staticfloat
commented
3 years ago Ah, right, the tarballs should be unsigned without this. But doesn't our installer script also codesign everything before it gets packaged up?
Closed musm closed 3 years ago
staticfloat
commented
3 years ago Ah, right, the tarballs should be unsigned without this. But doesn't our installer script also codesign everything before it gets packaged up?
musm
commented
3 years ago Ah, right, the tarballs should be unsigned without this. But doesn't our installer script also codesign everything before it gets packaged up?
No it only signs the installer itself.
The patch https://github.com/JuliaLang/julia/pull/40512 explicitly adds a stage to sign the executable as well (independent of this PR)
This propagates to the tarballs that we ship and also the packaged installer
When opening an issue, please ping @staticfloat
close: https://github.com/JuliaCI/julia-buildbot/issues/201