How to code-sign my python script / package packaged for mac using pyinstaller without using xcode?

python macos xcode code-signing developer-program

Solution 1:

You can code sign your distribution manually using the codesign tool. Apple's Code Signing Guide includes a section on manually signing code:

Signing Your Code Manually

… In the unusual case that you sign your code manually, or to interrogate an app for details about its signature, you use the codesign command line tool directly. See the codesign man page for a complete enumeration of the options this tool takes.

Depending on the complexity of the bundle being signed, the final command typically looks like:

codesign -s <identity> <absolute-bundle-path>

identity refers to the common name of the signing certificate. For distribution on computers you do not control, you will want to issue an Apple Developer ID using Apple's developer web site.

Notarizing

Once your bundle is code signed, you should ask Apple services to notarize it, see Notarizing macOS Software Before Distribution. This will remove the first run message from Apple warning about possible malware.

As with code signing, a command line approach exists using altool, see Customizing the Notarization Workflow.

Related

How does iOS and apps deal with low to no disk storage?
How do I restore a Mojave Time machine backup on Catalina? [closed]
Doesn't Linq to SQL miss the point? Aren't ORM-mappers (SubSonic, etc.) sub-optimal solutions?
openssl hangs and does not exit
How to stop gunicorn properly
Multiple definition of ... linker error
How to use stringByAddingPercentEncodingWithAllowedCharacters() for a URL in Swift 2.0
Kubernetes not mounting volume
How do you clone a sharepoint 2010 front end server and then add the clone to the farm?
Openstack only building one VM per machine in cluster, then runs out of resources
Entry name 'classes.dex' collided
Block MapiOverHttps from external only