I'm working with this repository: https://github.com/SoarGroup/Soar. It's a programming language of sorts with a unique runtime used for AI research. It's pretty old, it's always been distributed as a simple zip file containing an executable, several dynamic libraries needed for using the system from Java, Python and other languages, some JAR's and txt and PDF files.
A few years back it became very difficult for Mac users to open the executables due to the new security restrictions. So I'm trying to apply all of the required codesigning so that Mac will allow users to use the executable and libraries without fuss. However, I'm getting confused because there are different steps for distributing in the app store and outside the app store (I am distributing OUTSIDE the app store), and instructions also often assume some kind of installable package (all we use is a zip file that users unpack and place on their desktop or wherever they like).
Here's an example build: https://github.com/SoarGroup/Soar/actions/runs/3789615737
I'm following the post here: https://developer.apple.com/forums/thread/701514#701514021. I think I have the codesigning step correct; I use codesign -vvvv --timestamp -s "MY_CERT_NAME" -i com.my.wildcard.identifier.filename_with_extension for each of the binaries that we are distributing:
- _Python_sml_ClientInterface.so
- libJava_sml_ClientInterface.jnilib
- libSoar.dylib
- libTcl_sml_ClientInterface.dylib
- libtclsoarlib.dylib
- soar
The tutorial says that the ordering matters, so I put the executable last, since it references the dylibs (though I'm not sure if that is what was meant).
Next is the notarization step, which is unclear to me. Do I just put the executables (not the JAR files or the PDFs) in a dedicated zip file and send that for notary? Or do I need to send everything? And then do I staple the receipt to all of the binaries? Or is what I'm doing right now complete nonsense? I don't want to reorganize the whole distribution just for Mac, as that would then require special user documentation for the one platform.