[jira] [Commented] (TIKA-4702) Tika 3.3.0 breaks builds due to unsigned binaries

[Tim Allison (Jira)]

    [ 
https://issues.apache.org/jira/browse/TIKA-4702?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18068831#comment-18068831
 ] 

Tim Allison commented on TIKA-4702:
-----------------------------------

Fellow devs, any idea what change led to this?

What, specifically, is the fix?

> Tika 3.3.0 breaks builds due to unsigned binaries
> -------------------------------------------------
>
>                 Key: TIKA-4702
>                 URL: https://issues.apache.org/jira/browse/TIKA-4702
>             Project: Tika
>          Issue Type: Bug
>          Components: tika-app, tika-server
>    Affects Versions: 3.3.0
>            Reporter: Alexander Veit
>            Priority: Critical
>
> Tika 3.3.0 (server, app) is no longer compatible with macOS since the JAR 
> contains unsigned binaries.
> In builds this leads to the following failures:
> {code:java}
>   "issues": [
>     {
>       "severity": "error",
>       "code": null,
>       "path": 
> "foo/tika/tika-app-3.3.0.jar/darwin/aarch64/libzstd-jni-1.5.7-4.dylib",
>       "message": "The binary is not signed with a valid Developer ID 
> certificate.",
>       "docUrl": 
> "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087721";,
>       "architecture": "arm64"
>     },
>     {
>       "severity": "error",
>       "code": null,
>       "path": 
> "foo/tika/tika-app-3.3.0.jar/darwin/aarch64/libzstd-jni-1.5.7-4.dylib",
>       "message": "The signature does not include a secure timestamp.",
>       "docUrl": 
> "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087733";,
>       "architecture": "arm64"
>     },
>     {
>       "severity": "error",
>       "code": null,
>       "path": 
> "foo/tika/tika-app-3.3.0.jar/darwin/x86_64/libzstd-jni-1.5.7-4.dylib",
>       "message": "The binary is not signed.",
>       "docUrl": 
> "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarizat
> ion_issues#3087721",
>       "architecture": "x86_64"
>     },
>     {
>       "severity": "error",
>       "code": null,
>       "path": 
> "foo/tika/tika-app-3.3.0.jar/darwin/x86_64/libzstd-jni-1.5.7-4.dylib",
>       "message": "The signature does not include a secure timestamp.",
>       "docUrl": 
> "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087733";,
>       "architecture": "x86_64"
>     },
>     {
>       "severity": "error",
>       "code": null,
>       "path": 
> "foo/tika/tika-server-standard-3.3.0.jar/darwin/aarch64/libzstd-jni-1.5.7-4.dylib",
>       "message": "The binary is not signed with a valid Developer ID 
> certificate.",
>       "docUrl": 
> "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087721";,
>       "architecture": "arm64"
>     },
>     {
>       "severity": "error",
>       "code": null,
>       "path": 
> "foo/tika/tika-server-standard-3.3.0.jar/darwin/aarch64/libzstd-jni-1.5.7-4.dylib",
>       "message": "The signature does not include a secure timestamp.",
>       "docUrl": 
> "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087733";,
>       "architecture": "arm64"
>     },
>     {
>       "severity": "error",
>       "code": null,
>       "path": 
> "foo/tika/tika-server-standard-3.3.0.jar/darwin/x86_64/libzstd-jni-1.5.7-4.dylib",
>       "message": "The binary is not signed.",
>       "docUrl": 
> "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087721";,
>       "architecture": "x86_64"
>     },
>     {
>       "severity": "error",
>       "code": null,
>       "path": 
> "foo/tika/tika-server-standard-3.3.0.jar/darwin/x86_64/libzstd-jni-1.5.7-4.dylib",
>       "message": "The signature does not include a secure timestamp.",
>       "docUrl": 
> "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087733";,
>       "architecture": "x86_64"
>     } {code}
> The problem did not exist with Tika 3.2.3.
> Signing the binaries should solve the issue.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)