Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix release-tool on macOS and add notarisation #3827

merged 1 commit into from Nov 9, 2019


Copy link

phoerious commented Nov 9, 2019

Type of change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)

Description and Context

The release-tool had bugs on macOS which I always needed to hotfix while building releases. This PR finally fixes those once and for all. The main issues were an outdated target platform, a non-working sandbox entitlement configuration, and a wrong path to the entitlements file in the codesign command.

In addition to fixing these issues, this PR also adds notarisation capabilities, so hopefully Apple will finally shut up about our app not being tested for malware.

For 2.6 we can also look into enabling the sandbox. Right now, there is no quick way to make the browser extension work when KeePassXC is sandboxed. When we are doing that, we should also change the application identifier from org.keepassx.keepassxc to org.keepassxc.keepassxc.


  • I have read the CONTRIBUTING document. [REQUIRED]
  • My code follows the code style of this project. [REQUIRED]
  • All new and existing tests passed. [REQUIRED]
  • I have compiled and verified my code with -DWITH_ASAN=ON. [REQUIRED]
@phoerious phoerious added this to the v2.5.1 milestone Nov 9, 2019
@phoerious phoerious requested a review from droidmonkey Nov 9, 2019
@phoerious phoerious force-pushed the hotfix/macos-release-tool branch 5 times, most recently from 1d779a2 to 133f369 Nov 9, 2019
@phoerious phoerious force-pushed the hotfix/macos-release-tool branch from 133f369 to 3e7386c Nov 9, 2019
@phoerious phoerious merged commit 7659bbb into release/2.5.1 Nov 9, 2019
3 checks passed
3 checks passed
MacOS (KeepassXC) TeamCity build finished
Ubuntu Linux (KeepassXC) TeamCity build finished
Windows 10 (KeepassXC) TeamCity build finished
@phoerious phoerious deleted the hotfix/macos-release-tool branch Nov 9, 2019
phoerious added a commit that referenced this pull request Nov 11, 2019

- Add programmatic use of the EntrySearcher [#3760]
- Explicitly clear database memory upon locking even if the object is not deleted immediately [#3824]
- macOS: Add ability to perform notarization of built package [#3827]


- Reduce file hash checking to every 30 seconds to correct performance issues [#3724]
- Correct formatting of notes in entry preview widget [#3727]
- Improve performance and UX of database statistics page [#3780]
- Improve interface for key file selection to discourage use of the database file [#3807]
- Hide Auto-Type sequences column when not needed [#3794]
- macOS: Revert back to using Carbon API for hotkey detection [#3794]
- CLI: Do not show protected fields by default [#3710]


- Secret Service: Correct issues interfacing with various applications [#3761]
- Fix building without additional features [#3693]
- Fix handling TOTP secret keys that require padding [#3764]
- Fix database unlock dialog password field focus [#3764]
- Correctly label open databases as locked on launch [#3764]
- Prevent infinite recursion when two databases AutoOpen each other [#3764]
- Browser: Fix incorrect matching of invalid URLs [#3759]
- Properly stylize the application name on Linux [#3775]
- Show application icon on Plasma Wayland sessions [#3777]
- macOS: Check for Auto-Type permissions on use instead of at launch [#3794]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
2 participants
You can’t perform that action at this time.