Preparing software for distribution shouldn’t be harder than writing the code in the first place.
signature
Confused as to what will and won’t run on macOS 10.15 Catalina? Here’s a clear guide for users from regular to advanced.
It took 5 apps, 4 command tools in 6 commands, 2 developer certificates and an app-specific password for 260 lines of code.
Important changes for anyone distributing command tools in particular, and a good time to ensure you only ship signed and notarized apps if possible.
Crawls selected folders checking all app signatures. Reports all signatures which have problems, including unsigned apps.
App signatures are only checked on app first run – it may once have been true, but is no longer accurate. But can you bypass those additional checks? Is this a vulnerability?
How can an app check that nothing has nobbled it? How to use its code signature to perform a simple launch test.
Do you use digital signatures in PDF documents, or do you trust your PDF reader to check them? You could be spoofed into trusting forgeries.
Can you get malware in PDF? How far can you trust a PDF, or could it be a forgery? How to sign PDFs, and what data may remain hidden inside them.
Can you sign AppleScript apps in Script Editor? Is there a better tool? What’s the best way to sign a command tool developed in Xcode?