Run codesign on osx-arm64 #10260
Run codesign on osx-arm64 #10260
Conversation
beckermr
left a comment
There was a problem hiding this comment.
Does this pr sign all binaries or only those which have a prefixed replaced?
|
Only those which have a prefixed replaced which is all binaries produced by the conda compilers. |
|
Ok. So we won't be able to sign things if we are doing binary repackaging? |
|
Or I should say, installing a thing from binary repackaging. |
|
Nope. That should be done in |
|
Ok. So we do need the pr on conda build. |
|
What about statically linked binaries? |
|
Those have rpath in them if they were compiled using conda compilers, so they'll get replaced as well. |
|
Latest changes check if a file has been updated on whether it should do the signing. But we don't have any guarantee that it was signed in the first place, right? I think we either need to check if it has a valid signature ( |
|
If a package was not updated here, that means there was something wrong with the metadata in the conda package. That code path should not be triggered at all, but I added it just in case. |
|
ping on this |
|
huzzah! |
|
Fantastic! |
Drop conda_patches/gh10260.patch as it has been merged upstream! xref: conda/conda#10260
|
Hi there, thank you for your contribution to Conda! This pull request has been automatically locked since it has not had recent activity after it was closed. Please open a new issue or pull request if needed. |
No description provided.