Opened 12 months ago

Last modified 12 months ago

#32507 new defect

Move closer to the way Mozilla is signing macOS bundles

Reported by: gk Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: tbb-security, tbb-sign, GeorgKoppen201911
Cc: Actual Points:
Parent ID: #32504 Points:
Reviewer: Sponsor:


Mozilla is using a bash script codesign.bash for signing macOS bundles. We should go over it and include the finer-grained signing (different entitlement files being used and sometimes entitlements are not even ready) into our setup.

(see: for important changes to that bash script)

Child Tickets

Change History (1)

comment:1 Changed 12 months ago by gk

I think a good process could be to do this transition step-wise: first using what Mozilla did for ESR68 and including our non-browser pieces (not sure how they fit into the place yet). Then building on top of that the improvements Mozilla made since then.

Note: See TracTickets for help on using tickets.