问题
What are the most appropriate ways to harden, code-sign, notarize, package, etc., a command-line binary (stdin, stdout, etc., no windows or icons) to allow distribution of the binary to macOS Catalina users, so that they can run the utility with the least amount of pain/hassle?
Assume the default/stock OS configuration of GateKeeper, etc. Assume the users most likely currently don't have the installed tools or skills to compile from source. Assume that a Terminal window popping up when running the utility won't scare them.
回答1:
I've started using https://github.com/mitchellh/gon recently, and am very happy with it. From the makers of Vagrant, Terraform, Packer, et al.
来源:https://stackoverflow.com/questions/59974516/signing-notarizing-hardening-etc-a-macos-command-line-binary