[tor-bugs] #18820 [Tor bundles/installation]: Integrate code signing into the release process
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Apr 14 10:31:21 UTC 2016
#18820: Integrate code signing into the release process
------------------------------------------+-----------------------
Reporter: gk | Owner: erinn
Type: task | Status: new
Priority: Very High | Milestone:
Component: Tor bundles/installation | Version:
Severity: Major | Keywords: tbb-6.0a5
Actual Points: | Parent ID: #6540
Points: | Reviewer:
Sponsor: |
------------------------------------------+-----------------------
We should integrate the OS X code signing as good as we can into our
release process. We have the following pieces at the moment
1) We create a .dmg file as the result of our build process
2) We have a signing machine where these files need to get transferred to
3) We need to sign the TorBrowser.app inside the .dmg file
4) We need to ship the .dmg file with the signed app
Taking these into account it seems quite cumbersome to automate this even
a bit. But maybe there is something I am missing.
This ticket is not about signing/removing the signature in a reproducible
fashion. Getting this going is very likely a separate fun task.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18820>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list