Skip to content

Auto-updater fails on macOS due to ad-hoc code signing #352

Description

@clstaudt

Problem

The Electron auto-updater (electron-updater / ShipIt) fails on macOS with:

Update check failed: Code signature at URL
file:///Users/.../Library/Caches/dev.tuttle.app.ShipIt/update.../Tuttle.app/
did not pass validation: code failed to satisfy specified code requirement(s)

The app is built with "identity": "-" (ad-hoc signing), which means:

  • Signature=adhoc, TeamIdentifier=not set
  • ShipIt cannot verify the downloaded update matches the running app's identity
  • Every update check fails with a code signature validation error

PR #343 only suppressed the error toast and added the identity: "-" field — it did not fix the root cause.

Root Cause

macOS's native update mechanism (ShipIt/Squirrel) requires a valid Developer ID code signature to verify that an update comes from the same developer as the installed app. Ad-hoc signing has no verifiable identity, so verification always fails.

Blocked By

Until the app is properly signed with a Developer ID certificate, ShipIt-based auto-updates cannot work.

Fix (after #320 is resolved)

Once the app is signed with a real Developer ID:

  1. Remove "identity": "-" from ui/package.json mac config (or set to the real identity)
  2. Ensure both the .app bundle and the tuttle-rpc sidecar binaries are signed
  3. Verify that electron-updater can download, verify, and install an update from GitHub Releases

Workaround (optional, before #320)

As an interim measure, the updater could fall back to opening the GitHub Releases page in the browser when an update is detected, instead of attempting auto-install via ShipIt. This avoids the signature check entirely.

Acceptance Criteria

  • autoUpdater.checkForUpdates() completes without signature errors
  • A new version published to GitHub Releases can be downloaded and installed via the in-app updater
  • The update banner ("Tuttle X.Y.Z is ready to install") works end-to-end

Metadata

Metadata

Assignees

Type

No type
No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions