gon
lemur
gon | lemur | |
---|---|---|
6 | 4 | |
1,454 | 1,728 | |
- | 0.2% | |
0.0 | 9.4 | |
about 1 year ago | 7 days ago | |
Go | Python | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
gon
-
Sickcodes/Docker-OS X: Run macOS VM in a Docker
It might be less effort to use something like this: https://gregoryszorc.com/blog/2021/04/14/pure-rust-implement...
Might even be able to modify `gon` to use that instead of Apple's `codesign` and then you'll have notarization too: https://github.com/mitchellh/gon
-
A Completely Open-Source Implementation of Apple Code Signing and Notarization
I’ve always used gon ( https://github.com/mitchellh/gon ) for this, which is open source golang, but I don’t think it supports mach-o embedding. I’ll have to try this tool out.
-
How do I bundle a Golang executable into a MacOS .app file?
There is no need for some special solution to pack your .app, you need to create .app directories, copy your binary, create Info.plist with metadata about your binary, icon, etc. I did this for a couple of apps and it is simple. It is another thing if you want to sign and notarize the binary, there are other tools for that, like https://github.com/mitchellh/gon.
-
Signing app for MacOS is like alien cryptographic language
I use gon to sign and notarize a DMG file. Once you set it up, it's a simple one-line command that will upload the DMG to Apple, await notarization, and give you back a DMG that's ready for distribution.
-
The Gates to Hell: Apples Notarizing
My advice from years of notarizing my apps is to make sure you do it at least once per day for each of your apps. If you only notarize once every release (say, every month or so), you are almost guaranteed to encounter some new cryptic error that you've never seen before, either due to some glitch in signing your app or frameworks, or else some server-side error such as new terms & conditions that you are being "encouraged" to agree to. It will take you hours to research and resolve them if they aren't spotted right away.
As others pointed out, https://github.com/mitchellh/gon is a great tool for doing this on your local machine (e.g., with a cron job). In addition, if you are building your app using a GitHub action (which I highly recommend if it is open-source), you can use my https://github.com/hubomatic/hubomat action to package and notarize a release in one shot. The sample/template app does this automatically on every commit as well as once per day: https://github.com/hubomatic/MicroVector/actions.
So when this fails from a scheduled job, you at least know that something has changed on the Apple side and can investigate that right away. And if it fails as a result of a commit, then at least you can start looking at what changes you may have made to your entitlements or code signing settings or embedded frameworks or any of the other million things that can cause it to fail.
lemur
-
Death of DevSecOps, Part 3
Netflix’s Lemur: makes it easy for a developer to get a TLS certificate for a microservice, without having to deal with cryptography, manage private keys securely, and remember to rotate certs before they expire
-
A Completely Open-Source Implementation of Apple Code Signing and Notarization
this feels like a job for lemur and smallstep
https://smallstep.com/docs/step-ca
https://github.com/Netflix/lemur
-
Are there any solutions using a centralized validation server for Let's Encrypt
Other commercial options include ManageEngine and DigiCert. One the open source side there is gnarly stuff like https://github.com/aptise/peter_sslers and https://github.com/Netflix/lemur
-
Certificate Management
There is https://github.com/Netflix/lemur which has a UI but not sure how well maintained it is.
What are some alternatives?
gow - Missing watch mode for Go commands. Watch Go files and execute a command like "go run" or "go test"
tls_client_handshake_pure_python - TLS Client Handshake Pure Python implementation
corona - Solar2D Game Engine main repository (ex Corona SDK)
cryptonice - CryptoNice is both a command line tool and library which provides the ability to scan and report on the configuration of SSL/TLS for your internet or internal facing web services. Built using the sslyze API and ssl, http-client and dns libraries, cryptonice collects data on a given domain and performs a series of tests to check TLS configuration and supporting protocols such as HTTP2 and DNS.
httptoolkit-desktop - Electron wrapper to build and distribute HTTP Toolkit for the desktop
webcert - WebCert is a Web application to generate and manage digital certificates in cases where no "full" CA is needed.
xcnotary - the missing macOS app notarization helper, built with Rust
trustme - #1 quality TLS certs while you wait, for the discerning tester
appify - Create a macOS Application from an executable (like a Go binary)
OCSPChecker - OCSP-Checker provides an automated means to check the OCSP revocation status for a x509 digital certificate.
swift-corelibs-foundation - The Foundation Project, providing core utilities, internationalization, and OS independence
certify - Professional ACME Client for Windows. Certificate Management UI, powered by Let's Encrypt and compatible with all ACME v2 CAs. Download from certifytheweb.com