[](https://dl.circleci.com/status-badge/redirect/gh/hasii2011/py2appsigner/tree/master)
[](https://GitHub.com/Naereen/StrapDown.js/graphs/commit-activity)
[](https://badge.fury.io/py/py2appsigner)
## Rationale
These utilities help me sign Python applications built with [py2app](https://github.com/ronaldoussoren/py2app). This project is a Python rewrite of the one I implemented
using [Bash](https://www.gnu.org/software/bash/manual/bash.html) scripts. See
the [CodeSigningScripts](https://github.com/hasii2011/CodeSigningScripts) repository. The source article for this code and
the shell scripts is still [here](https://hsanchezii.wordpress.com/2021/10/06/code-signing-python-py2app-applications/). The
motivation to do this in Python was that supporting different Python versions necessitated implementing version specific scripts
when signing the Python libraries and applications. I thought that was unsustainable.
The goals for this project are:
- Consistent CLI interface across Python versions
- Installable in a developer's virtual environment
- Default the signing parameters to environment variables. This allows for short CLI invocations. However, still allow CLI parameter overrides
- Use the built-in keychain to store the notarization tool application ID. This avoid having to either key-in or recall from the bash history a long, long application ID.
Installation
```bash
pip install py2appsigner
```
## Dependencies
This project uses [Click](https://click.palletsprojects.com/) for CLI handling
## Required Environment Variables
The above commands depend on the following environment variables.
```bash
PROJECTS_BASE - The local directory where the python projects are based
PROJECT - The name of the project; It should be a directory name
IDENTITY - Your Apple Developer ID
```
An example, of a PROJECTS_BASE is:
```bash
export PROJECTS_BASE="${HOME}/PycharmProjects"
```
This should be set in your shell startup script. For example `.bash_profile`.
The PROJECT environment variable should be set on a project by project basis. I recommend you use [direnv](https://direnv.net) to manage
these. An example of a .envrc follows:
```bash
export PROJECT=pyutmodel
source pyenv-3.10.6/bin/activate
```
## Python Console Scripts
### Sign the internal zip file
```bash
py2appSign -p 3.11 -d pyut -a Pyut zipsign
```
### Sign the application
```bash
py2appSign -p 3.11 -d pyut -a Pyut appsign
```
### Notarize the application
```bash
appNotarize -d pyut -a Pyut --verbose
```
### Staple the application
```bash
appStaple -d pyut -a Pyut --verbose
```
### Verify application signing
```bash
appVerify -d pyut -a Pyut
```
### Utility Scripts
#### Notarization History
```bash
notaryTool history
```
##### Specify a profile name
```bash
notaryTool -p NOTARY_TOOL_APP_ID history
```
Stores the history in the file `notaryHistory.log`.
#### Notary Details
```bash
notaryTool information -i <submission id)
```
`e.g. 5f57fc1e-23d3-42ab-b0ad-ec1d2635c4ad
`
##### Specify a profile name
```bash
notaryTool -p NOTARY_TOOL_APP_ID information -i <submission id>
```
`e.g. 5f57fc1e-23d3-42ab-b0ad-ec1d2635c4ad`
Stores the output in the file `notary-{submission id}.log`
___
Written by <a href="mailto:email@humberto.a.sanchez.ii@gmail.com?subject=Hello Humberto">Humberto A. Sanchez II</a> (C) 2023
---
## Note
For all kind of problems, requests, enhancements, bug reports, etc.,
please drop me an e-mail.
I am concerned about GitHub's Copilot project
I urge you to read about the
[Give up GitHub](https://GiveUpGitHub.org) campaign from [the Software Freedom Conservancy](https://sfconservancy.org).
While I do not advocate for all the issues listed there I do not like that a company like Microsoft may profit from open source projects.
I continue to use GitHub because it offers the services I need for free. But, I continue to monitor their terms of service.
Any use of this project's code by GitHub Copilot, past or present, is done without my permission. I do not consent to GitHub's use of this project's code in Copilot.
Raw data
{
"_id": null,
"home_page": null,
"name": "py2appsigner",
"maintainer": null,
"docs_url": null,
"requires_python": null,
"maintainer_email": "\"Humberto A. Sanchez II\" <Humbert.A.Sanchez.II@gmail.com>",
"keywords": "code signing, py2app, python",
"author": null,
"author_email": "\"Humberto A. Sanchez II\" <Humbert.A.Sanchez.II@gmail.com>",
"download_url": "https://files.pythonhosted.org/packages/04/6a/790478f73bf7e22ea1c4e70ae8f67f187c332d6f654b91284d61a327013f/py2appsigner-0.6.50.tar.gz",
"platform": null,
"description": "[](https://dl.circleci.com/status-badge/redirect/gh/hasii2011/py2appsigner/tree/master)\n[](https://GitHub.com/Naereen/StrapDown.js/graphs/commit-activity)\n[](https://badge.fury.io/py/py2appsigner)\n\n## Rationale\n\nThese utilities help me sign Python applications built with [py2app](https://github.com/ronaldoussoren/py2app). This project is a Python rewrite of the one I implemented \nusing [Bash](https://www.gnu.org/software/bash/manual/bash.html) scripts. See\nthe [CodeSigningScripts](https://github.com/hasii2011/CodeSigningScripts) repository. The source article for this code and \nthe shell scripts is still [here](https://hsanchezii.wordpress.com/2021/10/06/code-signing-python-py2app-applications/). The \nmotivation to do this in Python was that supporting different Python versions necessitated implementing version specific scripts \nwhen signing the Python libraries and applications. I thought that was unsustainable.\n\nThe goals for this project are:\n\n- Consistent CLI interface across Python versions \n- Installable in a developer's virtual environment\n- Default the signing parameters to environment variables. This allows for short CLI invocations. However, still allow CLI parameter overrides\n- Use the built-in keychain to store the notarization tool application ID. This avoid having to either key-in or recall from the bash history a long, long application ID.\n\nInstallation\n```bash\npip install py2appsigner\n```\n## Dependencies\n\nThis project uses [Click](https://click.palletsprojects.com/) for CLI handling\n\n\n## Required Environment Variables\n\nThe above commands depend on the following environment variables.\n\n```bash\nPROJECTS_BASE - The local directory where the python projects are based\nPROJECT - The name of the project; It should be a directory name\nIDENTITY - Your Apple Developer ID \n```\n\n An example, of a PROJECTS_BASE is:\n\n```bash\nexport PROJECTS_BASE=\"${HOME}/PycharmProjects\" \n```\n\nThis should be set in your shell startup script. For example `.bash_profile`.\n\nThe PROJECT environment variable should be set on a project by project basis. I recommend you use [direnv](https://direnv.net) to manage \nthese. An example of a .envrc follows:\n\n```bash\nexport PROJECT=pyutmodel\nsource pyenv-3.10.6/bin/activate\n```\n\n## Python Console Scripts\n\n### Sign the internal zip file\n\n```bash\npy2appSign -p 3.11 -d pyut -a Pyut zipsign\n```\n\n\n### Sign the application\n\n```bash\npy2appSign -p 3.11 -d pyut -a Pyut appsign\n```\n\n\n### Notarize the application\n\n```bash\nappNotarize -d pyut -a Pyut --verbose\n```\n\n\n### Staple the application\n\n```bash\nappStaple -d pyut -a Pyut --verbose\n```\n\n\n### Verify application signing\n\n```bash\nappVerify -d pyut -a Pyut\n```\n\n\n### Utility Scripts\n\n#### Notarization History\n\n```bash\nnotaryTool history\n```\n\n##### Specify a profile name\n\n```bash\nnotaryTool -p NOTARY_TOOL_APP_ID history\n```\n\nStores the history in the file `notaryHistory.log`.\n\n#### Notary Details\n\n```bash\nnotaryTool information -i <submission id)\n```\n`e.g. 5f57fc1e-23d3-42ab-b0ad-ec1d2635c4ad\n`\n\n##### Specify a profile name\n\n```bash\nnotaryTool -p NOTARY_TOOL_APP_ID information -i <submission id>\n```\n`e.g. 5f57fc1e-23d3-42ab-b0ad-ec1d2635c4ad`\n\nStores the output in the file `notary-{submission id}.log`\n\n\n\n___\n\nWritten by <a href=\"mailto:email@humberto.a.sanchez.ii@gmail.com?subject=Hello Humberto\">Humberto A. Sanchez II</a> (C) 2023\n\n---\n\n## Note\nFor all kind of problems, requests, enhancements, bug reports, etc.,\nplease drop me an e-mail.\n\n\n\n\nI am concerned about GitHub's Copilot project\n\n\n\nI urge you to read about the\n[Give up GitHub](https://GiveUpGitHub.org) campaign from [the Software Freedom Conservancy](https://sfconservancy.org).\n\nWhile I do not advocate for all the issues listed there I do not like that a company like Microsoft may profit from open source projects.\n\nI continue to use GitHub because it offers the services I need for free. But, I continue to monitor their terms of service.\n\nAny use of this project's code by GitHub Copilot, past or present, is done without my permission. I do not consent to GitHub's use of this project's code in Copilot.\n",
"bugtrack_url": null,
"license": "GNU AFFERO GENERAL PUBLIC LICENSE",
"summary": "Scripts to Code Sign py2app applications",
"version": "0.6.50",
"project_urls": {
"Repository": "https://github.com/hasii2011/py2appsigner"
},
"split_keywords": [
"code signing",
" py2app",
" python"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "442f5f7b80bbd9a214ffa171b0d890fd8275fec3a5af4e8fcdb1e9b67f3c4986",
"md5": "d9bb3b3edb536306e2bafaad74754c12",
"sha256": "8ac0035127a87c34883653452667e69d280f2da06cd94d2ef4857b5bc6c8bc45"
},
"downloads": -1,
"filename": "py2appsigner-0.6.50-py3-none-any.whl",
"has_sig": false,
"md5_digest": "d9bb3b3edb536306e2bafaad74754c12",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": null,
"size": 30986,
"upload_time": "2024-10-15T00:42:23",
"upload_time_iso_8601": "2024-10-15T00:42:23.813360Z",
"url": "https://files.pythonhosted.org/packages/44/2f/5f7b80bbd9a214ffa171b0d890fd8275fec3a5af4e8fcdb1e9b67f3c4986/py2appsigner-0.6.50-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "046a790478f73bf7e22ea1c4e70ae8f67f187c332d6f654b91284d61a327013f",
"md5": "a4ec7fd078f16c2a6c76523f9054baa1",
"sha256": "b8e4c5eba29ef325c13481356ade5fd217b2b65b8ff7eb6b62e5a18da4117c69"
},
"downloads": -1,
"filename": "py2appsigner-0.6.50.tar.gz",
"has_sig": false,
"md5_digest": "a4ec7fd078f16c2a6c76523f9054baa1",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 26999,
"upload_time": "2024-10-15T00:42:25",
"upload_time_iso_8601": "2024-10-15T00:42:25.550816Z",
"url": "https://files.pythonhosted.org/packages/04/6a/790478f73bf7e22ea1c4e70ae8f67f187c332d6f654b91284d61a327013f/py2appsigner-0.6.50.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-10-15 00:42:25",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "hasii2011",
"github_project": "py2appsigner",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"circle": true,
"requirements": [],
"lcname": "py2appsigner"
}
JSON
