[Interest] notarizing builds for Mac - enabling hardened runtime

Apple says that all apps will need to be notarized (viewed) by them to be run on macOS 10.15 once released. Apps must have the hardened runtime enabled in Xcode before they can be notarized. Is there any way to get qmake to enable that project option? Hamish ___

Re: [Interest] notarizing builds for Mac - enabling hardened runtime

On Fri, Jun 21, 2019 at 9:42 AM Hamish Moffatt wrote: > > Apple says that all apps will need to be notarized (viewed) by them to > be run on macOS 10.15 once released. > Apps must have the hardened runtime enabled in Xcode before they can be > notarized. > Is there any way to get qmake to enable t

Re: [Interest] notarizing builds for Mac - enabling hardened runtime

> -Original Message- > From: Interest On Behalf Of Hamish > Moffatt > Sent: Friday, June 21, 2019 8:42 AM > To: Qt Interest > Subject: [Interest] notarizing builds for Mac - enabling hardened runtime > > Apple says that all apps will need to be notarized (viewed

Re: [Interest] notarizing builds for Mac - enabling hardened runtime

Den fre 21 juni 2019 09:13Kai Köhne skrev: > > -Original Message- > > From: Interest On Behalf Of Hamish > > Moffatt > > Sent: Friday, June 21, 2019 8:42 AM > > To: Qt Interest > > Subject: [Interest] notarizing builds for Mac - enabling hardened

Re: [Interest] notarizing builds for Mac - enabling hardened runtime

From: Interest on behalf of Elvis Stansvik Date: Friday, June 21, 2019 at 7:14 AM To: Kai Köhne Cc: Qt Interest Subject: Re: [Interest] notarizing builds for Mac - enabling hardened runtime Den fre 21 juni 2019 09:13Kai Köhne skrev: > -Original Message- > From: Intere

Re: [Interest] notarizing builds for Mac - enabling hardened runtime

21.06.2019, 16:36, "Michael Jackson" : > Apple, sigh, I can understand and sympathize requiring signed builds, but > this mandatory "virus scanned by Apple" is a little silly. As a user I trust > the virus scanner I pick myself more than some blackbox process on Apple HQ > servers. To be fair

Re: [Interest] notarizing builds for Mac - enabling hardened runtime

Den fre 21 juni 2019 15:39Konstantin Tokarev skrev: > > > 21.06.2019, 16:36, "Michael Jackson" : > > Apple, sigh, I can understand and sympathize requiring signed builds, > but this mandatory "virus scanned by Apple" is a little silly. As a user I > trust the virus scanner I pick myself more than

Re: [Interest] notarizing builds for Mac - enabling hardened runtime

Den fre 21 juni 2019 15:33Michael Jackson skrev: > *From: *Interest on behalf of Elvis > Stansvik > *Date: *Friday, June 21, 2019 at 7:14 AM > *To: *Kai Köhne > *Cc: *Qt Interest > *Subject: *Re: [Interest] notarizing builds for Mac - enabling hardened > runtime > &g

Re: [Interest] notarizing builds for Mac - enabling hardened runtime

On 21/6/19 9:13 pm, Elvis Stansvik wrote: Den fre 21 juni 2019 09:13Kai Köhne > skrev: For the time being, it seems you've to execute the codesign call yourself. This is what I've done at work to prepare our builds for this. We use CMake though and we're alre

Re: [Interest] notarizing builds for Mac - enabling hardened runtime

Den lör 22 juni 2019 kl 01:14 skrev Hamish Moffatt : > > On 21/6/19 9:13 pm, Elvis Stansvik wrote: > > Den fre 21 juni 2019 09:13Kai Köhne skrev: >> >> >> For the time being, it seems you've to execute the codesign call yourself. > > > This is what I've done at work to prepare our builds for this.

Re: [Interest] notarizing builds for Mac - enabling hardened runtime

On Fri, Jun 21, 2019 at 12:13 AM Kai Köhne wrote: > > I understand that the "hardened runtime" enabling happens at codesign time, > so this should arguably be a feature of macdeployqt. It's not there yet > though, > at least according to https://bugreports.qt.io/browse/QTBUG-71291 . If > you're

Re: [Interest] notarizing builds for Mac - enabling hardened runtime

Den tis 9 juli 2019 kl 19:57 skrev Adam Light : > > > > On Fri, Jun 21, 2019 at 12:13 AM Kai Köhne wrote: >> >> >> I understand that the "hardened runtime" enabling happens at codesign time, >> so this should arguably be a feature of macdeployqt. It's not there yet >> though, >> at least accordin

Re: [Interest] notarizing builds for Mac - enabling hardened runtime

It sounds like not signing at all is still an option? "Mac apps, installer packages, and kernel extensions *that are signed with Developer ID* must also be notarized by Apple in order to run on macOS Catalina." Apple has made this way too complicated to be useful IMHO. --- Andy Maloney // http

Re: [Interest] notarizing builds for Mac - enabling hardened runtime

Den ons 10 juli 2019 kl 13:20 skrev Andy : > > It sounds like not signing at all is still an option? Yes, I guess not signing our builds (except releases), and asking testers to use Ctrl-click + "Open" instead of double-clicking, is what we'll do as a workaround, if it turns out there's no way for

Re: [Interest] notarizing builds for Mac - enabling hardened runtime

On Tue, Jul 9, 2019 at 8:56 PM Adam Light wrote: > > > On Fri, Jun 21, 2019 at 12:13 AM Kai Köhne wrote: > >> >> I understand that the "hardened runtime" enabling happens at codesign >> time, >> so this should arguably be a feature of macdeployqt. It's not there yet >> though, >> at least accord

Re: [Interest] notarizing builds for Mac - enabling hardened runtime

On Wed, Jul 10, 2019 at 2:28 AM Elvis Stansvik wrote: > > With "work around" do you mean from the user POV (e.g. somehow > disabling Gatekeeper, or Ctrl+Open, or something else) or from a > developer POV (so, having to notarize)? > > Instead of repeating myself here, please see my comment at http

Re: [Interest] notarizing builds for Mac - enabling hardened runtime

On Wed, Jul 10, 2019 at 9:17 AM coroberti . wrote: > Adam, > Could you please provide more details about notarization without runtime > hardening by using SDK 10.13? > Specifically, which Xcode version was used and at which Mac OS? > Thanks, > > See https://developer.apple.com/documentation/secur

Re: [Interest] notarizing builds for Mac - enabling hardened runtime

Den ons 10 juli 2019 kl 21:20 skrev Adam Light : > > > > On Wed, Jul 10, 2019 at 2:28 AM Elvis Stansvik wrote: >> >> >> With "work around" do you mean from the user POV (e.g. somehow >> disabling Gatekeeper, or Ctrl+Open, or something else) or from a >> developer POV (so, having to notarize)? >> >

Re: [Interest] notarizing builds for Mac - enabling hardened runtime

Den ons 10 juli 2019 kl 21:44 skrev Elvis Stansvik : > > Den ons 10 juli 2019 kl 21:20 skrev Adam Light : > > > > > > > > On Wed, Jul 10, 2019 at 2:28 AM Elvis Stansvik wrote: > >> > >> > >> With "work around" do you mean from the user POV (e.g. somehow > >> disabling Gatekeeper, or Ctrl+Open, or

Re: [Interest] notarizing builds for Mac - enabling hardened runtime

Thanks for this - mind pasting it as a gist for easy access? On Wed, Jul 10, 2019 at 9:59 PM Elvis Stansvik wrote: > Den ons 10 juli 2019 kl 21:44 skrev Elvis Stansvik : > > > > Den ons 10 juli 2019 kl 21:20 skrev Adam Light : > > > > > > > > > > > > On Wed, Jul 10, 2019 at 2:28 AM Elvis Stansvi

Re: [Interest] notarizing builds for Mac - enabling hardened runtime

Den tors 11 juli 2019 kl 06:49 skrev Vadim Peretokin : > > Thanks for this - mind pasting it as a gist for easy access? Here it is: https://gist.github.com/estan/505cd5b4c18d80f1dd17ac2ea0f6c69e Elvis > > On Wed, Jul 10, 2019 at 9:59 PM Elvis Stansvik wrote: >> >> Den ons 10 juli 2019 kl 21:44