Re: Code Signing


Jack Brindle
 

I would disagree. There are very specific circumstances where the embedded code must be signed by the original developer. Anything that is shared falls into this category. If you re-sign a shared third-party dext or sext you won’t get the behavior you want, and you will break other vendors applications. Another way to think of it - do you really want to be responsible for someone else’s code? In some cases you would be breaking the agreement you made to use that framework, bundle, tool, or other piece of code.

In general, if it comes signed, leave it that way and don’t overwrite it with another signature. You just might be breaking it. Worse, lawyers just might get involved...

Jack

On Feb 11, 2021, at 8:01 PM, Shane Stanley <sstanley@myriad-com.com.au> wrote:

On 11 Feb 2021, at 9:53 am, Jack Brindle via groups.io <jackbrindle=me.com@groups.io> wrote:

If you have any third party components, it will overwrite their signature with yours.
Which is what you generally want. The code in the bundle should all be signed with the same identity.

--
Shane Stanley <sstanley@myriad-com.com.au>
<www.macosxautomation.com/applescript/apps/>, <latenightsw.com>





Join xcode@apple-dev.groups.io to automatically receive all group messages.