You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As of 2023.06.0, the DMG for MacOS X contains a correctly code signed application, which means we avoid the security issues warnings that used to happen and that required going to the security settings. Now users will just get a dialog warning them that they are opening an application they downloaded from the internet, which is the same as for all other applications not distributed through the App Store.
The CI workflow here also attempts to produce a valid .pkg code signed with a Mac Distribution Installer certificate which is required to upload an app to the App Store. However, I have run into several issues:
Applications to be distributed in the app store need to use the sandbox setting in entitlements - however this currently stops glue-wwt working correctly as described in Issue with WWT in sandbox mode #11 so I have disabled the sandbox entitlement here: 95b42d6
When validating the pkg I also ran into the issue that PyQtWebEngine bundles a helper app called dist/glue.app/Contents/Frameworks/PyQt5/Qt/lib/QtWebEngineCore.framework/Versions/5/Helpers/QtWebEngineProcess.app. However this ends up having a separate code signature than glue itself and the validation claims that this app identifier is already in use. I'm not really sure how to solve this, and removing the file doesn't help as it is actually needed by PyQtWebEngine which in turn is needed for glue-wwt (reverted the removal of this file in 91d8ae0)
Both issues are related to glue-wwt, so in principle we could try and build an application without glue-wwt and PyQtWebEngine to solve both issues, for distribution in the App Store, but this might not be desirable, so we should think about how important it is to actually have glue on the App Store versus having a downloadable DMG.
The text was updated successfully, but these errors were encountered:
As of 2023.06.0, the DMG for MacOS X contains a correctly code signed application, which means we avoid the security issues warnings that used to happen and that required going to the security settings. Now users will just get a dialog warning them that they are opening an application they downloaded from the internet, which is the same as for all other applications not distributed through the App Store.
The CI workflow here also attempts to produce a valid .pkg code signed with a Mac Distribution Installer certificate which is required to upload an app to the App Store. However, I have run into several issues:
Applications to be distributed in the app store need to use the sandbox setting in entitlements - however this currently stops glue-wwt working correctly as described in Issue with WWT in sandbox mode #11 so I have disabled the sandbox entitlement here: 95b42d6
When validating the pkg I also ran into the issue that PyQtWebEngine bundles a helper app called
dist/glue.app/Contents/Frameworks/PyQt5/Qt/lib/QtWebEngineCore.framework/Versions/5/Helpers/QtWebEngineProcess.app. However this ends up having a separate code signature than glue itself and the validation claims that this app identifier is already in use. I'm not really sure how to solve this, and removing the file doesn't help as it is actually needed by PyQtWebEngine which in turn is needed for glue-wwt (reverted the removal of this file in 91d8ae0)Both issues are related to glue-wwt, so in principle we could try and build an application without glue-wwt and PyQtWebEngine to solve both issues, for distribution in the App Store, but this might not be desirable, so we should think about how important it is to actually have glue on the App Store versus having a downloadable DMG.
The text was updated successfully, but these errors were encountered: