Gregory Szorc

If the docs I wrote are incorrect, please submit a PR to fix them! I actually haven't signed installers that much and the docs I wrote related to installer signing...

I just pushed my unfinished `apple-bom` crate to this repository. At this time, I have no plans to continue work on it nor publish it to crates.io. But perhaps the...

A code signing service that allowed you to bypass Apple's Developer subscription requirements would almost certainly run afoul of Apple policies. This is not what I've implemented nor do I...

The `main` branch has a few bug fixes related to re-signing a binary. I consider failure to re-sign a bug. Please file issues for any problems re-signing. In addition, I...

Making digests parallel within Mach-O is like a n=1 magnitude line change to plug in https://docs.rs/rayon/latest/rayon/iter/index.html. The magic of Rust :) Do you have examples of large/slow signing operations to...

The 0.19 release performed today contains a few improvements: * Commit 18c1db843930044c58979e2a8f8a7ceae4634461 eliminated a double computation of code digests during signing. * Commit a1df30338c996f001251a97492eb99f13ed836e5 introduced parallel digest computation for binaries...

In a former professional life, I was a maintainer of Firefox's build system and filed the tracking bug to make builds deterministic and reproducible: https://bugzilla.mozilla.org/show_bug.cgi?id=885777. So you don't have to...

A few minutes ago I pushed 3576f924dd31731cbb5554784a836888151669bd to make resource digesting streaming instead of loading the full file in memory first.

> Provide a flag to only sign the binary, and not any of the resources (doable in codesign with a flag that points to a separate metadata file) I don't...

@michaeleisel I'm sympathetic to the request to make `rcodesign` as fast as possible. (In my day job I work for my company's _Infrastructure Performance Team_ and I know a thing...