(0031017)
David Cole (manager)
2012-09-12 12:30
edited on: 2012-09-12 12:31

This one is probably not going to happen in time for 2.8.10, but thanks for the report. We'll discuss it.

I'll put it on the roadmap anyway, but it's likely we don't have enough time to address this before we do rc1 for 2.8.10...

(0031270)
David Cole (manager)
2012-10-18 11:17

These bugs were deferred from target version 2.8.10 to 2.8.11 based on the responses to this email thread on the CMake developer's mailing list:

http://public.kitware.com/pipermail/cmake-developers/2012-October/005434.html [^]

(0032288)
Jean-Christophe Fillion-Robin (reporter)
2013-02-15 10:28

Cross-referencing - See also Slicer issue http://www.na-mic.org/Bug/view.php?id=2708 [^]

(0038556)
Eric Wing (reporter)
2015-04-20 12:29
edited on: 2015-04-20 12:30

After fixes discussed in http://www.cmake.org/Bug/view.php?id=15507, [^] this is my remaining script needed to code sign CMake.

#!/bin/zsh

# gets the script path
# script_path=${0:a}
# gets the directory in which the script resides
SCRIPT_DIR=${0:a:h}

CODE_SIGN_IDENTITY="Developer ID"

if [ -z $1 ]; then
echo "Usage: codesign_cmake /path/CMake.app"
exit 1
fi

CMAKE_DIR=$1

codesign --force --verbose --sign "$CODE_SIGN_IDENTITY" "$CMAKE_DIR"/Contents/Frameworks/QtCore.framework/Versions/4/QtCore
codesign --force --verbose --sign "$CODE_SIGN_IDENTITY" "$CMAKE_DIR"/Contents/Frameworks/QtGui.framework/Versions/4/QtGui
find "$CMAKE_DIR"/Contents/bin -type f -exec codesign --force --verbose --sign "$CODE_SIGN_IDENTITY" {} \;
find "$CMAKE_DIR"/Contents/MacOS -type f -exec codesign --force --verbose --sign "$CODE_SIGN_IDENTITY" {} \;

codesign --force --verbose --sign "$CODE_SIGN_IDENTITY" "$CMAKE_DIR"

(0038557)
Brad King (manager)
2015-04-20 12:38

For reference, since CMake 3.1 the OS X binaries are packaged with the CPack DragNDrop installer instead of PackageMaker:

OS X: Package with DragNDrop instead of PackageMaker
http://cmake.org/gitweb?p=cmake.git;a=commitdiff;h=dc3c2102 [^]

IIUC now one may drag CMake.app -> /Applications without this prompt. Then one can run the command-line tools immediately. It is only when running the cmake-gui that code signing is enforced by OS X.

(0040482)
Eric Wing (reporter)
2016-02-12 21:36

I am trying to sign CMake again to distribute to other users.

The situation has gotten worse.
Somewhere in the 10.9 timeframe, Apple tightened up the codesigning process. Among the changes are that improperly formed .framework bundles will cause an app to fail to be codesigned.

The Qt frameworks are malformed. The workaround I posted no longer works.
Qt 5.4 had the same problem. Various scripts around the net couldn't solve my Qt 5.4 problems and I had to upgrade to 5.5.1.

CMake is in a worse position since it is 4 based.

I'm not sure yet how to fix this.

I am using CMake 3.4.1. I would be happy to learn CMake has since fixed the issue.

(0040656)
Sean McBride (reporter)
2016-03-09 12:46

0015507 is now fixed, allowing CMake.app to actually be signed.

After 4 years now, any chance of the next release actually being signed? :)

(0042121)
Kitware Robot (administrator)
2016-06-10 14:28

Resolving issue as `moved`.

This issue tracker is no longer used. Further discussion of this issue may take place in the current CMake Issues page linked in the banner at the top of this page.

Issue History
Date Modified	Username	Field	Change
2012-09-12 11:33	Sean McBride	New Issue
2012-09-12 11:33	Sean McBride	File Added: CMake-not-signed.png
2012-09-12 12:30	David Cole	Note Added: 0031017
2012-09-12 12:31	David Cole	Note Edited: 0031017
2012-09-12 12:31	David Cole	Target Version	=> CMake 2.8.10
2012-10-18 11:16	David Cole	Target Version	CMake 2.8.10 => CMake 2.8.11
2012-10-18 11:17	David Cole	Note Added: 0031270
2013-02-15 10:29	Jean-Christophe Fillion-Robin	Note Added: 0032288
2013-05-17 09:33	Robert Maynard	Target Version	CMake 2.8.11 => CMake 2.8.12
2015-04-09 10:20	Brad King	Relationship added	related to 0015507
2015-04-20 12:29	Eric Wing	Note Added: 0038556
2015-04-20 12:30	Eric Wing	Note Edited: 0038556
2015-04-20 12:38	Brad King	Note Added: 0038557
2015-04-20 12:39	Brad King	Relationship added	related to 0015515
2016-02-12 21:36	Eric Wing	Note Added: 0040482
2016-03-09 12:46	Sean McBride	Note Added: 0040656
2016-06-10 14:28	Kitware Robot	Note Added: 0042121
2016-06-10 14:28	Kitware Robot	Status	new => resolved
2016-06-10 14:28	Kitware Robot	Resolution	open => moved
2016-06-10 14:28	Kitware Robot	Assigned To	=> Kitware Robot
2016-06-10 14:31	Kitware Robot	Status	resolved => closed

Notes
(0031017) David Cole (manager) 2012-09-12 12:30 edited on: 2012-09-12 12:31	This one is probably not going to happen in time for 2.8.10, but thanks for the report. We'll discuss it. I'll put it on the roadmap anyway, but it's likely we don't have enough time to address this before we do rc1 for 2.8.10...

(0031270) David Cole (manager) 2012-10-18 11:17	These bugs were deferred from target version 2.8.10 to 2.8.11 based on the responses to this email thread on the CMake developer's mailing list: http://public.kitware.com/pipermail/cmake-developers/2012-October/005434.html [^]

(0032288) Jean-Christophe Fillion-Robin (reporter) 2013-02-15 10:28	Cross-referencing - See also Slicer issue http://www.na-mic.org/Bug/view.php?id=2708 [^]

(0038556) Eric Wing (reporter) 2015-04-20 12:29 edited on: 2015-04-20 12:30	After fixes discussed in http://www.cmake.org/Bug/view.php?id=15507, [^] this is my remaining script needed to code sign CMake. #!/bin/zsh # gets the script path # script_path=${0:a} # gets the directory in which the script resides SCRIPT_DIR=${0:a:h} CODE_SIGN_IDENTITY="Developer ID" if [ -z $1 ]; then echo "Usage: codesign_cmake /path/CMake.app" exit 1 fi CMAKE_DIR=$1 codesign --force --verbose --sign "$CODE_SIGN_IDENTITY" "$CMAKE_DIR"/Contents/Frameworks/QtCore.framework/Versions/4/QtCore codesign --force --verbose --sign "$CODE_SIGN_IDENTITY" "$CMAKE_DIR"/Contents/Frameworks/QtGui.framework/Versions/4/QtGui find "$CMAKE_DIR"/Contents/bin -type f -exec codesign --force --verbose --sign "$CODE_SIGN_IDENTITY" {} \; find "$CMAKE_DIR"/Contents/MacOS -type f -exec codesign --force --verbose --sign "$CODE_SIGN_IDENTITY" {} \; codesign --force --verbose --sign "$CODE_SIGN_IDENTITY" "$CMAKE_DIR"

(0038557) Brad King (manager) 2015-04-20 12:38	For reference, since CMake 3.1 the OS X binaries are packaged with the CPack DragNDrop installer instead of PackageMaker: OS X: Package with DragNDrop instead of PackageMaker http://cmake.org/gitweb?p=cmake.git;a=commitdiff;h=dc3c2102 [^] IIUC now one may drag CMake.app -> /Applications without this prompt. Then one can run the command-line tools immediately. It is only when running the cmake-gui that code signing is enforced by OS X.

(0040482) Eric Wing (reporter) 2016-02-12 21:36	I am trying to sign CMake again to distribute to other users. The situation has gotten worse. Somewhere in the 10.9 timeframe, Apple tightened up the codesigning process. Among the changes are that improperly formed .framework bundles will cause an app to fail to be codesigned. The Qt frameworks are malformed. The workaround I posted no longer works. Qt 5.4 had the same problem. Various scripts around the net couldn't solve my Qt 5.4 problems and I had to upgrade to 5.5.1. CMake is in a worse position since it is 4 based. I'm not sure yet how to fix this. I am using CMake 3.4.1. I would be happy to learn CMake has since fixed the issue.

(0040656) Sean McBride (reporter) 2016-03-09 12:46	0015507 is now fixed, allowing CMake.app to actually be signed. After 4 years now, any chance of the next release actually being signed? :)

(0042121) Kitware Robot (administrator) 2016-06-10 14:28	Resolving issue as `moved`. This issue tracker is no longer used. Further discussion of this issue may take place in the current CMake Issues page linked in the banner at the top of this page.