Follow-up to #1013 (macOS support).
The macOS osx-arm64 release binaries are unsigned and un-notarized. The curl | bash install path works fine (curl-downloaded files do not receive a Gatekeeper quarantine xattr), but a binary or archive downloaded via a browser will be blocked by Gatekeeper.
Proposed work
Set up Apple Developer code signing + notarytool notarization in .github/workflows/publish_release_binaries.yml for the osx-arm64 artifacts. Requires a paid Apple Developer account and signing secrets configured in the repo.
Context
Deferred from the macOS install-support PR. Documented as a known limitation in the README in the meantime.
Follow-up to #1013 (macOS support).
The macOS
osx-arm64release binaries are unsigned and un-notarized. Thecurl | bashinstall path works fine (curl-downloaded files do not receive a Gatekeeper quarantine xattr), but a binary or archive downloaded via a browser will be blocked by Gatekeeper.Proposed work
Set up Apple Developer code signing +
notarytoolnotarization in.github/workflows/publish_release_binaries.ymlfor theosx-arm64artifacts. Requires a paid Apple Developer account and signing secrets configured in the repo.Context
Deferred from the macOS install-support PR. Documented as a known limitation in the README in the meantime.