Hi Chris--

> > > Can't you sign the .app + the two scripts together?
> >
> > No; well, not with the scripts where you want them. The thing being
> > signed has to conform to a particular Apple "bundle" format, which
> > wants everything to be rooted in the .app directory.
>
> Could the scripts be placed in the .app directory then, as siblings of
> the Contents dir?

     No, that's what got this conversation started in the first place
(when Apple changed their signing code for MacOS 10.9.5). The bundle
format that the signing code now requires does not allow for siblings of
the Contents directory. That's why I suggested putting those scripts in
.app/Contents/LinuxAndWindows/. Since there's only one choice of where
to look next at the ".app" and "Contents" levels, and "LinuxAndWindows"
is obvious, even an impatient newbie will find the scripts, and we avoid
any ZIP-within-a-ZIP silliness.

> I'm not understanding the... requirement of the inner-Zip...

     The format of the contents of the ZIP has to be a certain way for
the signing-zip-unzip process to yield a valid signature. This includes
the .app directory itself having no siblings, and there being no
siblings of .app/Contents/. Please, if yer gonna get angry, get angry at
Apple (and tell them!). I certainly will. I think it's incredibly stupid
that I'm not allowed to have a .app/README file. It's Unix heresy! :)

     Let's please save any further discussion of this for the next board
meeting, when we can all speak interactively. Thanks!


-C

--
Craig Latta
netjam.org
+31   6 2757 7177 (SMS ok)
+ 1 415  287 3547 (no SMS)