Hi
We have a .pkg that needs to be signed. Is it possibe to say productsign to use the sha256 hash while signing the .pkg?
For binaries, I guess codesign checks the LC_VERSION_MIN_MACOSX of the binary and decides to put into both sha1 and sha2 or just the sha1 based on the deployement target. How is this supposed work on .pkg?
Thanks in advance