SpacetimeDB icon indicating copy to clipboard operation
SpacetimeDB copied to clipboard
verified publisher icon clockworklabs

x86 binaries for macOS are not signed

Open botantony opened this issue 9 months ago • 2 comments

After trying to add SpacetimeDB to the official Homebrew repository (not your tap but the main repo) I got following CI error:

audit for spacetimedb: failed
 - Signature verification failed:
/private/tmp/cask-audit20250304-6089-d9h9in/spacetimedb-cli: code object is not signed at all
In architecture: x86_64

macOS on ARM requires software to be signed.
Please contact the upstream developer to let them know they should sign and notarize their software.

Even tho it is not necessary to sign binaries for x86 macOS versions, cloud you please sign them so it can be add to main repo?

Related to Homebrew/homebrew-cask/pull/203826

botantony avatar Mar 04 '25 21:03 botantony

Steps for moving this forward

  1. Figure out how to do this
  2. Determine how easy it would be to work this into our current release flow (probably as part of Github actions)

jdetter avatar Mar 05 '25 17:03 jdetter

It should be the same process as with ARM binaries. If you didn't sign ARM binaries (which is strange because macOS Gatekeeper doesn't complain about that) you'd need Apple Developer ID. Check this for automatic GitHub Action: https://github.com/marketplace/actions/code-sign-action

botantony avatar Mar 05 '25 17:03 botantony

I'm closing this since we no longer maintain that homebrew repository.

bfops avatar Oct 09 '25 20:10 bfops