[![CircleCI](https://dl.circleci.com/status-badge/img/gh/hasii2011/py2appsigner/tree/master.svg?style=shield)](https://dl.circleci.com/status-badge/redirect/gh/hasii2011/py2appsigner/tree/master)
[![Maintenance](https://img.shields.io/badge/Maintained%3F-yes-green.svg)](https://GitHub.com/Naereen/StrapDown.js/graphs/commit-activity)
[![PyPI version](https://badge.fury.io/py/py2appsigner.svg)](https://badge.fury.io/py/py2appsigner)
## Rationale
These utilities help me sign Python applications built with [py2app](https://github.com/ronaldoussoren/py2app). This project is a Python rewrite of the one I implemented
using [Bash](https://www.gnu.org/software/bash/manual/bash.html) scripts. See
the [CodeSigningScripts](https://github.com/hasii2011/CodeSigningScripts) repository. The source article for this code and
the shell scripts is still [here](https://hsanchezii.wordpress.com/2021/10/06/code-signing-python-py2app-applications/). The
motivation to do this in Python was that supporting different Python versions necessitated implementing version specific scripts
when signing the Python libraries and applications. I thought that was unsustainable.
The goals for this project are:
- Consistent CLI interface across Python versions
- Installable in a developer's virtual environment
- Default the signing parameters to environment variables. This allows for short CLI invocations. However, still allow CLI parameter overrides
- Use the built-in keychain to store the notarization tool application ID. This avoid having to either key-in or recall from the bash history a long, long application ID.
Installation
```bash
pip install py2appsigner
```
## Dependencies
This project uses [Click](https://click.palletsprojects.com/) for CLI handling
## Required Environment Variables
The above commands depend on the following environment variables.
```bash
PROJECTS_BASE - The local directory where the python projects are based
PROJECT - The name of the project; It should be a directory name
IDENTITY - Your Apple Developer ID
```
An example, of a PROJECTS_BASE is:
```bash
export PROJECTS_BASE="${HOME}/PycharmProjects"
```
This should be set in your shell startup script. For example `.bash_profile`.
The PROJECT environment variable should be set on a project by project basis. I recommend you use [direnv](https://direnv.net) to manage
these. An example of a .envrc follows:
```bash
export PROJECT=pyutmodel
source pyenv-3.10.6/bin/activate
```
## Python Console Scripts
### Sign the internal zip file
```bash
py2appSign -p 3.11 -d pyut -a Pyut zipsign
```
### Sign the application
```bash
py2appSign -p 3.11 -d pyut -a Pyut appsign
```
### Notarize the application
```bash
appNotarize -d pyut -a Pyut --verbose
```
### Staple the application
```bash
appStaple -d pyut -a Pyut --verbose
```
### Verify application signing
```bash
appVerify -d pyut -a Pyut
```
### Utility Scripts
#### Notarization History
```bash
notaryTool history
```
##### Specify a profile name
```bash
notaryTool -p NOTARY_TOOL_APP_ID history
```
Stores the history in the file `notaryHistory.log`.
#### Notary Details
```bash
notaryTool information -i <submission id)
```
`e.g. 5f57fc1e-23d3-42ab-b0ad-ec1d2635c4ad
`
##### Specify a profile name
```bash
notaryTool -p NOTARY_TOOL_APP_ID information -i <submission id>
```
`e.g. 5f57fc1e-23d3-42ab-b0ad-ec1d2635c4ad`
Stores the output in the file `notary-{submission id}.log`
___
Written by <a href="mailto:email@humberto.a.sanchez.ii@gmail.com?subject=Hello Humberto">Humberto A. Sanchez II</a> (C) 2025
---
## Note
For all kind of problems, requests, enhancements, bug reports, etc.,
please drop me an e-mail.
![Humberto's Modified Logo](https://raw.githubusercontent.com/wiki/hasii2011/gittodoistclone/images/SillyGitHub.png)
I am concerned about GitHub's Copilot project
I urge you to read about the
[Give up GitHub](https://GiveUpGitHub.org) campaign from [the Software Freedom Conservancy](https://sfconservancy.org).
While I do not advocate for all the issues listed there I do not like that a company like Microsoft may profit from open source projects.
I continue to use GitHub because it offers the services I need for free. But, I continue to monitor their terms of service.
Any use of this project's code by GitHub Copilot, past or present, is done without my permission. I do not consent to GitHub's use of this project's code in Copilot.
Raw data
{
"_id": null,
"home_page": null,
"name": "py2appsigner",
"maintainer": null,
"docs_url": null,
"requires_python": null,
"maintainer_email": "\"Humberto A. Sanchez II\" <Humbert.A.Sanchez.II@gmail.com>",
"keywords": "code signing, py2app, python",
"author": null,
"author_email": "\"Humberto A. Sanchez II\" <Humbert.A.Sanchez.II@gmail.com>",
"download_url": "https://files.pythonhosted.org/packages/65/5b/798bcb77bb87ffe0e8566b254a87a4e3d965a01a9bbd2c96d61206d31507/py2appsigner-0.6.70.tar.gz",
"platform": null,
"description": "[![CircleCI](https://dl.circleci.com/status-badge/img/gh/hasii2011/py2appsigner/tree/master.svg?style=shield)](https://dl.circleci.com/status-badge/redirect/gh/hasii2011/py2appsigner/tree/master)\n[![Maintenance](https://img.shields.io/badge/Maintained%3F-yes-green.svg)](https://GitHub.com/Naereen/StrapDown.js/graphs/commit-activity)\n[![PyPI version](https://badge.fury.io/py/py2appsigner.svg)](https://badge.fury.io/py/py2appsigner)\n\n## Rationale\n\nThese utilities help me sign Python applications built with [py2app](https://github.com/ronaldoussoren/py2app). This project is a Python rewrite of the one I implemented \nusing [Bash](https://www.gnu.org/software/bash/manual/bash.html) scripts. See\nthe [CodeSigningScripts](https://github.com/hasii2011/CodeSigningScripts) repository. The source article for this code and \nthe shell scripts is still [here](https://hsanchezii.wordpress.com/2021/10/06/code-signing-python-py2app-applications/). The \nmotivation to do this in Python was that supporting different Python versions necessitated implementing version specific scripts \nwhen signing the Python libraries and applications. I thought that was unsustainable.\n\nThe goals for this project are:\n\n- Consistent CLI interface across Python versions \n- Installable in a developer's virtual environment\n- Default the signing parameters to environment variables. This allows for short CLI invocations. However, still allow CLI parameter overrides\n- Use the built-in keychain to store the notarization tool application ID. This avoid having to either key-in or recall from the bash history a long, long application ID.\n\nInstallation\n```bash\npip install py2appsigner\n```\n## Dependencies\n\nThis project uses [Click](https://click.palletsprojects.com/) for CLI handling\n\n\n## Required Environment Variables\n\nThe above commands depend on the following environment variables.\n\n```bash\nPROJECTS_BASE - The local directory where the python projects are based\nPROJECT - The name of the project; It should be a directory name\nIDENTITY - Your Apple Developer ID \n```\n\n An example, of a PROJECTS_BASE is:\n\n```bash\nexport PROJECTS_BASE=\"${HOME}/PycharmProjects\" \n```\n\nThis should be set in your shell startup script. For example `.bash_profile`.\n\nThe PROJECT environment variable should be set on a project by project basis. I recommend you use [direnv](https://direnv.net) to manage \nthese. An example of a .envrc follows:\n\n```bash\nexport PROJECT=pyutmodel\nsource pyenv-3.10.6/bin/activate\n```\n\n## Python Console Scripts\n\n### Sign the internal zip file\n\n```bash\npy2appSign -p 3.11 -d pyut -a Pyut zipsign\n```\n\n\n### Sign the application\n\n```bash\npy2appSign -p 3.11 -d pyut -a Pyut appsign\n```\n\n\n### Notarize the application\n\n```bash\nappNotarize -d pyut -a Pyut --verbose\n```\n\n\n### Staple the application\n\n```bash\nappStaple -d pyut -a Pyut --verbose\n```\n\n\n### Verify application signing\n\n```bash\nappVerify -d pyut -a Pyut\n```\n\n\n### Utility Scripts\n\n#### Notarization History\n\n```bash\nnotaryTool history\n```\n\n##### Specify a profile name\n\n```bash\nnotaryTool -p NOTARY_TOOL_APP_ID history\n```\n\nStores the history in the file `notaryHistory.log`.\n\n#### Notary Details\n\n```bash\nnotaryTool information -i <submission id)\n```\n`e.g. 5f57fc1e-23d3-42ab-b0ad-ec1d2635c4ad\n`\n\n##### Specify a profile name\n\n```bash\nnotaryTool -p NOTARY_TOOL_APP_ID information -i <submission id>\n```\n`e.g. 5f57fc1e-23d3-42ab-b0ad-ec1d2635c4ad`\n\nStores the output in the file `notary-{submission id}.log`\n\n\n\n___\n\nWritten by <a href=\"mailto:email@humberto.a.sanchez.ii@gmail.com?subject=Hello Humberto\">Humberto A. Sanchez II</a> (C) 2025\n\n---\n\n## Note\nFor all kind of problems, requests, enhancements, bug reports, etc.,\nplease drop me an e-mail.\n\n\n![Humberto's Modified Logo](https://raw.githubusercontent.com/wiki/hasii2011/gittodoistclone/images/SillyGitHub.png)\n\nI am concerned about GitHub's Copilot project\n\n\n\nI urge you to read about the\n[Give up GitHub](https://GiveUpGitHub.org) campaign from [the Software Freedom Conservancy](https://sfconservancy.org).\n\nWhile I do not advocate for all the issues listed there I do not like that a company like Microsoft may profit from open source projects.\n\nI continue to use GitHub because it offers the services I need for free. But, I continue to monitor their terms of service.\n\nAny use of this project's code by GitHub Copilot, past or present, is done without my permission. I do not consent to GitHub's use of this project's code in Copilot.\n",
"bugtrack_url": null,
"license": "GNU AFFERO GENERAL PUBLIC LICENSE",
"summary": "Scripts to Code Sign py2app applications",
"version": "0.6.70",
"project_urls": {
"Repository": "https://github.com/hasii2011/py2appsigner"
},
"split_keywords": [
"code signing",
" py2app",
" python"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "4e1302ce8317f2c58cc4818eb35ae20b3fd8257436e512d1a10c9604df959384",
"md5": "305ed0c6ecece35495a4a27194ffc470",
"sha256": "013125b1dafdaba63218de2ec7abba7c3d91ec9bb5550caff69dc2e2cc6ba3df"
},
"downloads": -1,
"filename": "py2appsigner-0.6.70-py3-none-any.whl",
"has_sig": false,
"md5_digest": "305ed0c6ecece35495a4a27194ffc470",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": null,
"size": 30986,
"upload_time": "2024-12-21T22:37:35",
"upload_time_iso_8601": "2024-12-21T22:37:35.395289Z",
"url": "https://files.pythonhosted.org/packages/4e/13/02ce8317f2c58cc4818eb35ae20b3fd8257436e512d1a10c9604df959384/py2appsigner-0.6.70-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "655b798bcb77bb87ffe0e8566b254a87a4e3d965a01a9bbd2c96d61206d31507",
"md5": "0d4b6ddb1ad6c39b0c0250a38c41487a",
"sha256": "f0f87e2499298b93ec0f13361cee3b21cf219dabc8276ca8001fd207a786c8cd"
},
"downloads": -1,
"filename": "py2appsigner-0.6.70.tar.gz",
"has_sig": false,
"md5_digest": "0d4b6ddb1ad6c39b0c0250a38c41487a",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 26957,
"upload_time": "2024-12-21T22:37:37",
"upload_time_iso_8601": "2024-12-21T22:37:37.823023Z",
"url": "https://files.pythonhosted.org/packages/65/5b/798bcb77bb87ffe0e8566b254a87a4e3d965a01a9bbd2c96d61206d31507/py2appsigner-0.6.70.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-12-21 22:37:37",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "hasii2011",
"github_project": "py2appsigner",
"travis_ci": true,
"coveralls": false,
"github_actions": true,
"circle": true,
"requirements": [
{
"name": "wheel",
"specs": [
[
"==",
"0.45.1"
]
]
},
{
"name": "setuptools",
"specs": [
[
"==",
"75.6.0"
]
]
},
{
"name": "twine",
"specs": [
[
"==",
"6.0.1"
]
]
},
{
"name": "build",
"specs": [
[
"==",
"1.2.2.post1"
]
]
},
{
"name": "mypy",
"specs": [
[
"==",
"1.14.0"
]
]
},
{
"name": "mypy-extensions",
"specs": [
[
"==",
"1.0.0"
]
]
},
{
"name": "html-testRunner",
"specs": [
[
"~=",
"1.2.1"
]
]
},
{
"name": "click",
"specs": [
[
">=",
"8.1.8"
]
]
},
{
"name": "tqdm",
"specs": [
[
">=",
"4.67.1"
]
]
},
{
"name": "buildlackey",
"specs": [
[
">=",
"1.7.0"
]
]
},
{
"name": "codeallybasic",
"specs": [
[
">=",
"1.8.0"
]
]
}
],
"lcname": "py2appsigner"
}