macos: replace removed --in-process-renderer with --single-process

--in-process-renderer was removed from Chrome 130+.  The flag no
longer appears in content_switches.cc so passing it was a no-op,
leaving the renderer as a full subprocess.  That subprocess calls
MachPortRendezvousClientMac::AcquirePorts() -> bootstrap_look_up,
which returns 1102 (BOOTSTRAP_UNKNOWN_SERVICE) on unsigned CI runners
because Chrome gives them a restricted bootstrap namespace.  Without
a working renderer, g_js_code_completed is never set and the tests
fail.

Switch to --single-process, which runs the renderer in the browser
process and eliminates the renderer's bootstrap_look_up call entirely.

Also drop the Python-interpreter codesigning step: ad-hoc signing
never fixed the -67030 (errSecCSUnsigned) error from
process_requirement.cc, and may have broken any valid Developer ID
signature that python.org Python already carried.  Our own compiled
binaries (subprocess, cefpython_py*.so) still need ad-hoc signing
since they ship unsigned from the build.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Author: linesight

.github/workflows/ci-macos.yml

@@ -118,17 +118,11 @@ jobs:
         run: |
           cp -r build/artifacts/. cefpython3/
           chmod +x cefpython3/subprocess
-          # Ad-hoc sign binaries so macOS process_requirement.cc validation
-          # does not fail with -67030. That failure restricts the bootstrap
-          # namespace for child processes and breaks MachPortRendezvousClient
-          # bootstrap_look_up, causing all subprocesses to crash on startup.
+          # Ad-hoc sign our compiled binaries so macOS allows them to run.
+          # (Our freshly built binaries have no signature; unsigned binaries
+          # are blocked on macOS 14+.)
           codesign --force --sign - cefpython3/subprocess
           for f in cefpython3/cefpython_py*.so; do codesign --force --sign - "$f"; done
-          # Also sign the Python interpreter (the browser process). Without this,
-          # process_requirement.cc fails with -67030 (errSecCSUnsigned) and Chrome
-          # launches subprocesses with a restricted bootstrap namespace, preventing
-          # bootstrap_look_up from finding the MachPortRendezvousServer service.
-          codesign --force --sign - "$(python -c 'import sys; print(sys.executable)')"
 
       - name: Run unit tests
         run: |

unittests/main_test.py

@@ -185,12 +185,14 @@ def test_main(self):
             # Prevent macOS keychain authorization prompts during init
             # (matches CEF's own test infrastructure on macOS).
             switches["use-mock-keychain"] = ""
-            # Chrome 130+ MachPortRendezvousServer uses bootstrap_check_in,
-            # which requires a pre-declared launchd service. Without an app
-            # bundle, CFBundleIdentifier is empty and registration fails —
-            # renderer subprocesses crash on startup. Run the renderer
-            # in-process to skip subprocess Mach port rendezvous entirely.
-            switches["in-process-renderer"] = ""
+            # Chrome 130+ MachPortRendezvousServer registers via
+            # bootstrap_check_in; renderer subprocesses look up the service
+            # via bootstrap_look_up, which fails on unsigned CI processes
+            # because Chrome gives them a restricted bootstrap namespace.
+            # --in-process-renderer was removed from Chrome 130+.
+            # --single-process runs the renderer in the browser process,
+            # eliminating renderer subprocess bootstrap_look_up failures.
+            switches["single-process"] = ""
             # Run network service in-process to avoid Mach port rendezvous
             # failures for utility subprocesses on macOS CI runners.
             # The feature string in Chrome 130+ is "NetworkServiceInProcess2".

unittests/osr_test.py

@@ -143,12 +143,14 @@ def test_osr(self):
             # Prevent macOS keychain authorization prompts during init
             # (matches CEF's own test infrastructure on macOS).
             switches["use-mock-keychain"] = ""
-            # Chrome 130+ MachPortRendezvousServer uses bootstrap_check_in,
-            # which requires a pre-declared launchd service. Without an app
-            # bundle, CFBundleIdentifier is empty and registration fails —
-            # renderer subprocesses crash on startup. Run the renderer
-            # in-process to skip subprocess Mach port rendezvous entirely.
-            switches["in-process-renderer"] = ""
+            # Chrome 130+ MachPortRendezvousServer registers via
+            # bootstrap_check_in; renderer subprocesses look up the service
+            # via bootstrap_look_up, which fails on unsigned CI processes
+            # because Chrome gives them a restricted bootstrap namespace.
+            # --in-process-renderer was removed from Chrome 130+.
+            # --single-process runs the renderer in the browser process,
+            # eliminating renderer subprocess bootstrap_look_up failures.
+            switches["single-process"] = ""
             # Run network service in-process to avoid Mach port rendezvous
             # failures for utility subprocesses on macOS CI runners.
             # The feature string in Chrome 130+ is "NetworkServiceInProcess2".