Hi Mikaël,
No, the user usually uses a different application that can change files
inside the app bundle. According to my understanding, macOS 10.15 only
makes some part of the file system (containing the application)
read-only for the application itself - at least this is what I found out
so far.
--
Best regards,
Thomas Singer
=============
syntevo GmbH
https://www.syntevo.com
https://www.syntevo.com/blog
On 2019-08-05 11:43, Mikaël Barbero wrote:
Le 5 août 2019 à 11:35, Thomas Singer <ts-...@syntevo.com> a écrit :
but I don't see a technical reason to not have them inside the .app structure
unless they are changed by the application itself.
Unless changed by the application itself or the end user (I'm thinking about
-vmargs).
--
Best regards,
Thomas Singer
=============
syntevo GmbH
https://www.syntevo.com <https://www.syntevo.com/>
https://www.syntevo.com/blog <https://www.syntevo.com/blog>
On 2019-08-05 11:09, Mikaël Barbero wrote:
I'm willing to help improving the CBI macOS signing to let project notarize their apps.
However, I would need some help about the "Hardened Runtime capability". I
guess this is something to be done on the Tycho or Equinox side first, correct?
Also, from what I read here
https://developer.apple.com/documentation/security/notarizing_your_app_before_distribution/customizing_the_notarization_workflow#3087732,
the notarization process "typically takes less than an hour". It means that it
could make the build much slower than it is today (esp. because today the signing process
is synchronous with the build). Any idea how to change that? Should the
signing/notarization occur in a separate CI job?
@Thomas
IIRC notarized apps cannot be modified, meaning that config files, p2 bundle
pool etc.. can't live inside the .app anymore. Correct? If this is the case,
how do you follow
https://developer.apple.com/library/archive/documentation/CoreFoundation/Conceptual/CFBundles/BundleTypes/BundleTypes.html#//apple_ref/doc/uid/10000123i-CH101-SW13
more closely? Do you store config files, bundle pool etc. in folders
recommended by
https://developer.apple.com/library/archive/documentation/FileManagement/Conceptual/FileSystemProgrammingGuide/AccessingFilesandDirectories/AccessingFilesandDirectories.html#//apple_ref/doc/uid/TP40010672-CH3-SW11?
Thanks.
Mikaël Barbero
Team Lead - Release Engineering | Eclipse Foundation
📱 (+33) 642 028 039 | 🐦 @mikbarbero
Eclipse Foundation <http://www.eclipse.org/ <http://www.eclipse.org/>>: The
Platform for Open Innovation and Collaboration
Le 5 août 2019 à 10:35, Torkild U. Resheim <torki...@gmail.com> a écrit :
Hi all,
I think I’m also seeing a problem related to the notarization process[1]. Using
macOS 10.15 beta (19A526h) I downloaded and attempted to run the Eclipse
installer which resulted in the following message:
«Eclipse-inst-mac64.dmg» can’t be opened because Apple cannot check it for
malicious software.
Best regards,
Torkild
[1]
https://developer.apple.com/documentation/security/notarizing_your_app_before_distribution
1. aug. 2019 kl. 13:46 skrev Thomas Singer <ts-...@syntevo.com>:
Hello,
According to my information, macOS 10.15 does not accept simple signed applications any more, but
requires a more complicated "notarization" process that requires the application to be
signed with "hardened runtime".
I've successfully notarized our application, but it fails even on 10.14 with
the following exception:
java.lang.NullPointerException
at org.eclipse.swt.widgets.Composite._getChildren(Composite.java:99)
at org.eclipse.swt.widgets.Composite.reskinChildren(Composite.java:979)
at org.eclipse.swt.widgets.ToolBar.reskinChildren(ToolBar.java:716)
at org.eclipse.swt.widgets.Widget.reskin(Widget.java:423)
at org.eclipse.swt.widgets.Widget.setData(Widget.java:1704)
Did someone already got a non-trivial Java/SWT application signed/notarized
correctly for macOS 10.15 that also runs without problems?
--
Best regards,
Thomas Singer
=============
syntevo GmbH
https://www.syntevo.com
https://www.syntevo.com/blog
_______________________________________________
platform-dev mailing list
platform-dev@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://www.eclipse.org/mailman/listinfo/platform-dev
_______________________________________________
platform-dev mailing list
platform-dev@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://www.eclipse.org/mailman/listinfo/platform-dev
_______________________________________________
platform-dev mailing list
platform-dev@eclipse.org <mailto:platform-dev@eclipse.org>
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://www.eclipse.org/mailman/listinfo/platform-dev
<https://www.eclipse.org/mailman/listinfo/platform-dev>
_______________________________________________
platform-dev mailing list
platform-dev@eclipse.org <mailto:platform-dev@eclipse.org>
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://www.eclipse.org/mailman/listinfo/platform-dev
<https://www.eclipse.org/mailman/listinfo/platform-dev>
_______________________________________________
platform-dev mailing list
platform-dev@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://www.eclipse.org/mailman/listinfo/platform-dev
_______________________________________________
platform-dev mailing list
platform-dev@eclipse.org
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://www.eclipse.org/mailman/listinfo/platform-dev
