Changes based on review comments from Corey Bonnell

Author: anshuman-mor

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025, Digicert, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package.json

@@ -16,11 +16,13 @@
         "DigiCert",
         "actions",
         "code signing",
-        "Software Trust Manager"
+        "Software Trust Manager",
+        "Secure Software Manager",
+        "Signing Manager",
+        "App Security"
     ],
-    "author": "DigiCert",
-    // CBonnell: replace with proper license name
-    "license": "DigiCert",
+    "author": "DigiCert Inc.",
+    "license": "MIT",
     "bugs": {
         "url": "https://github.com/digicert/code-signing-software-trust-action/issues"
     },
@@ -30,7 +32,6 @@
         "@types/node": "^24.0.13",
         "rimraf": "^6.0.1",
         "typescript": "^5.8.3",
-        // CBonnell: create acknowledgements section in README.md for third-party dependencies
         "@vercel/ncc": "^0.38.3"
     },
     "dependencies": {

src/add_execute_permission.ts

@@ -10,7 +10,8 @@ export async function chmod(toolPath: string) {
         const stat = await fs.stat(filePath);
         if (stat.isFile()) {
             // 0o755 => rwxr-xr-x (+x for owner, group, others)
-            // CBonnell: what does this do on Windows?
+            // anshuman-mor: This function is controlled via ToolMetadata.executePermissionRequired and not called for !Linux. 
+            // @See: tool_setup.ts
             await fs.chmod(filePath, 0o755);
             core.debug(`Added +x permission to: ${filePath}`);
         }

src/macos_dmg_setup.ts

@@ -13,15 +13,5 @@ export async function extractDmg(dmgFile: string, callback: archiveExtractCallba
 
     await callback(volume);
 
-    // CBonnell: this commented-out code should be removed, or a comment added explaining why it's commented out
-    // core.info(`Unmounting volume ${volume}`)
-    // await exec.getExecOutput(
-    //     "hdiutil", 
-    //     ["detach", volume]
-    // ).then(rv => {
-    //     rmDir(tmpDir);
-    // }).catch(reason => {
-    //     core.warning(`Failed to unmount volume ${volume}`);
-    // });
     return volume;
 }

src/windows_library_setup.ts

@@ -7,6 +7,7 @@ import { randomFileName, tmpDir } from './utils';
 
 export async function setupLibraries(smtoolsPath: string) {
     // CBonnell: consider adding error handling in the batch file
+    // anshuman-mor: Delaying it for now, will relook into error handling later.
     const cspResitryCommands = `
         @REM For ssmcsp-x86
         reg add "HKEY_LOCAL_MACHINE\\SOFTWARE\\WOW6432Node\\Microsoft\\Cryptography\\Defaults\\Provider\\DigiCert Software Trust Manager CSP"
@@ -53,9 +54,8 @@ export async function setupLibraries(smtoolsPath: string) {
 
     await exec.getExecOutput(smctl, ["windows", "ksp", "register"]);
 
-    // CBonnell: Consider using the built-in %SystemRoot% variable here instead of hard-coding the C: drive (will break if system drive isn't C:)
-    const system32 = "C:\\Windows\\System32";
-    const sysWOW64 = "C:\\Windows\\SysWOW64";
+    const system32 = `${process.env['SystemRoot']}\\System32`;
+    const sysWOW64 = `${process.env['SystemRoot']}\\SysWOW64`;
 
     await fs.copyFile(path.join(smtoolsPath, 'smksp-x64.dll'), path.join(system32, 'smksp.dll'));
     await fs.copyFile(path.join(smtoolsPath, 'smksp-x86.dll'), path.join(sysWOW64, 'smksp.dll'));

src/windows_msi_setup.ts

@@ -25,7 +25,5 @@ export async function installMsi(src: string, callback: archiveExtractCallback)
     }
 
     await callback(tmpDir);
-    // CBonnell: remove or document why commented out
-    //rmDir(tmpDir);
     return tmpDir;
 }

src/zip_setup.ts

@@ -6,16 +6,12 @@ export async function extractZip(path: string, callback: archiveExtractCallback)
     const tmpDir = randomTmpDir();
     const rv = await tc.extractZip(path, tmpDir);
     await callback(rv);
-    // CBonnell: remove or document why commented out
-    //await rmDir(tmpDir);
     return tmpDir;
 };
 
 export async function extractTar(path: string, callback: archiveExtractCallback) {
     const tmpDir = randomTmpDir();
     const rv = await tc.extractTar(path, tmpDir);
     await callback(rv);
-    // CBonnell: remove or document why commented out
-    //await rmDir(tmpDir);
     return tmpDir;
 };