From 325bea69a747db9cd487c708684108f85dd4eff3 Mon Sep 17 00:00:00 2001
From: deepak1556 <hop2deep@gmail.com>
Date: Tue, 30 Mar 2021 22:56:04 -0700
Subject: [PATCH] chore: add media and apple event entitlements

Fixes https://github.com/microsoft/vscode/issues/119787
Fixes https://github.com/microsoft/vscode/issues/95062
---
 build/azure-pipelines/darwin/app-entitlements.plist |  6 ++++++
 build/darwin/sign.js                                | 11 +++++++++++
 build/darwin/sign.ts                                | 12 ++++++++++++
 3 files changed, 29 insertions(+)

diff --git a/build/azure-pipelines/darwin/app-entitlements.plist b/build/azure-pipelines/darwin/app-entitlements.plist
index 90031d937be48..b43b4b283a1a1 100644
--- a/build/azure-pipelines/darwin/app-entitlements.plist
+++ b/build/azure-pipelines/darwin/app-entitlements.plist
@@ -8,5 +8,11 @@
     <true/>
     <key>com.apple.security.cs.allow-dyld-environment-variables</key>
     <true/>
+    <key>com.apple.security.device.audio-input</key>
+    <true/>
+    <key>com.apple.security.device.camera</key>
+    <true/>
+    <key>com.apple.security.automation.apple-events</key>
+    <true/>
 </dict>
 </plist>
diff --git a/build/darwin/sign.js b/build/darwin/sign.js
index e086b681a6dc3..08993aebdebb6 100644
--- a/build/darwin/sign.js
+++ b/build/darwin/sign.js
@@ -5,7 +5,9 @@
 'use strict';
 Object.defineProperty(exports, "__esModule", { value: true });
 const codesign = require("electron-osx-sign");
+const fs = require("fs-extra");
 const path = require("path");
+const plist = require("plist");
 const util = require("../lib/util");
 const product = require("../../product.json");
 async function main() {
@@ -25,6 +27,7 @@ async function main() {
     const helperAppBaseName = product.nameShort;
     const gpuHelperAppName = helperAppBaseName + ' Helper (GPU).app';
     const rendererHelperAppName = helperAppBaseName + ' Helper (Renderer).app';
+    const infoPlistPath = path.resolve(appRoot, appName, 'Contents', 'Info.plist');
     const defaultOpts = {
         app: path.join(appRoot, appName),
         platform: 'darwin',
@@ -46,6 +49,14 @@ async function main() {
         } });
     const gpuHelperOpts = Object.assign(Object.assign({}, defaultOpts), { app: path.join(appFrameworkPath, gpuHelperAppName), entitlements: path.join(baseDir, 'azure-pipelines', 'darwin', 'helper-gpu-entitlements.plist'), 'entitlements-inherit': path.join(baseDir, 'azure-pipelines', 'darwin', 'helper-gpu-entitlements.plist') });
     const rendererHelperOpts = Object.assign(Object.assign({}, defaultOpts), { app: path.join(appFrameworkPath, rendererHelperAppName), entitlements: path.join(baseDir, 'azure-pipelines', 'darwin', 'helper-renderer-entitlements.plist'), 'entitlements-inherit': path.join(baseDir, 'azure-pipelines', 'darwin', 'helper-renderer-entitlements.plist') });
+    let infoPlistString = await fs.readFile(infoPlistPath, 'utf8');
+    let infoPlistJson = plist.parse(infoPlistString);
+    Object.assign(infoPlistJson, {
+        NSAppleEventsUsageDescription: 'An application in Visual Studio Code wants to use AppleScript.',
+        NSMicrophoneUsageDescription: 'An application in Visual Studio Code wants to use the Microphone.',
+        NSCameraUsageDescription: 'An application in Visual Studio Code wants to use the Camera.'
+    });
+    await fs.writeFile(infoPlistPath, plist.build(infoPlistJson), 'utf8');
     await codesign.signAsync(gpuHelperOpts);
     await codesign.signAsync(rendererHelperOpts);
     await codesign.signAsync(appOpts);
diff --git a/build/darwin/sign.ts b/build/darwin/sign.ts
index f1908b147499d..8f4e2cb2ad8c7 100644
--- a/build/darwin/sign.ts
+++ b/build/darwin/sign.ts
@@ -6,7 +6,9 @@
 'use strict';
 
 import * as codesign from 'electron-osx-sign';
+import * as fs from 'fs-extra';
 import * as path from 'path';
+import * as plist from 'plist';
 import * as util from '../lib/util';
 import * as product from '../../product.json';
 
@@ -30,6 +32,7 @@ async function main(): Promise<void> {
 	const helperAppBaseName = product.nameShort;
 	const gpuHelperAppName = helperAppBaseName + ' Helper (GPU).app';
 	const rendererHelperAppName = helperAppBaseName + ' Helper (Renderer).app';
+	const infoPlistPath = path.resolve(appRoot, appName, 'Contents', 'Info.plist');
 
 	const defaultOpts: codesign.SignOptions = {
 		app: path.join(appRoot, appName),
@@ -68,6 +71,15 @@ async function main(): Promise<void> {
 		'entitlements-inherit': path.join(baseDir, 'azure-pipelines', 'darwin', 'helper-renderer-entitlements.plist'),
 	};
 
+	let infoPlistString = await fs.readFile(infoPlistPath, 'utf8');
+	let infoPlistJson = plist.parse(infoPlistString);
+	Object.assign(infoPlistJson, {
+		NSAppleEventsUsageDescription: 'An application in Visual Studio Code wants to use AppleScript.',
+		NSMicrophoneUsageDescription: 'An application in Visual Studio Code wants to use the Microphone.',
+		NSCameraUsageDescription: 'An application in Visual Studio Code wants to use the Camera.'
+	});
+	await fs.writeFile(infoPlistPath, plist.build(infoPlistJson), 'utf8');
+
 	await codesign.signAsync(gpuHelperOpts);
 	await codesign.signAsync(rendererHelperOpts);
 	await codesign.signAsync(appOpts as any);