-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Run codesign on osx-arm64 #10260
Run codesign on osx-arm64 #10260
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does this pr sign all binaries or only those which have a prefixed replaced?
Only those which have a prefixed replaced which is all binaries produced by the conda compilers. |
Ok. So we won't be able to sign things if we are doing binary repackaging? |
Or I should say, installing a thing from binary repackaging. |
Nope. That should be done in |
Ok. So we do need the pr on conda build. |
What about statically linked binaries? |
Those have rpath in them if they were compiled using conda compilers, so they'll get replaced as well. |
Latest changes check if a file has been updated on whether it should do the signing. But we don't have any guarantee that it was signed in the first place, right? I think we either need to check if it has a valid signature ( |
If a package was not updated here, that means there was something wrong with the metadata in the conda package. That code path should not be triggered at all, but I added it just in case. |
ping on this |
huzzah! |
Fantastic! |
Drop conda_patches/gh10260.patch as it has been merged upstream! xref: conda/conda#10260
Hi there, thank you for your contribution to Conda! This pull request has been automatically locked since it has not had recent activity after it was closed. Please open a new issue or pull request if needed. |
No description provided.