spierce7
07/30/2021, 2:33 PM{
severity: "error",
code: null,
path: "My_App-1.0.0.dmg/My <http://App.app/Contents/app/sqlite-jdbc-3.34.1-371b212b7663f42133e45d49e82ad30.jar/org/sqlite/native/Mac/x86_64/libsqlitejdbc.jnilib|App.app/Contents/app/sqlite-jdbc-3.34.1-371b212b7663f42133e45d49e82ad30.jar/org/sqlite/native/Mac/x86_64/libsqlitejdbc.jnilib>",
message: "The binary is not signed.",
docUrl: null,
architecture: "x86_64"
},
{
severity: "error",
code: null,
path: "My_App-1.0.0.dmg/My <http://App.app/Contents/app/sqlite-jdbc-3.34.1-371b212b7663f42133e45d49e82ad30.jar/org/sqlite/native/Mac/x86_64/libsqlitejdbc.jnilib|App.app/Contents/app/sqlite-jdbc-3.34.1-371b212b7663f42133e45d49e82ad30.jar/org/sqlite/native/Mac/x86_64/libsqlitejdbc.jnilib>",
message: "The signature does not include a secure timestamp.",
docUrl: null,
architecture: "x86_64"
}
Status: invalid
Status Code: 2
Status Message: Package Invalid
Michael Paus
07/30/2021, 3:52 PM/org/sqlite/native/
spierce7
07/30/2021, 4:38 PMalexey.tsvetkov
07/30/2021, 5:19 PMcodesign
is to run the build with -Pcompose.desktop.verbose=true
and grep the log for codesign
entries). Re-signing needs to be done before native distribution is published, so the easiest way would be to depend on manually signed library locally (or you can publish your signed jar to a private repo). Also it is probably possible to use Gradle artifact transformations for that.
The proper solution would be for the JetBrains Compose Gradle plugin to sign jnilibs during packaging. We already do so for dylib files (I was not aware of jnilib format before today; seems like JDK itself does not use it since JDK 7 https://bugs.openjdk.java.net/browse/JDK-8127215).Michael Paus
07/30/2021, 5:59 PMspierce7
08/01/2021, 4:50 AM-Pcompose.desktop.verbose=true
to get the arguments for the codesign commandThe proper solution would be for the JetBrains Compose Gradle plugin to sign jnilibs during packaging.This sounds like an easy change. Would there be any opposition to it? Why not just sign every file? Why even care about extensions?
private val String.isDylibPath
get() = endsWith(".dylib") || endsWith(".jnilib")
Michael Paus
08/01/2021, 5:43 PMalexey.tsvetkov
08/02/2021, 12:10 AMspierce7
08/02/2021, 12:49 AMMichael Paus
08/02/2021, 3:13 PM