No Notarised Binary For macOS

[Ezirius]

We need a notarised binary for macOS, please.

This is very important in a era where security is and needs to be foremost in our minds. The lack of a notarised binary will deter people from trying the application and hinder adoption.

[ericpar]

I also vote for this "feature" as I can't use emacs due to security issues at my workplace.

[thynus]

From Verifying the Binary Integrity

On macos Big Sur 11.6 codesign -dvv /Applications/Emacs.app

Look for the following in the output:

Authority=Developer ID Application: Galvanix
Authority=Developer ID Certification Authority
Authority=Apple Root CA

[jamesquilty]

I just updated from 28.2 (installed with --no-quarantine I believe) to 29.1 with Homebrew without specifying --no-quarantine on macOS 13 and found that I can launch the app and run from the command line without error. I checked for notarisation as follows and everything seems to be OK:

$ spctl -a -t exec -v /Applications/Emacs.app
/Applications/Emacs.app: accepted
source=Notarized Developer ID

$ codesign -dvv /Applications/Emacs.app
...
Authority=Developer ID Application: Galvanix (5BRAQAFB8B)
Authority=Developer ID Certification Authority
Authority=Apple Root CA
...

Perhaps this issue has been fixed?

[caldwell]

Yeah, it has. I initially intended to keep this open for a couple days just to make sure I had gotten it right and then of course promptly forgot. 🙂

According to the "about" page I did that a year ago. The Emacs-28.1-4 release was the first release to be notarized. Everything build after 2022-04-24 is notarized.