mac binaries are not signed by a valid apple dev account #6935
Labels
kind: bug
Something isn't working
linear: turbo
Issues to sync to Linear for Turborepo team
owned-by: turborepo
Verify canary release
Link to code that reproduces this issue
x
What package manager are you using / does the bug impact?
npm
What operating system are you using?
Mac
Which canary version will you have in your reproduction?
x
Describe the Bug
The binaries used by Turbo are not signed by Apple dev account correctly, and so Google Santa binary validation policies that only allows valid signers can mean that large organisations are limited to using hash whitelists which is not sustainable.
https://github.com/google/santa
cli
https://santa.dev/binaries/santactl.html#fileinfo
Expected Behavior
santactl fileinfo turbo
should not return
Yes
instead ofYes, but ad-hoc
To Reproduce
santactl fileinfo turbo
should not return
Yes
instead ofYes, but ad-hoc
Additional context
No response
TURBO-2009
The text was updated successfully, but these errors were encountered: