You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Notarization features are now optional and can be controlled via the
enabled-by-default notarize crate feature. (#78)
Minimum supported Rust version changed from 1.62.1 to 1.70.0.
CLI argument parsing has been rewritten to use clap's derive mode
instead of the builder mode. The intent was to mostly preserve existing
CLI behavior. However, some minor changes - possibly bugs - may have
occurred as a result of this refactor.
AppleCodesignError::AwsS3Error now stores a Box<T>.
Added a hidden debug-create-macho command for generating Mach-O files.
The command (and new code behind it) is intended to facilitate writing
tests of Mach-O signing.
Added a hidden debug-create-info-plist command for generating Info.plist
files. The command is intended to be used to facilitate testing.
The --code-signature-flags argument of the sign command now correctly
applies multiple values. Before, flags were set to the final specified
value.
Added several trycmd based tests for testing CLI and signing behaviors.
The trycmd tests may download a prebuilt Rust coreutils binary from
github.com when executing on platforms with prebuilt binaries.
The --data argument of the extract command is now a positional argument.
Added a hidden debug-create-code-requirements command for generating
binary code requirements files. The command is intended to facilitate testing.
The print-signature-info command should now work on bundles. It may have
stopped working as part of an upgrade to serde_yaml. The YAML output may
have changed slightly.
CodeResources files now emit " instead of " for parity with Apple
tooling.
SHA-1 digests are now automatically enabled when signing a Mach-O binary
without platform targeting. This mimics the behavior of Apple's tooling.
Before, we would only automatically activate SHA-1 digests when there was
a Mach-O load command targeting a too-old platform version which didn't
support SHA-256 digests.
An empty CMS blob is now automatically added when signing in ad-hoc mode.
Before, no CMS blob would be present. The new behavior matches that of
Apple's tooling.
Code signature data is now aligned to 16 byte boundaries in Mach-O binaries.
This matches the behavior of Apple tooling.
HTTP requests now use the operating system's trusted X.509 certificates
instead of a default set (based off Mozilla's maintained list). This should
allow connections to HTTP proxies using custom/private certificate authorities
to work, assuming certificates are installed on the local system. (#85)
Added a hidden debug-create-entitlements command for generating entitlements
plist files. The command is intended to facilitate testing.
The print-signature-info command YAML output now encodes entitlements XML
as an array of strings for easier readability.
A custom signing time can now be specified to force using a specific
time instead of the current time. The CMS signing and settings APIs have
changed accordingly. The sign command now accepts a --signing-time
argument to control the signing time.
The generate-self-signed-certificate command gained a --pem-unified-filename argument to write a PEM encoded file containing
both the private key and public certificate.
Fixed a bug where files would be identified as Mach-O when they weren't.
Bundle signing logic has been significantly overhauled to hopefully make
it conform with Apple tooling's behavior. This likely fixed several bugs
with bundle signing.
Fixed a bundle signing bug where overwriting symlinks would incorrectly
result in an Error: I/O error: File exists (os error 17) or similar.
When signing bundles, symlinks in directories marked as nested should
now get properly sealed and installed. (#10)
When signing bundles, Mach-O binaries outside of nested directories
(e.g. Libraries/libFoo.dylib) are automatically detected as Mach-O
binaries and signed. This behavior conforms with our stated behavior of
recursively signing all signable entities. However, it is incompatible
with Apple's tooling, which only signs Mach-O binaries located in
specific directories having the nested flag set. This change should
result in it just works single command signing of many complex
bundles.
Added a hidden debug-file-tree command to print simple directory
trees. The command is used by snapshot tests to validate bundle signing
behavior.
The CLI default log level has been changed to warn. As a result,
command output is less verbose. -v restores the prior behavior. And -vvv is now needed to activate trace logging (previously -vv was
the highest log level).
The sign --exclude argument is now honored for Mach-O binaries within
bundles. Previously, it only applied to bundle paths.
The default CodeResources rules for bundles lacking a Resources/
now properly have trailing / on rules referencing .lproj directories.
Previously, these directories were likely not handled correctly. (#42)
Fixed a bug where attempting to sign Mach-O binaries having a __TEXT segment
whose start offset was >0 resulted in a Mach-O segment corruption error.
We can now properly sign such files. (#91)
verify command now errors if not given the path of a Mach-O binary.
verify command now prints a warning that its known to be buggy.
