Hi, I'll be up-front: this isn't strictly a Netbeans question, but I do wonder how NB developers handle this situation and, hopefully, get some ideas about what I can do myself.
Recently, I went through my usual notarization process with my application (a DMG installer produced by jpackage) only to see the submission fail. Looking at the log, Apple is now complaining about the native macOS executables I'm bundling in my application's jar file as well as the JNA jar that JGit's jar depends on. It seems Apple is getting ever more watchful on what runs on their Macs. I was able to get around the notarization failure on my native executables by simply encrypting them. I know, the 'right' thing to do would be to actually do the three things Apple now asks for (signing each executable, providing a secure time stamp, and having them run in a hardened runtime environment), but I have neither the time nor Mac-specific knowledge to go down that path. Encrypting those executables will prevent future snooping by Apple as well. But what to do about the JGit JNA dependency? I read sometime back that Netbeans also uses JGit - if that's true, how do the community members that provide the DMG installer of NB handle this notarization requirement? Or is there a version of JGit that's pure Java that I could use instead and avoid the issue altogether? Thanks in advance, Tom --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@netbeans.apache.org For additional commands, e-mail: users-h...@netbeans.apache.org For further information about the NetBeans mailing lists, visit: https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists
