dyadbot Code Review SummaryVerdict: π€ NOT SURE - Potential issues Reviewed by 3 independent agents: Correctness Expert, Code Health Expert, UX Wizard. The functional fix looks correct (paths were corrected in commit 9dabf6c and Issues Summary
π’ Low Priority Notes (2 items)
π« Dropped False Positives (2 items)
Generated by Dyadbot multi-agent code review |
Summary
Test plan
Generated with Claude Code