mirror of
https://github.com/fish-shell/fish-shell.git
synced 2024-11-23 06:05:39 +08:00
e4a993c581
As spotted in #7656, macOS installer files built on Big Sur fail signature verification on macOS 10.11. This is because Big Sur productsign no longer supplies the SHA-1 hash, and 10.11 does not know how to read the SHA-256 hash. Replace the productsign flow with a flow based on http://users.wfu.edu/cottrell/productsign/productsign_linux.html . This uses the xar tool to digitally sign the installer packages, with both SHA-1 and SHA-256 hashes. The xar tool is somewhat tricky to build, so is checked in (as binary!) compiled for Mac. To build a Mac package, run make_pkg.sh (which invokes the signing flow) followed by mac_notarize.sh which adds the notarization. |
||
|---|---|---|
| .. | ||
| bin | ||
| osx_package_resources | ||
| osx_package_scripts | ||
| cppcheck.rules | ||
| cppcheck.sh | ||
| cppcheck.suppressions | ||
| diff_profiles.fish | ||
| find_globals.fish | ||
| fish_xgettext.fish | ||
| git_version_gen.sh | ||
| iwyu.linux.imp | ||
| iwyu.osx.imp | ||
| lint.fish | ||
| list_committers_since.fish | ||
| littlecheck.py | ||
| mac_notarize.sh | ||
| mac_sign_package.sh | ||
| make_pkg.sh | ||
| make_tarball.sh | ||
| osx_distribution.xml | ||
| pexpect_helper.py | ||
| style.fish | ||
| ubsan.blacklist | ||