[macOS] Use macapptool for signing and notarizing macOS binaries
nw-builder has been producing invalid frameworks at least since 2017, at it seems there's no progress in fixing it (see https://github.com/nwjs/nw.js/issues/6338). To workaround this problem, we use macapptool to proper seal all the framework resources so it can be signed and passes the validations required for notarization. Since we're introducing this dependency, we can also use macapptool to simplify signing and notarization. To create a signed macOS build, pass the --codesign flag. --codesign-identity can be used to use a non-default identity ("Developer ID") To notarize a signed bundle, use the --notarize flag. There are also flags provided to specify the username/password for the notarization service.pull/935/head
parent
75ca72104a
commit
5e3fd3ebd4
@ -0,0 +1,16 @@
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
|
||||
<plist version="1.0">
|
||||
<dict>
|
||||
<key>com.apple.security.cs.allow-dyld-environment-variables</key>
|
||||
<true/>
|
||||
<key>com.apple.security.cs.allow-jit</key>
|
||||
<true/>
|
||||
<key>com.apple.security.cs.allow-unsigned-executable-memory</key>
|
||||
<true/>
|
||||
<key>com.apple.security.cs.disable-executable-page-protection</key>
|
||||
<true/>
|
||||
<key>com.apple.security.cs.disable-library-validation</key>
|
||||
<true/>
|
||||
</dict>
|
||||
</plist>
|
Loading…
Reference in New Issue