Hi Michael,

>>> I’m not real familiar with the build process. But would it be possible for 
>>> the user to build their own jdk that substitutes something else for the 
>>> colliding identifier that gets embedded?
>> Yes, it should be possible and in theory such JDK with native commands can 
>> be used. However, current fix will not allow such JDK build, since we 
>> checking for presence of “bin” folder and not if ID is actually unique. To 
>> work around this limitation user can package without native commands first, 
>> then add native commands and re-sign application.
> Signing is currently an integrated part of the process. I thought about 
> making an enhancement request to have it possible to do it stepped. First 
> build the application, then allow the user to post-process that. Maybe run a 
> tool/script to modify the application level Info.plist file. Then allow a 
> second final step that does the signing. I don’t remember if I actually made 
> that enhancement request. But currently there is no way with jpackage to 
> standalone sign the application is there? I think this is somewhat involved 
> with the application bundle being iterated and for one thing each jar being 
> separately code signed? I think it took a release or two of the command to 
> get this correct. So I doubt Xcode could manage it. Is there a way to do the 
> signing standalone with jpackage that I am not aware of?
> If I didn’t do an enhancement request on this I could, if you think jpackage 
> could manage it?

There is no a way to do the signing of standalone app image and app image will 
not get signed if you generating DMG or PKG by providing app image via 
—app-image and specifing signing. Only PKG will get signed if signing is 
specified with —app-image.

Currently jpackage will block following command:
jpackage --type app-image --app-image Test.app --mac-sign ...
Error: Option [--app-image] is not valid with type [app-image]

I think we can allow app-image type with app image input if signing is 
requested and command from above will just sign app image in place.

Generating DMG or PKG from —app-image and with signing enabled will not sign 
app image as it currently do.

If no objections for proposed enhancement I will go ahead and file one.


Reply via email to