CodeSignatureVerifier Error in Maestral.download.recipe

[christopherthart]

My nightly AutoPkg runs are throwing the following error with the Maestral recipe.

_Error in local.munki.Maestral: Processor: CodeSignatureVerifier: Error: Code signature verification failed. Note that all verifications can be disabled by setting the variable DISABLE_CODE_SIGNATUREVERIFICATION to a non-empty value.

The current CodeSignatureVerifier in the Maestral download recipe:

identifier "com.samschott.maestral-cocoa" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = G34LNR8C4Y

When comparing the current Maestral app bundle it shows the following:

identifier "com.samschott.maestral" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = G34LNR8C4Y

It appears that the identifier has changed from com.samschott.maestral-cocoa to com.samschott.maestral

[Jaharmi]

Confirming the code signature information for a recent version of Maestral:

% codesign --display -r- --deep -v /Applications/Maestral.app 
Executable=/Applications/Maestral.app/Contents/MacOS/Maestral
Identifier=com.samschott.maestral
Format=app bundle with Mach-O universal (x86_64 arm64)
CodeDirectory v=20500 size=51106 flags=0x10000(runtime) hashes=1586+7 location=embedded
Signature size=8970
Timestamp=Jul 9, 2024 at 3:39:02 PM
Info.plist entries=27
TeamIdentifier=G34LNR8C4Y
Runtime Version=14.0.0
Sealed Resources version=2 rules=13 files=2759
Nested=Frameworks/Sparkle.framework
Nested=MacOS/maestral-cli
designated => identifier "com.samschott.maestral" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = G34LNR8C4Y