{"id":32914,"date":"2021-06-21T16:00:02","date_gmt":"2021-06-21T20:00:02","guid":{"rendered":"https:\/\/mjtsai.com\/blog\/?p=32914"},"modified":"2021-07-26T15:15:18","modified_gmt":"2021-07-26T19:15:18","slug":"altool-update-and-notarytool","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2021\/06\/21\/altool-update-and-notarytool\/","title":{"rendered":"altool Update and notarytool"},"content":{"rendered":"

Rosyna Keller<\/a>:<\/p>\n

\n

So here’s a thread of some new stuff in Xcode 12.5’s altool 4.047.1207[…]<\/p>\n

[…]<\/p>\n

For any altool invocation that accepts -p @keychain<\/code>, you can now use --keychain <path to keychain.keychain-db><\/code> to specify the keychain db to store to or retrieve from.<\/p>\n

[…]<\/p>\n

If you’re cursed with DSL or another type of connection that doesn’t let you do ANYTHING if you saturate an upload connection, there’s a new --throttle <Kbps><\/code> option that lets you set a max Kbps value, as an integer.<\/p>\n

I can’t remember if this is very new, but there’s a new --show-progress<\/code> option that shows progress during altool operations and doesn’t require you to use --verbose<\/code>.<\/p>\n<\/blockquote>\n\n

Apple<\/a>:<\/p>\n

\n

Notarization works in tandem with macOS to help people safely download software for their Mac outside of the App Store. Discover how notarytool<\/code> can help you quickly and easily notarize your Mac app for distribution. We’ll show you how you can now notarize your apps with just a single command, and how to bring notarization into your continuous integration workflows.<\/p>\n<\/blockquote>\n\n

Rosyna Keller<\/a>:<\/p>\n

altool<\/code> is effectively deprecated for notarization (but not for the App Store!). The new normal is notarytool<\/code> and the docs<\/a> have been updated to discuss notarytool<\/code>.<\/p>\n

notarytool<\/code> includes such neat features as a wait<\/code>\/--wait [sub]command<\/code> that replaces manually manual polling in altool<\/code>. When enabled, notarytool<\/code> only returns on error, or if the submission has been fully processed and it reaches a final state (Accepted, Invalid, et cetera)<\/p>\n

[…]<\/p>\n

Unlike altool<\/code>, notarytool<\/code> has zero external dependencies other than a base macOS install. You can even grab the Xcode 13 Command Line Tools installer, extract notarytool<\/code>, and run it on any Mac running macOS 10.15.7 or later, without installing full Xcode.<\/p>\n

The fact notarytool<\/code>, like stapler<\/code>, is a standalone binary means you can put it on a server without having to install Xcode to use it.<\/p>\n

[…]<\/p>\n

The notice of altool deprecation and the altool-specific docs are now on their own page<\/a>.<\/p><\/blockquote>\n\n

Rosyna Keller<\/a>:<\/p>\n

It supports webhooks too (--webhook <callback url><\/code>) but the process for that hasn’t been fully documented yet. There’s just a small aside in the new notarization documentation that it’s a valid option. So if you don’t want to use wait, you can be asynchronously notified.<\/p><\/blockquote>\n\n

I’m still seeing lots of cases where altool<\/code> gets stuck, and the upload never finishes. It eventually logs an error and exits, but the process reports success, which confuses my build script. Then I can’t try it again without doing a new build because it thinks an upload is already in progress. Hopefully notarytool<\/code> will work better.<\/p>\n\n

Previously:<\/p>\n