tor-browser-spec issueshttps://gitlab.torproject.org/tpo/applications/tor-browser-spec/-/issues2022-12-09T13:19:27Zhttps://gitlab.torproject.org/tpo/applications/tor-browser-spec/-/issues/33971Document Authenticode code signing certificate renewal process2022-12-09T13:19:27ZGeorg KoppenDocument Authenticode code signing certificate renewal processWhile it is still fresh we should document the process of renewing our Windows code signing certificate.While it is still fresh we should document the process of renewing our Windows code signing certificate.Tor Browser: 11.0 Issues with previous releasehttps://gitlab.torproject.org/tpo/applications/tor-browser-spec/-/issues/18820Integrate code signing into the release process2022-12-09T13:20:14ZGeorg KoppenIntegrate code signing into the release processWe should integrate the OS X code signing as good as we can into our release process. We have the following pieces at the moment
1) We create a .dmg file as the result of our build process
2) We have a signing machine where these files ...We should integrate the OS X code signing as good as we can into our release process. We have the following pieces at the moment
1) We create a .dmg file as the result of our build process
2) We have a signing machine where these files need to get transferred to
3) We need to sign the TorBrowser.app inside the .dmg file
4) We need to ship the .dmg file with the signed app
Taking these into account it seems quite cumbersome to automate this even a bit. But maybe there is something I am missing.
This ticket is not about signing/removing the signature in a reproducible fashion. Getting this going is very likely a separate fun task.