On 2/22/20 12:46 PM, Stephan Witt wrote: > Am 22.02.2020 um 03:35 schrieb Richard Kimberly Heck <rikih...@lyx.org>: >> On 2/21/20 12:08 PM, Stephan Witt wrote: >>> Am 21.02.2020 um 12:08 schrieb Stephan Witt <st.w...@gmx.net>: >>>> Hi pythonists, >>>> >>>> I’m trying to make ready for code signing on Mac. >>>> >>>> The idea of code signing is to ship the package with a digital >>>> signature to guarantee the integrity of the software. >>>> >>>> https://developer.apple.com/library/archive/documentation/Security/Conceptual/CodeSigningGuide/Introduction/Introduction.html >>>> >>>> The problem now is arising: the python scripts LyX is using >>>> are compiled on the fly and the result is placed inside the >>>> package. That way the package looses its integrity. >>>> >>>> Is there any suggestion how to handle this? >>>> >>>> I thought about to compile and ship the scripts on my system. >>>> But this is probably a bad idea - python at runtime can have >>>> different version. Is it possible to suppress the on the fly >>>> compile process and what’s the price to pay? Or is it possible >>>> to direct it to some directory below the .lyx in users home? >>> I've decided to ship the application with readonly directories. >>> That way the python interpreter cannot save the compiled code >>> onto disk to cache the result. ATM I cannot see any performance >>> issues. >> Yes, sorry, I do not know any way to prevent this kind of thing from >> happening. As you >> see, it's just a matter of caching the compilation. >> >> On Windows, we compile the Python files at installation. I don't know if >> that could help. > On Mac I'd prefer to avoid that. The python executable is not part of the > software bundle and therefore its version at runtime is unknown. > > OTOH, the lyx package for Centos 7 (in EPEL) contains the precompiled > python scripts for version 2.x (e.g. configure.pyc). > > https://centos.pkgs.org/7/epel-x86_64/lyx-common-2.2.3-1.el7.noarch.rpm.html > > But Centos 7 comes with python 2.7.5 as stable standard. > > The situation for the packager is more comfortable here. > > The standard on Mac is 2.7.17 with 10.14.6 (Mojave today) and I read > somewhere with 10.15.x (Catalina) python3 is available. But Apple has > announced the removal of python from standard OS: > > "Future versions of macOS won’t include scripting language runtimes by > default, and might require you to install additional packages. If your > software depends on scripting languages, it’s recommended that you bundle the > runtime within the app." > > I’m not sure how difficult it would be to put the python universe into the > LyX app.
Actually, I kind of mis-spoke. We actually install Python with LyX on Windows, so we control what version is installed and, in principle, could pre-compile everything before installation and include the pyc files in the bundle. We do this because, I gather, there's some issue about Python detection or getting the right version or something. If we install it, we know a path to it. Anyway, if we do it there, we could presumably something similar on OSX. Riki -- lyx-devel mailing list lyx-devel@lists.lyx.org http://lists.lyx.org/mailman/listinfo/lyx-devel
