Python compiler infects "immutable" bundle - how to avoid it?
Guenter Milde
milde at users.sf.net
Sat Feb 22 19:13:42 UTC 2020
On 2020-02-22, Stephan Witt wrote:
> Am 22.02.2020 um 03:35 schrieb Richard Kimberly Heck <rikiheck at lyx.org>:
>> On 2/21/20 12:08 PM, Stephan Witt wrote:
>>> Am 21.02.2020 um 12:08 schrieb Stephan Witt <st.witt at gmx.net>:
>>>> Hi pythonists,
>>>> I’m trying to make ready for code signing on Mac.
>>>> The idea of code signing is to ship the package with a digital
>>>> signature to guarantee the integrity of the software.
>>>> https://developer.apple.com/library/archive/documentation/Security/Conceptual/CodeSigningGuide/Introduction/Introduction.html
>>>> The problem now is arising: the python scripts LyX is using
>>>> are compiled on the fly and the result is placed inside the
>>>> package. That way the package looses its integrity.
>>>> Is there any suggestion how to handle this?
Under Linux, AFAIK, the *.pyc files are not shipped with the package but
created by a post-install script. This way, the package can be checked
against the signature (before installation) but the byte-compiled files are
there once users start to use LyX.
>>> ... ATM I cannot see any performance issues.
One of the more critical cases would be opening a small but really old file
so that lyx2lyx needs most of the rather big modules. Of course, the effect
will be more visible with a HDD than with an SSD.
>> On Windows, we compile the Python files at installation. I don't know if
>> that could help.
> On Mac I'd prefer to avoid that. The python executable is not part of the
> software bundle and therefore its version at runtime is unknown.
But one compatible Python version should be installed before installing
LyX, right?
...
Günter
More information about the lyx-devel
mailing list