# HG changeset patch
# User Chris Cannam
# Date 1591372403 -3600
# Node ID 78af557445b2c35c5e9d18db510d9b498dd97823
# Parent 3aeed28d584b5f3f055925985cf431dcc7704706
Signing
diff -r 3aeed28d584b -r 78af557445b2 .hgignore
--- a/.hgignore Fri Jun 05 15:23:44 2020 +0100
+++ b/.hgignore Fri Jun 05 16:53:23 2020 +0100
@@ -48,3 +48,5 @@
build_win64_debug
*.AppImage
*.AppDir
+bundle
+bundle.zip
diff -r 3aeed28d584b -r 78af557445b2 deploy/clean-build-and-package
--- a/deploy/clean-build-and-package Fri Jun 05 15:23:44 2020 +0100
+++ b/deploy/clean-build-and-package Fri Jun 05 16:53:23 2020 +0100
@@ -31,6 +31,7 @@
make clean
make -j3
+ deploy/osx/sign.sh sonic-annotator
deploy/osx/notarize.sh sonic-annotator
else
diff -r 3aeed28d584b -r 78af557445b2 deploy/osx/Entitlements.plist
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/deploy/osx/Entitlements.plist Fri Jun 05 16:53:23 2020 +0100
@@ -0,0 +1,11 @@
+
+
+
+ com.apple.security.app-sandbox
+
+ com.apple.security.cs.disable-library-validation
+
+ com.apple.security.cs.allow-jit
+
+
+
diff -r 3aeed28d584b -r 78af557445b2 deploy/osx/notarize.sh
--- a/deploy/osx/notarize.sh Fri Jun 05 15:23:44 2020 +0100
+++ b/deploy/osx/notarize.sh Fri Jun 05 16:53:23 2020 +0100
@@ -29,7 +29,10 @@
rm -f "$uuidfile" "$statfile"
rm -f bundle.zip
-ditto -c -k "$exe" bundle.zip
+rm -rf bundle
+mkdir bundle
+cp "$exe" bundle/
+ditto -c -k bundle bundle.zip
xcrun altool --notarize-app \
-f "bundle.zip" \
diff -r 3aeed28d584b -r 78af557445b2 deploy/osx/sign.sh
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/deploy/osx/sign.sh Fri Jun 05 16:53:23 2020 +0100
@@ -0,0 +1,18 @@
+#!/bin/bash
+
+set -e
+
+exe="$1"
+
+if [ ! -f "$exe" ] || [ -n "$2" ]; then
+ echo "Usage: $0 "
+ echo " e.g. $0 my-program"
+ exit 2
+fi
+
+set -u
+
+entitlements=deploy/osx/Entitlements.plist
+
+codesign -s "Developer ID Application: Chris Cannam" -fv --options runtime --entitlements "$entitlements" "$exe"
+