On Wed, 4 Aug 2021 20:56:46 GMT, Alexander Matveev <almatvee@openjdk.org> wrote:
8271868: Warn user when using mac-sign option with unsigned app-image.
src/jdk.jpackage/macosx/classes/jdk/jpackage/internal/MacBaseInstallerBundler.java line 142:
140: // is not allready signed. 141: Path launcher = applicationImage.resolve("Contents/MacOS") 142: .resolve(APP_NAME.fetchFrom(params));
As far as I remember launcher can be signed, but entire app image might not be signed. So, in this case check will pass, but notarization will fail. I think we should run check on app image itself.
jpackage will either copy the launcher from resource unmodified and unsigned, or sign all the sign-able elements in the app-image (including the launcher). ------------- PR: https://git.openjdk.java.net/jdk/pull/5004