Notarized versions of app and pref pane

[Dirk-]

I mainly created the preconditions for notarization as well as notarized binaries for the people who do not want to go through the process by themselves.

[specialunderwear]

Hi, thanks for your contribution, but are you sure that preferences panes must be notarized? If so, what convinced you of this?

[Dirk-]

Hi,

you are welcome. Well, I said "I guess". :) I do not use Catalina yet since I depend on a few apps that aren't ready for it yet.

My guessing comes from what rtcneil said, as well as from https://developer.apple.com/documentation/xcode/notarizing_macos_software_before_distribution?language=objc It says "Beginning in macOS 10.15, all software built after June 1, 2019, and distributed with Developer ID must be notarized."

Additional sources: https://forums.developer.apple.com/thread/120856 https://stackoverflow.com/questions/56615396/macos-notarization-and-multiple-embedded-tools-bundles

Vriendelijke groeten Dirk

Am 08.02.2020 um 12:41 schrieb Lars van de Kerkhof notifications@github.com<mailto:notifications@github.com>:

Hi, thanks for your contribution, but are you sure that preferences panes must be notarized? If so, what convinced you of this?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/specialunderwear/Hosts.prefpane/pull/40?email_source=notifications&email_token=ABXEB3G5FK6NM2SWI3Y3R7LRB2K6BA5CNFSM4KRZ6O2KYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOELFP56A#issuecomment-583728888, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ABXEB3BHJRCQ3TENY4LA6KTRB2K6BANCNFSM4KRZ6O2A.

[specialunderwear]

Ok sofar I’ve not experienced any issues on catalina, maybe prefPanes are excluded if installed directly. Also I tried to submit the prefPane to apple for notarization when I released the 1.4.1 version, but I was unable to select the archive containing the prefPane.

[Dirk-]

Regarding notarization: Right, you cannot select the archive of a pref pane for notarization, this is why I made an installer. I did it along these steps:

Sign the pane: codesign -v -f -s "Developer ID Application: Your Name (ABCDEFG1234)" Hosts.prefPane

Build Package (pane in folder "build"): pkgbuild --root build --identifier "nl.your-domain.hosts" --version "1.4.2" --install-location "/Library/PreferencePanes" --sign "Developer ID Installer: Your Name (ABCDEFG1234)" Hosts-1.4.2.pkg

To certify the installer, you need your ProviderShortname. For this, you have to give altool a password: xcrun altool --list-providers -u "your.name@your-domain.nl" -p "@keychain:Developer-altool"

Certify package: xcrun altool --notarize-app --primary-bundle-id "nl.your-domain.hosts" --username "your.name@your-domain.nl" --password "@keychain:Developer-altool" --asc-provider "YourName123456" --file "Hosts-1.4.2.pkg"

Wait, check status: xcrun altool --notarization-info "YourRequestUUID" --username "your.name@your-domain.nl" --password "@keychain:Developer-altool"

Staple notarization ticket to package for offline installation: xcrun stapler staple Hosts-1.4.2.pkg

[Dirk-]

I created a fresh Catalina VM in Parallels and downloaded Host 1.4.1 from your repository. I double-clicked on the Prefs Pane, it gets installed, I can even select between "for me" and "for all users". But when System Preferences tries to open it I get the following errors (German, but I think it is obvious):

Then I deleted the Hosts preferences pane and used my installer for version 1.4.2. This works.

[specialunderwear]

Interesting. There used to be an installer but I deleted it. I think this pull request is growing beyond it's original purpose. If you want it merged, please make sure to only include the changes related to notarization and also make sure not to check in any build products! PEACE!

[Dirk-]

Well, I changed more indeed since I issued this pull request:

• Addressed the problem that the app and the pref pane both get an exception on Catalina as soon as you try to edit address or hostname of an entry. On Mojave you get a warning about "This application is modifying the autolayout engine from a background thread after the engine was accessed from the main thread. This can lead to engine corruption and weird crashes." I have no idea why there is any background thread involved, but you cannot change an entry in version 1.4.1 and my 1.4.2 on Catalina. I replaced the cell-based table by a view-based table. Now it works, but I am struggling with disabling the check box.

• Localized the code.

I can remove the build products from the repository, but I do not know how to separate the other changes from the pull request (I did not make any branches).

[specialunderwear]

Ok let me know when you are done. It is incredibly weird that there are exceptions about autolayout because this app predates autolayout by years. But I guess that's just the way things work now. If you use the debugger can you see the threads used by the application or not?

I won't have time to work on this any time soon, but my fingers are itching!

[Dirk-]

Please look again at my pull request. I think I fixed the crashes under Catalina and I removed the binaries. The notarized and pre-build versions are here now.

[specialunderwear]

This PR has conflicts with respect to master, could you please try to rebase on master?

[Dirk-]

I'll do my very best.