Homebrew
cask/audit: update signing checks for app, binary, and pkg
- [ ] Have you followed the guidelines in our Contributing document?
- [ ] Have you checked to ensure there aren't other open Pull Requests for the same change?
- [ ] Have you added an explanation of what your changes do and why you'd like us to include them?
- [ ] Have you written new tests for your changes? Here's an example.
- [ ] Have you successfully run
brew stylewith your changes locally? - [ ] Have you successfully run
brew typecheckwith your changes locally? - [ ] Have you successfully run
brew testswith your changes locally?
POC changes to address some issues in auditing Casks, where we are failing some valid Casks.
This doc used as the source material for updating the checks. Based on it, the checks should be different where it is an app, a pkg, or a binary.
This is still not complete, as this will still fail some valid Casks (such as GitHub Desktop), and we need to implement (IMHO) some checking directly DMG's to check signature. But hopeful this kickstarts a conversation.
This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.
@MikeMcQuaid sorry about that. Will pick this up and see if I can get it over the line. Need to solve some corner cases involving binaries.
Thanks @MikeMcQuaid - apologies it took a bit to pick back up, will do better going forward ❤️