This is a trickier question than it seems at first blush.
I can confirm that the Notary API doesn’t vend tickets. The question is whether it should. If you got a ticket back from the API, what would you do with it?
There are three targets supported by stapler
:
Of these, only the first one is relevant. That’s because, for the last two:
-
The built-in tools don’t let you supply a ticket to staple when you create these containers.
-
Apple doesn’t document the .dmg
and .pkg
formats [1], so you can’t write your own replacement for stapler
.
With regards app bundles, we don’t officially document where the ticket goes their either, but it’s trivial to work out.
The question is, is the app bundle case a sufficient justification for the Notary API to support an endpoint to return tickets? I dunno, but I guess it wouldn’t hurt to ask. I recommend that you file an enhancement request explaining your rationale.
Please post your bug number, just for the record.
The workaround is, of course, to run the stapler
command.
avoid requiring xtools
stapler
is part of the developer tools. You can avoid the need to install all of Xcode by installing the Command Line Tools package.
If you don’t want to do even that, you can copy stapler
from that package and add it to you C{I,D} machine. Such shenanigans are most definitely unsupported [2], but it’ll work in this case.
If you decide to do this, it’s especially important that you file that ER.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
[1] That doesn’t stop folks from reverse engineering them, primarily to use on non-Apple C{I,D} systems. But it’s hard to use that as a justification for your ER.
[2] Except in the case of notarytool
, where we explicitly support that.