digitalmars.D - Notarization is required by default in macOS 10.15
- Bogdan Szabo (8/8) Jun 07 2019 Hey! Are you aware about this new change for macOS? I noticed
- Gregor =?UTF-8?B?TcO8Y2ts?= (10/19) Jun 07 2019 Not a Mac user at all, but still curious: wouldn't you have to
- Jacob Carlborg (8/11) Jun 07 2019 I'm not sure how it works or if it's applicable in this situation but
- JN (3/14) Jun 07 2019 My guess is you'd have to disable SIP and then you could disable
Hey! Are you aware about this new change for macOS? I noticed that none of the mac installers are signed with apple certificates,which might be a problem in the future. Beginning in macOS 10.14.5, all new or updated kernel extensions and all software from developers new to distributing with Developer ID must be notarized in order to run. Beginning in macOS 10.15, notarization is required by default for all software. https://developer.apple.com/documentation/security/notarizing_your_app_before_distribution
Jun 07 2019
On Friday, 7 June 2019 at 11:35:41 UTC, Bogdan Szabo wrote:Hey! Are you aware about this new change for macOS? I noticed that none of the mac installers are signed with apple certificates,which might be a problem in the future. Beginning in macOS 10.14.5, all new or updated kernel extensions and all software from developers new to distributing with Developer ID must be notarized in order to run. Beginning in macOS 10.15, notarization is required by default for all software. https://developer.apple.com/documentation/security/notarizing_your_app_before_distributionNot a Mac user at all, but still curious: wouldn't you have to disable that check on a development machine? Every executable coming out of your build tools is going to miss a signature. And if - as the grapewine has it - notarization requires an Apple ID with two factor authentication enabled, I don't think that any developer is going to want automatic signing for iterative builds during their normal work cycle. So, although signed release builds would be great, is it really that much of a showstopper as far as D is concerned?
Jun 07 2019
On 2019-06-07 16:05, Gregor Mückl wrote:Not a Mac user at all, but still curious: wouldn't you have to disable that check on a development machine? Every executable coming out of your build tools is going to miss a signature.I'm not sure how it works or if it's applicable in this situation but macOS can somehow detect if an application is downloaded from the web and will add a warning. Also these features usually only applies to application bundles and installers and not plain executables. -- /Jacob Carlborg
Jun 07 2019
On Friday, 7 June 2019 at 14:05:56 UTC, Gregor Mückl wrote:On Friday, 7 June 2019 at 11:35:41 UTC, Bogdan Szabo wrote:My guess is you'd have to disable SIP and then you could disable this requirementn as well.[...]Not a Mac user at all, but still curious: wouldn't you have to disable that check on a development machine? Every executable coming out of your build tools is going to miss a signature. And if - as the grapewine has it - notarization requires an Apple ID with two factor authentication enabled, I don't think that any developer is going to want automatic signing for iterative builds during their normal work cycle. So, although signed release builds would be great, is it really that much of a showstopper as far as D is concerned?
Jun 07 2019