-
Hi! I viewed a lot of historical issues and discussions, even on Google Groups from 2012, but I still can't get the answer to how to fix the gap in startup time when macOS tries to verify the executable file. I use the same Linux:
Windows (after signing):
macOS (after signing and notarizing):
I'm completely fine with onefile and time on Linux/Windows, but this is unbelievably slow on macOS. It easily could take up to 11 seconds to start. I started researching it and figured out that Apple send request each run. Blocking this request locally gives me a 1.5s startup. And that's how I found all related issues and discussions later. This perfectly describes my issue (context: sign every binary file instead of only the main one):
The Recipe OSX Code Signing wiki pages refer to the GitHub Gist I used to initially set my signing and notarizing flow. It uses So I started thinking that Additionally, I signed the resulting onefile executable manually and notarized it after that. It passes checks via Unfortunately, the startup time doesn't change. Using the sniffing tool I can confirm that macOS still sends a request to Apple each run instead of caching in somehow or something. The latest what I want to quote before asking a question is
I'll be happy to know the reason for the problems on macOS and onefile mode. So what is the reason and how we can deal with it? Is there a right way to sign and notarize executable files in onefile mode? Thanks! upd. summoning @jiayouzl from #6801. Looks exactly what I have now but without details how to fix. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 9 replies
-
Even if you sign and notarize your onefile executable, the shared libs collected in the onefile executable are not notarized (even if you did sign them during collection using
There is not. Like one of the quotes said, "macOS isn't generally suited to onefile mode". |
Beta Was this translation helpful? Give feedback.
Yes.