[kstars] [Bug 458351] [macOS] trustworthy code-signed download was replaced with a completely unsigned binary
Rob
bugzilla_noreply at kde.org
Fri Aug 26 19:46:59 BST 2022
https://bugs.kde.org/show_bug.cgi?id=458351
--- Comment #3 from Rob <rlancaste at gmail.com> ---
So I have been building KStars DMGs and releases on my machine since 2016 or so
and every release was built and released that way. It was only a very short
time (~ 1 month or so) that we have been using the KDE binary built version
because my script broke. I only finally managed to get my craft recipes on the
kde binary server so that we could have nightly versions and releases built
there in January of 2022. But I am still building official releases on my
machine. I just recently fixed my script and uploaded the new version. I
wouldn't say that there was a "trusted" version until now and it suddenly was
replaced with a "hacked" one. We were only using that "trusted" version for a
very short time as a stopgap measure until we fixed some issues. There are
still several other things that I have in the dmg that are not properly
duplicated in the craft kde binary server built version and I would not like to
switch to them as the official version of releases until I can get craft to do
those things properly.
Also my dmgs have not been code signed because I have not spent my own money to
get a developer certificate. Is it possible for me to build on my own machine
with the KDE developer certificate or must that be done from the KDE binary
server only?
--
You are receiving this mail because:
You are watching all bug changes.
More information about the kde-mac
mailing list