From 8a068ed9844c6aef66b7e23c638edf355b8e2db5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Malthe=20J=C3=B8rgensen?= <malthe.jorgensen@gmail.com>
Date: Sun, 22 Mar 2020 11:21:29 +0100
Subject: [PATCH] Allow finishing build on OS X <10.13.6

Building on OS X versions prior to 10.13.6 fails at the very end when
running `codesign`.
The `-options runtime`-argument isn't available on these earlier
versions of the OS.

Simply running codesign without that argument (on OS X <10.13.6) seems
to produce a runnable binary with no security warnings.
---
 CHANGELOG.md    |  1 +
 cmake/Mac.cmake | 23 +++++++++++++++++------
 2 files changed, 18 insertions(+), 6 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index ca800a6c8..2f94220fe 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -33,6 +33,7 @@
 
 ### For distributors and developers
 - fish source tarballs are now distributed using the XZ compression method (#5460).
+- Allow finishing builds on OS X <10.13.6 (previously builds would fail at the `codesign` step)
 
 ---
 
diff --git a/cmake/Mac.cmake b/cmake/Mac.cmake
index 2532697e0..abdc51626 100644
--- a/cmake/Mac.cmake
+++ b/cmake/Mac.cmake
@@ -9,16 +9,27 @@ set(MAC_INJECT_GET_TASK_ALLOW ON CACHE BOOL "Inject get-task-allow on Mac")
 
 function(CODESIGN_ON_MAC target)
   if(APPLE)
+    execute_process(COMMAND sw_vers "-productVersion" OUTPUT_VARIABLE OSX_VERSION)
     if(MAC_INJECT_GET_TASK_ALLOW)
       set(ENTITLEMENTS "--entitlements" "${CMAKE_SOURCE_DIR}/osx/fish_debug.entitlements")
     else()
       set(ENTITLEMENTS "")
     endif(MAC_INJECT_GET_TASK_ALLOW)
-    add_custom_command(
-      TARGET ${target}
-      POST_BUILD
-      COMMAND codesign --force --deep --options runtime ${ENTITLEMENTS} --sign "${MAC_CODESIGN_ID}" $<TARGET_FILE:${target}>
-      VERBATIM
-    )
+    if(OSX_VERSION VERSION_LESS "10.13.6")
+      # `-options runtime` is only available in OS X from 10.13.6 and up
+      add_custom_command(
+        TARGET ${target}
+        POST_BUILD
+        COMMAND codesign --force --deep ${ENTITLEMENTS} --sign "${MAC_CODESIGN_ID}" $<TARGET_FILE:${target}>
+        VERBATIM
+      )
+    else()
+      add_custom_command(
+        TARGET ${target}
+        POST_BUILD
+        COMMAND codesign --force --deep --options runtime ${ENTITLEMENTS} --sign "${MAC_CODESIGN_ID}" $<TARGET_FILE:${target}>
+        VERBATIM
+      )
+    endif()
   endif()
 endfunction(CODESIGN_ON_MAC target)