From b90d2023b80761e76be68e69276a352b856d2f41 Mon Sep 17 00:00:00 2001
From: Andrew Leonard <31470007+andrew-m-leonard@users.noreply.github.com>
Date: Wed, 11 Dec 2024 10:08:02 +0000
Subject: [PATCH] Update comment

Co-authored-by: Severin Gehwolf <jerboaa@gmail.com>
---
 sign.sh | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/sign.sh b/sign.sh
index f5b911109..618f86dfc 100755
--- a/sign.sh
+++ b/sign.sh
@@ -150,7 +150,11 @@ signRelease()
       # Sign all files with the executable permission bit set.
 
       if [ "$SIGN_TOOL" = "eclipse" ] && [ "${VERSION}" != "8" ]; then
-        # Eclipse jdk-11+ post-build signing should only sign the libjli.dylib bundle executable, as there rest are already internally signed in the build
+        # On MacOSX, libjli.dylib is copied in two places. Once in Contents/home/lib/libjli.dylib and once in
+        # Contents/MacOS/libjli.dylib. The latter is the bundle executable entry-point and hasn't been signed by
+        # by the build in contrast to content in Contents/home. Therefore,  Eclipse jdk-11+ post-build signing should
+        # only sign the libjli.dylib bundle executable in Contents/MacOS, as there rest are already internally signed
+        # in the build
         FILES=$(find . -name 'libjli.dylib' | grep 'Contents/MacOS' || true)
       else
         FILES=$(find "${TMP_DIR}" -perm +111 -type f -not -name '.*' -o -name '*.dylib' || find "${TMP_DIR}" -perm /111 -type f -not -name '.*' -o -name '*.dylib')