Closed lidel closed 3 months ago
NodeJS switched from gon to notarytool, things to investigate:
Option B is to switch to "the most comprehensive implementation of Apple code signing outside the canonical Apple tools", a rust tool that does not require macOS runner.
I'll try the rust way first – if we can remove need for running this on macos worker, its only better.
We've been using gon since 2021. It was the best tool at the time used by other projects like Terraform (https://github.com/ipfs/distributions/issues/273#issuecomment-874831925), but it no longer gets any updates, and the project has been shut down by its maintainer: https://github.com/mitchellh/gon#readme
On top of that, the mechanism gon uses got deprecated by Apple, CI notarization produces deprecation warning:
[...]altool has been deprecated for notarization and starting in late 2023 will no longer be supported by the Apple notary service. You should start using notarytool to notarize your software.