fish-shell

github-mirror/fish-shell

Fork 0

mirror of https://github.com/fish-shell/fish-shell.git synced 2024-11-23 01:36:39 +08:00

Commit Graph

Author	SHA1	Message	Date
ridiculousfish	e4a993c581	Use xar-based workflow for creating Mac packages As spotted in #7656, macOS installer files built on Big Sur fail signature verification on macOS 10.11. This is because Big Sur productsign no longer supplies the SHA-1 hash, and 10.11 does not know how to read the SHA-256 hash. Replace the productsign flow with a flow based on http://users.wfu.edu/cottrell/productsign/productsign_linux.html . This uses the xar tool to digitally sign the installer packages, with both SHA-1 and SHA-256 hashes. The xar tool is somewhat tricky to build, so is checked in (as binary!) compiled for Mac. To build a Mac package, run make_pkg.sh (which invokes the signing flow) followed by mac_notarize.sh which adds the notarization.	2021-01-31 14:07:49 -08:00

Author

SHA1

Message

Date

ridiculousfish

e4a993c581

Use xar-based workflow for creating Mac packages

As spotted in #7656, macOS installer files built on Big Sur fail signature
verification on macOS 10.11. This is because Big Sur productsign no longer
supplies the SHA-1 hash, and 10.11 does not know how to read the SHA-256
hash.

Replace the productsign flow with a flow based on
http://users.wfu.edu/cottrell/productsign/productsign_linux.html . This
uses the xar tool to digitally sign the installer packages, with both
SHA-1 and SHA-256 hashes.

The xar tool is somewhat tricky to build, so is checked in (as binary!)
compiled for Mac.

To build a Mac package, run make_pkg.sh (which invokes the signing flow)
followed by mac_notarize.sh which adds the notarization.

2021-01-31 14:07:49 -08:00

1 Commits