gon
lemur
Our great sponsors
gon | lemur | |
---|---|---|
6 | 3 | |
1,454 | 1,694 | |
- | 0.6% | |
0.0 | 9.6 | |
6 months ago | 6 days ago | |
Go | Python | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
gon
-
Sickcodes/Docker-OS X: Run macOS VM in a Docker
It might be less effort to use something like this: https://gregoryszorc.com/blog/2021/04/14/pure-rust-implement...
Might even be able to modify `gon` to use that instead of Apple's `codesign` and then you'll have notarization too: https://github.com/mitchellh/gon
-
A Completely Open-Source Implementation of Apple Code Signing and Notarization
I’ve always used gon ( https://github.com/mitchellh/gon ) for this, which is open source golang, but I don’t think it supports mach-o embedding. I’ll have to try this tool out.
-
How do I bundle a Golang executable into a MacOS .app file?
There is no need for some special solution to pack your .app, you need to create .app directories, copy your binary, create Info.plist with metadata about your binary, icon, etc. I did this for a couple of apps and it is simple. It is another thing if you want to sign and notarize the binary, there are other tools for that, like https://github.com/mitchellh/gon.
-
Signing app for MacOS is like alien cryptographic language
I use gon to sign and notarize a DMG file. Once you set it up, it's a simple one-line command that will upload the DMG to Apple, await notarization, and give you back a DMG that's ready for distribution.
-
The Gates to Hell: Apples Notarizing
My advice from years of notarizing my apps is to make sure you do it at least once per day for each of your apps. If you only notarize once every release (say, every month or so), you are almost guaranteed to encounter some new cryptic error that you've never seen before, either due to some glitch in signing your app or frameworks, or else some server-side error such as new terms & conditions that you are being "encouraged" to agree to. It will take you hours to research and resolve them if they aren't spotted right away.
As others pointed out, https://github.com/mitchellh/gon is a great tool for doing this on your local machine (e.g., with a cron job). In addition, if you are building your app using a GitHub action (which I highly recommend if it is open-source), you can use my https://github.com/hubomatic/hubomat action to package and notarize a release in one shot. The sample/template app does this automatically on every commit as well as once per day: https://github.com/hubomatic/MicroVector/actions.
So when this fails from a scheduled job, you at least know that something has changed on the Apple side and can investigate that right away. And if it fails as a result of a commit, then at least you can start looking at what changes you may have made to your entitlements or code signing settings or embedded frameworks or any of the other million things that can cause it to fail.
lemur
-
A Completely Open-Source Implementation of Apple Code Signing and Notarization
this feels like a job for lemur and smallstep
https://smallstep.com/docs/step-ca
https://github.com/Netflix/lemur
-
Are there any solutions using a centralized validation server for Let's Encrypt
Other commercial options include ManageEngine and DigiCert. One the open source side there is gnarly stuff like https://github.com/aptise/peter_sslers and https://github.com/Netflix/lemur
-
Certificate Management
There is https://github.com/Netflix/lemur which has a UI but not sure how well maintained it is.
What are some alternatives?
gow - Missing watch mode for Go commands. Watch Go files and execute a command like "go run" or "go test"
badssl.com - :lock: Memorable site for testing clients against bad SSL configs.
httptoolkit-desktop - Electron wrapper to build and distribute HTTP Toolkit for the desktop
cryptonice - CryptoNice is both a command line tool and library which provides the ability to scan and report on the configuration of SSL/TLS for your internet or internal facing web services. Built using the sslyze API and ssl, http-client and dns libraries, cryptonice collects data on a given domain and performs a series of tests to check TLS configuration and supporting protocols such as HTTP2 and DNS.
xcnotary - the missing macOS app notarization helper, built with Rust
certify - Professional ACME Client for Windows. Certificate Management UI, powered by Let's Encrypt and compatible with all ACME v2 CAs. Download from certifytheweb.com
corona - Solar2D Game Engine main repository (ex Corona SDK)
tls_client_handshake_pure_python - TLS Client Handshake Pure Python implementation
realize - Realize is the #1 Golang Task Runner which enhance your workflow by automating the most common tasks and using the best performing Golang live reloading.
BounCA - BounCA is a web tool to generate self-signed SSL certificates and setup a key infrastructure
ldid - Link Identity Editor. Put real or fake signatures in a Mach-O.
webcert - WebCert is a Web application to generate and manage digital certificates in cases where no "full" CA is needed.