├── vendor ├── create-dmg │ ├── examples │ │ └── 01-main-example │ │ │ ├── source_folder │ │ │ └── Application.app │ │ │ ├── installer_background.png │ │ │ └── sample │ ├── .gitignore │ ├── tests │ │ └── 007-space-in-dir-name │ │ │ ├── my files │ │ │ └── hello.txt │ │ │ └── run-test │ ├── .this-is-the-create-dmg-repo │ ├── doc-project │ │ ├── Release Checklist.md │ │ └── Developer Notes.md │ ├── .editorconfig │ ├── builder │ │ └── create-dmg.builder │ ├── Makefile │ ├── LICENSE │ ├── support │ │ ├── template.applescript │ │ └── eula-resources-template.xml │ ├── README.md │ └── create-dmg └── README.md ├── .gitignore ├── .gon.hcl ├── internal ├── config │ ├── testdata │ │ ├── env_appleid.hcl │ │ ├── basic_no_application_identity.hcl │ │ ├── basic.hcl │ │ ├── notarize.hcl │ │ ├── entitle.hcl │ │ ├── notarize_multiple.hcl │ │ ├── env_appleid.hcl.golden │ │ ├── basic.hcl.golden │ │ ├── basic_no_application_identity.hcl.golden │ │ ├── entitle.hcl.golden │ │ ├── notarize.hcl.golden │ │ └── notarize_multiple.hcl.golden │ ├── parse_test.go │ ├── parse.go │ └── config.go └── createdmg │ ├── bindata │ ├── generate.go │ └── bindata.go │ ├── createdmg_test.go │ └── createdmg.go ├── go.mod ├── Makefile ├── sign ├── sign_test.go ├── sign_children_test.go └── sign.go ├── LICENSE ├── notarize ├── error.go ├── status.go ├── notarize_test.go ├── upload_test.go ├── info_test.go ├── upload.go ├── info.go ├── log_test.go ├── log.go └── notarize.go ├── .goreleaser.yml ├── staple └── staple.go ├── .github └── workflows │ └── release.yml ├── cmd └── gon │ ├── status_human.go │ ├── item.go │ └── main.go ├── package ├── zip │ └── zip.go └── dmg │ └── dmg.go ├── go.sum └── README.md /vendor/create-dmg/examples/01-main-example/source_folder/Application.app: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | cmd/gon/gon 2 | dist/ 3 | 4 | # For testing: 5 | config.hcl 6 | -------------------------------------------------------------------------------- /vendor/create-dmg/.gitignore: -------------------------------------------------------------------------------- 1 | .svn 2 | .vscode 3 | 4 | *.dmg 5 | .DS_Store 6 | -------------------------------------------------------------------------------- /vendor/create-dmg/tests/007-space-in-dir-name/my files/hello.txt: -------------------------------------------------------------------------------- 1 | Hello world 2 | -------------------------------------------------------------------------------- /.gon.hcl: -------------------------------------------------------------------------------- 1 | source = ["./dist/macos_darwin_amd64_v1/gon"] 2 | bundle_id = "com.bearer.gon" 3 | 4 | sign {} 5 | 6 | zip { 7 | output_path = "./dist/gon_macos.zip" 8 | } 9 | -------------------------------------------------------------------------------- /internal/config/testdata/env_appleid.hcl: -------------------------------------------------------------------------------- 1 | source = ["./terraform"] 2 | bundle_id = "com.mitchellh.test.terraform" 3 | 4 | sign { 5 | application_identity = "foo" 6 | } 7 | -------------------------------------------------------------------------------- /vendor/create-dmg/.this-is-the-create-dmg-repo: -------------------------------------------------------------------------------- 1 | This is just a dummy file so create-dmg can tell whether it's being run from 2 | inside the Git repo or from an installed location. 3 | -------------------------------------------------------------------------------- /vendor/create-dmg/examples/01-main-example/installer_background.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Bearer/gon/HEAD/vendor/create-dmg/examples/01-main-example/installer_background.png -------------------------------------------------------------------------------- /vendor/create-dmg/tests/007-space-in-dir-name/run-test: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Test for https://github.com/create-dmg/create-dmg/issues/7 - spaces in folder names 4 | 5 | ../../create-dmg "my disk image.dmg" "my files" -------------------------------------------------------------------------------- /internal/createdmg/bindata/generate.go: -------------------------------------------------------------------------------- 1 | package bindata 2 | 3 | //go:generate bash -c "go-bindata -prefix '../../../vendor/create-dmg' -pkg bindata ../../../vendor/create-dmg/* ../../../vendor/create-dmg/.this-is-the-create-dmg-repo" 4 | -------------------------------------------------------------------------------- /internal/config/testdata/basic_no_application_identity.hcl: -------------------------------------------------------------------------------- 1 | source = ["./terraform"] 2 | bundle_id = "com.mitchellh.test.terraform" 3 | 4 | apple_id { 5 | username = "mitchellh@example.com" 6 | password = "hello" 7 | } 8 | 9 | sign {} 10 | -------------------------------------------------------------------------------- /internal/config/testdata/basic.hcl: -------------------------------------------------------------------------------- 1 | source = ["./terraform"] 2 | bundle_id = "com.mitchellh.test.terraform" 3 | 4 | apple_id { 5 | username = "mitchellh@example.com" 6 | password = "hello" 7 | } 8 | 9 | sign { 10 | application_identity = "foo" 11 | } 12 | -------------------------------------------------------------------------------- /vendor/README.md: -------------------------------------------------------------------------------- 1 | # Vendored Projects 2 | 3 | This folder contains vendored 3rd-party projects, libraries, etc. 4 | We commit this to our Git repo as long as licensing allows us to so that 5 | our builds continue to work properly even if the project changes or 6 | is inaccessible. 7 | -------------------------------------------------------------------------------- /internal/config/testdata/notarize.hcl: -------------------------------------------------------------------------------- 1 | source = [] 2 | bundle_id = "com.example.terraform" 3 | 4 | notarize { 5 | path = "/path/to/terraform.pkg" 6 | bundle_id = "foo.bar" 7 | } 8 | 9 | apple_id { 10 | username = "mitchellh@example.com" 11 | password = "hello" 12 | } 13 | -------------------------------------------------------------------------------- /internal/config/testdata/entitle.hcl: -------------------------------------------------------------------------------- 1 | source = ["./terraform"] 2 | bundle_id = "com.mitchellh.test.terraform" 3 | 4 | apple_id { 5 | username = "mitchellh@example.com" 6 | password = "hello" 7 | } 8 | 9 | sign { 10 | application_identity = "foo" 11 | entitlements_file = "/path/to/example.entitlements" 12 | } 13 | -------------------------------------------------------------------------------- /internal/config/testdata/notarize_multiple.hcl: -------------------------------------------------------------------------------- 1 | source = [] 2 | bundle_id = "" 3 | 4 | notarize { 5 | path = "/path/to/terraform.pkg" 6 | bundle_id = "foo.bar" 7 | } 8 | 9 | notarize { 10 | path = "/path/to/terraform.pkg" 11 | bundle_id = "foo.bar" 12 | staple = true 13 | } 14 | 15 | apple_id { 16 | username = "mitchellh@example.com" 17 | password = "hello" 18 | } 19 | -------------------------------------------------------------------------------- /vendor/create-dmg/doc-project/Release Checklist.md: -------------------------------------------------------------------------------- 1 | # Release Checklist 2 | 3 | - Update the version in `create-dmg`'s `pure_version` function 4 | - Remove the "-SNAPSHOT" suffix 5 | - Commit 6 | - Tag the release as `vX.X.X` 7 | - `git push --tags` 8 | - Create a release on the GitHub project page 9 | - Open development on the next release 10 | - Bump the version number and add a "-SNAPSHOT" suffix to it 11 | -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- 1 | module github.com/bearer/gon 2 | 3 | go 1.13 4 | 5 | require ( 6 | github.com/davecgh/go-spew v1.1.1 7 | github.com/fatih/color v1.7.0 8 | github.com/hashicorp/go-hclog v0.9.3-0.20191025211905-234833755cb2 9 | github.com/hashicorp/go-multierror v1.0.0 10 | github.com/hashicorp/hcl/v2 v2.0.0 11 | github.com/sebdah/goldie v1.0.0 12 | github.com/stretchr/testify v1.3.0 13 | howett.net/plist v0.0.0-20181124034731-591f970eefbb 14 | ) 15 | -------------------------------------------------------------------------------- /vendor/create-dmg/.editorconfig: -------------------------------------------------------------------------------- 1 | # EditorConfig for create-dmg project 2 | # EditorConfig is awesome: https://EditorConfig.org 3 | 4 | root = true 5 | 6 | [*] 7 | end_of_line = lf 8 | insert_final_newline = true 9 | charset = utf-8 10 | 11 | # We use tabs in our own code 12 | [{create-dmg,*.applescript,*.sh}] 13 | indent_style = tab 14 | indent_size = 2 15 | 16 | # But the Python code we pull in from pyhacker uses spaces 17 | [*.py] 18 | indent_style = space 19 | indent_size = 4 20 | -------------------------------------------------------------------------------- /internal/config/testdata/env_appleid.hcl.golden: -------------------------------------------------------------------------------- 1 | (*config.Config)({ 2 | Source: ([]string) (len=1 cap=1) { 3 | (string) (len=11) "./terraform" 4 | }, 5 | BundleId: (string) (len=28) "com.mitchellh.test.terraform", 6 | Notarize: ([]config.Notarize) , 7 | Sign: (*config.Sign)({ 8 | ApplicationIdentity: (string) (len=3) "foo", 9 | EntitlementsFile: (string) "" 10 | }), 11 | AppleId: (*config.AppleId)(), 12 | Zip: (*config.Zip)(), 13 | Dmg: (*config.Dmg)() 14 | }) 15 | -------------------------------------------------------------------------------- /internal/createdmg/createdmg_test.go: -------------------------------------------------------------------------------- 1 | package createdmg 2 | 3 | import ( 4 | "context" 5 | "path/filepath" 6 | "testing" 7 | 8 | "github.com/stretchr/testify/require" 9 | ) 10 | 11 | func TestCmd(t *testing.T) { 12 | require := require.New(t) 13 | 14 | cmd, err := Cmd(context.Background()) 15 | defer Close(cmd) 16 | require.NoError(err) 17 | require.FileExists(cmd.Path) 18 | require.FileExists(filepath.Join(cmd.Path, "..", "support", "dmg-license.py")) 19 | 20 | require.NoError(Close(cmd)) 21 | require.NoError(Close(cmd)) 22 | } 23 | -------------------------------------------------------------------------------- /internal/config/testdata/basic.hcl.golden: -------------------------------------------------------------------------------- 1 | (*config.Config)({ 2 | Source: ([]string) (len=1 cap=1) { 3 | (string) (len=11) "./terraform" 4 | }, 5 | BundleId: (string) (len=28) "com.mitchellh.test.terraform", 6 | Notarize: ([]config.Notarize) , 7 | Sign: (*config.Sign)({ 8 | ApplicationIdentity: (string) (len=3) "foo", 9 | EntitlementsFile: (string) "" 10 | }), 11 | AppleId: (*config.AppleId)({ 12 | Username: (string) (len=21) "mitchellh@example.com", 13 | Password: (string) (len=5) "hello", 14 | Provider: (string) "" 15 | }), 16 | Zip: (*config.Zip)(), 17 | Dmg: (*config.Dmg)() 18 | }) 19 | -------------------------------------------------------------------------------- /internal/config/testdata/basic_no_application_identity.hcl.golden: -------------------------------------------------------------------------------- 1 | (*config.Config)({ 2 | Source: ([]string) (len=1 cap=1) { 3 | (string) (len=11) "./terraform" 4 | }, 5 | BundleId: (string) (len=28) "com.mitchellh.test.terraform", 6 | Notarize: ([]config.Notarize) , 7 | Sign: (*config.Sign)({ 8 | ApplicationIdentity: (string) "", 9 | EntitlementsFile: (string) "" 10 | }), 11 | AppleId: (*config.AppleId)({ 12 | Username: (string) (len=21) "mitchellh@example.com", 13 | Password: (string) (len=5) "hello", 14 | Provider: (string) "" 15 | }), 16 | Zip: (*config.Zip)(), 17 | Dmg: (*config.Dmg)() 18 | }) 19 | -------------------------------------------------------------------------------- /internal/config/testdata/entitle.hcl.golden: -------------------------------------------------------------------------------- 1 | (*config.Config)({ 2 | Source: ([]string) (len=1 cap=1) { 3 | (string) (len=11) "./terraform" 4 | }, 5 | BundleId: (string) (len=28) "com.mitchellh.test.terraform", 6 | Notarize: ([]config.Notarize) , 7 | Sign: (*config.Sign)({ 8 | ApplicationIdentity: (string) (len=3) "foo", 9 | EntitlementsFile: (string) (len=29) "/path/to/example.entitlements" 10 | }), 11 | AppleId: (*config.AppleId)({ 12 | Username: (string) (len=21) "mitchellh@example.com", 13 | Password: (string) (len=5) "hello", 14 | Provider: (string) "" 15 | }), 16 | Zip: (*config.Zip)(), 17 | Dmg: (*config.Dmg)() 18 | }) 19 | -------------------------------------------------------------------------------- /internal/config/testdata/notarize.hcl.golden: -------------------------------------------------------------------------------- 1 | (*config.Config)({ 2 | Source: ([]string) { 3 | }, 4 | BundleId: (string) (len=21) "com.example.terraform", 5 | Notarize: ([]config.Notarize) (len=1 cap=1) { 6 | (config.Notarize) { 7 | Path: (string) (len=22) "/path/to/terraform.pkg", 8 | BundleId: (string) (len=7) "foo.bar", 9 | Staple: (bool) false 10 | } 11 | }, 12 | Sign: (*config.Sign)(), 13 | AppleId: (*config.AppleId)({ 14 | Username: (string) (len=21) "mitchellh@example.com", 15 | Password: (string) (len=5) "hello", 16 | Provider: (string) "" 17 | }), 18 | Zip: (*config.Zip)(), 19 | Dmg: (*config.Dmg)() 20 | }) 21 | -------------------------------------------------------------------------------- /vendor/create-dmg/builder/create-dmg.builder: -------------------------------------------------------------------------------- 1 | SET app_name create-dmg 2 | 3 | VERSION create-dmg.cur create-dmg heads/master 4 | 5 | NEWDIR build.dir temp %-build - 6 | 7 | NEWFILE create-dmg.zip featured %.zip % 8 | 9 | 10 | COPYTO [build.dir] 11 | INTO create-dmg [create-dmg.cur]/create-dmg 12 | INTO sample [create-dmg.cur]/sample 13 | INTO support [create-dmg.cur]/support 14 | 15 | SUBSTVARS [build.dir]/create-dmg [[]] 16 | 17 | 18 | ZIP [create-dmg.zip] 19 | INTO [build-files-prefix] [build.dir] 20 | 21 | 22 | PUT megabox-builds create-dmg.zip 23 | PUT megabox-builds build.log 24 | 25 | PUT s3-builds create-dmg.zip 26 | PUT s3-builds build.log 27 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | # release will package the distribution packages, sign, and notarize. It 2 | # will then upload the release to GitHub and publish the Homebrew tap. 3 | # 4 | # AFTER THIS YOU MUST MANUALLY DELETE the checksums.txt file since it is 5 | # incomplete and we don't need checksums since our artifacts are signed. 6 | release: 7 | goreleaser --rm-dist 8 | .PHONY: release 9 | 10 | clean: 11 | rm -rf dist/ 12 | .PHONY: clean 13 | 14 | # Update the TOC in the README. 15 | readme/toc: 16 | doctoc --notitle README.md 17 | .PHONY: readme/toc 18 | 19 | vendor: vendor/create-dmg 20 | 21 | vendor/create-dmg: 22 | rm -rf vendor/create-dmg 23 | git clone https://github.com/andreyvit/create-dmg vendor/create-dmg 24 | rm -rf vendor/create-dmg/.git 25 | 26 | -------------------------------------------------------------------------------- /sign/sign_test.go: -------------------------------------------------------------------------------- 1 | package sign 2 | 3 | import ( 4 | "context" 5 | "os" 6 | "testing" 7 | 8 | "github.com/hashicorp/go-hclog" 9 | "github.com/stretchr/testify/require" 10 | ) 11 | 12 | func TestMain(m *testing.M) { 13 | // Set our default logger 14 | logger := hclog.L() 15 | logger.SetLevel(hclog.Trace) 16 | hclog.SetDefault(logger) 17 | 18 | // If we got a subcommand, run that 19 | if v := os.Getenv(childEnv); v != "" && childCommands[v] != nil { 20 | os.Exit(childCommands[v]()) 21 | } 22 | 23 | os.Exit(m.Run()) 24 | } 25 | 26 | func TestSign_success(t *testing.T) { 27 | require.NoError(t, Sign(context.Background(), &Options{ 28 | Files: []string{"foo"}, 29 | Identity: "bar", 30 | Logger: hclog.L(), 31 | BaseCmd: childCmd(t, "success"), 32 | })) 33 | } 34 | -------------------------------------------------------------------------------- /internal/config/testdata/notarize_multiple.hcl.golden: -------------------------------------------------------------------------------- 1 | (*config.Config)({ 2 | Source: ([]string) { 3 | }, 4 | BundleId: (string) "", 5 | Notarize: ([]config.Notarize) (len=2 cap=2) { 6 | (config.Notarize) { 7 | Path: (string) (len=22) "/path/to/terraform.pkg", 8 | BundleId: (string) (len=7) "foo.bar", 9 | Staple: (bool) false 10 | }, 11 | (config.Notarize) { 12 | Path: (string) (len=22) "/path/to/terraform.pkg", 13 | BundleId: (string) (len=7) "foo.bar", 14 | Staple: (bool) true 15 | } 16 | }, 17 | Sign: (*config.Sign)(), 18 | AppleId: (*config.AppleId)({ 19 | Username: (string) (len=21) "mitchellh@example.com", 20 | Password: (string) (len=5) "hello", 21 | Provider: (string) "" 22 | }), 23 | Zip: (*config.Zip)(), 24 | Dmg: (*config.Dmg)() 25 | }) 26 | -------------------------------------------------------------------------------- /internal/config/parse_test.go: -------------------------------------------------------------------------------- 1 | package config 2 | 3 | import ( 4 | "os" 5 | "path/filepath" 6 | "testing" 7 | 8 | "github.com/davecgh/go-spew/spew" 9 | "github.com/sebdah/goldie" 10 | "github.com/stretchr/testify/require" 11 | ) 12 | 13 | func init() { 14 | goldie.FixtureDir = "testdata" 15 | spew.Config.DisablePointerAddresses = true 16 | } 17 | 18 | func TestParseFile(t *testing.T) { 19 | f, err := os.Open("testdata") 20 | require.NoError(t, err) 21 | defer f.Close() 22 | 23 | fis, err := f.Readdir(-1) 24 | require.NoError(t, err) 25 | for _, fi := range fis { 26 | if fi.IsDir() { 27 | continue 28 | } 29 | 30 | if filepath.Ext(fi.Name()) == ".golden" { 31 | continue 32 | } 33 | 34 | t.Run(fi.Name(), func(t *testing.T) { 35 | cfg, err := ParseFile(filepath.Join("testdata", fi.Name())) 36 | require.NoError(t, err) 37 | goldie.Assert(t, fi.Name(), []byte(spew.Sdump(cfg))) 38 | }) 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /vendor/create-dmg/examples/01-main-example/sample: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | APP_NAME="Application" 4 | DMG_FILE_NAME="${APP_NAME}-Installer.dmg" 5 | VOLUME_NAME="${APP_NAME} Installer" 6 | SOURCE_FOLDER_PATH="source_folder/" 7 | 8 | if [[ -e ../../create-dmg ]]; then 9 | # We're running from the repo 10 | CREATE_DMG=../../create-dmg 11 | else 12 | # We're running from an installation under a prefix 13 | CREATE_DMG=../../../../bin/create-dmg 14 | fi 15 | 16 | # Since create-dmg does not clobber, be sure to delete previous DMG 17 | [[ -f "${DMG_FILE_NAME}" ]] && rm "${DMG_FILE_NAME}" 18 | 19 | # Create the DMG 20 | $CREATE_DMG \ 21 | --volname "${VOLUME_NAME}" \ 22 | --background "installer_background.png" \ 23 | --window-pos 200 120 \ 24 | --window-size 800 400 \ 25 | --icon-size 100 \ 26 | --icon "${APP_NAME}.app" 200 190 \ 27 | --hide-extension "${APP_NAME}.app" \ 28 | --app-drop-link 600 185 \ 29 | "${DMG_FILE_NAME}" \ 30 | "${SOURCE_FOLDER_PATH}" 31 | -------------------------------------------------------------------------------- /internal/config/parse.go: -------------------------------------------------------------------------------- 1 | package config 2 | 3 | import ( 4 | "io" 5 | "io/ioutil" 6 | 7 | "github.com/hashicorp/hcl/v2/hclsimple" 8 | ) 9 | 10 | // ParseFile parses the given file for a configuration. The syntax of the 11 | // file is determined based on the filename extension: "hcl" for HCL, 12 | // "json" for JSON, other is an error. 13 | func ParseFile(filename string) (*Config, error) { 14 | var config Config 15 | return &config, hclsimple.DecodeFile(filename, nil, &config) 16 | } 17 | 18 | // Parse parses the configuration from the given reader. The reader will be 19 | // read to completion (EOF) before returning so ensure that the reader 20 | // does not block forever. 21 | // 22 | // format is either "hcl" or "json" 23 | func Parse(r io.Reader, filename, format string) (*Config, error) { 24 | src, err := ioutil.ReadAll(r) 25 | if err != nil { 26 | return nil, err 27 | } 28 | 29 | var config Config 30 | return &config, hclsimple.Decode("config.hcl", src, nil, &config) 31 | } 32 | -------------------------------------------------------------------------------- /vendor/create-dmg/Makefile: -------------------------------------------------------------------------------- 1 | # Makefile for Cowsay 2 | 3 | PACKAGE_TARNAME = create-dmg 4 | 5 | prefix = /usr/local 6 | exec_prefix = ${prefix} 7 | bindir = ${exec_prefix}/bin 8 | datarootdir = ${prefix}/share 9 | datadir = ${datarootdir} 10 | docdir = ${datarootdir}/doc/${PACKAGE_TARNAME} 11 | sysconfdir = ${prefix}/etc 12 | mandir=${datarootdir}/man 13 | srcdir = . 14 | 15 | SHELL = /bin/sh 16 | INSTALL = install 17 | INSTALL_PROGRAM = $(INSTALL) 18 | INSTALL_DATA = ${INSTALL} -m 644 19 | 20 | .PHONY: install uninstall 21 | 22 | install: create-dmg 23 | $(INSTALL) -d $(DESTDIR)$(prefix) 24 | $(INSTALL) -d $(DESTDIR)$(bindir) 25 | $(INSTALL_PROGRAM) create-dmg $(DESTDIR)$(bindir)/create-dmg 26 | $(INSTALL) -d $(DESTDIR)$(datadir)/$(PACKAGE_TARNAME) 27 | cp -R support $(DESTDIR)$(datadir)/$(PACKAGE_TARNAME) 28 | cp -R examples $(DESTDIR)$(datadir)/$(PACKAGE_TARNAME) 29 | cp -R tests $(DESTDIR)$(datadir)/$(PACKAGE_TARNAME) 30 | 31 | uninstall: 32 | rm -f $(DESTDIR)$(bindir)/create-dmg 33 | rm -rf $(DESTDIR)$(datadir)/$(PACKAGE_TARNAME) 34 | -------------------------------------------------------------------------------- /sign/sign_children_test.go: -------------------------------------------------------------------------------- 1 | package sign 2 | 3 | import ( 4 | "os" 5 | "os/exec" 6 | "path/filepath" 7 | "testing" 8 | ) 9 | 10 | // childEnv is the env var that must be set to trigger a child command. 11 | const childEnv = "GON_TEST_CHILD" 12 | 13 | // childCommands is the list of commands we support 14 | var childCommands = map[string]func() int{ 15 | "success": childSuccess, 16 | } 17 | 18 | // childCmd is used to create a command that executes a command in the 19 | // childCommands map in a new process. 20 | func childCmd(t *testing.T, name string, args ...string) *exec.Cmd { 21 | t.Helper() 22 | 23 | // Get the path to our executable 24 | selfPath, err := filepath.Abs(os.Args[0]) 25 | if err != nil { 26 | t.Fatalf("error creating child command: %s", err) 27 | return nil 28 | } 29 | 30 | cmd := exec.Command(selfPath, args...) 31 | cmd.Env = os.Environ() 32 | cmd.Env = append(cmd.Env, childEnv+"="+name) 33 | cmd.Stdout = os.Stdout 34 | cmd.Stderr = os.Stderr 35 | 36 | return cmd 37 | } 38 | 39 | func childSuccess() int { 40 | println("success") 41 | return 0 42 | } 43 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2019 Mitchell Hashimoto 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /notarize/error.go: -------------------------------------------------------------------------------- 1 | package notarize 2 | 3 | import ( 4 | "fmt" 5 | 6 | "github.com/hashicorp/go-multierror" 7 | ) 8 | 9 | // Error is the error structure generated by the notarization tool. 10 | type Error struct { 11 | Code int64 `plist:"code"` 12 | Message string `plist:"message"` 13 | UserInfo map[string]string `plist:"userInfo"` 14 | } 15 | 16 | // Errors is a list of error and also implements error. 17 | type Errors []Error 18 | 19 | // Error implements error 20 | func (err Error) Error() string { 21 | return fmt.Sprintf("%s (%d)", err.Message, err.Code) 22 | } 23 | 24 | // Error implements error 25 | func (err Errors) Error() string { 26 | if len(err) == 0 { 27 | return "no errors" 28 | } 29 | 30 | var result error 31 | for _, e := range err { 32 | result = multierror.Append(result, e) 33 | } 34 | 35 | return result.Error() 36 | } 37 | 38 | // ContainsCode returns true if the errors list has an error with the given code. 39 | func (err Errors) ContainsCode(code int64) bool { 40 | for _, e := range err { 41 | if e.Code == code { 42 | return true 43 | } 44 | } 45 | 46 | return false 47 | } 48 | -------------------------------------------------------------------------------- /vendor/create-dmg/LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2008-2014 Andrey Tarantsov 4 | Copyright (c) 2020 Andrew Janke 5 | 6 | Permission is hereby granted, free of charge, to any person obtaining a copy 7 | of this software and associated documentation files (the "Software"), to deal 8 | in the Software without restriction, including without limitation the rights 9 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 10 | copies of the Software, and to permit persons to whom the Software is 11 | furnished to do so, subject to the following conditions: 12 | 13 | The above copyright notice and this permission notice shall be included in all 14 | copies or substantial portions of the Software. 15 | 16 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 19 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 21 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 22 | SOFTWARE. 23 | -------------------------------------------------------------------------------- /.goreleaser.yml: -------------------------------------------------------------------------------- 1 | env: 2 | - GO111MODULE=on 3 | 4 | before: 5 | hooks: 6 | - go mod download 7 | 8 | builds: 9 | - id: macos 10 | env: 11 | - CGO_ENABLED=0 12 | goos: 13 | - darwin 14 | goarch: 15 | - amd64 16 | dir: ./cmd/gon/ 17 | 18 | archives: 19 | - id: macos 20 | format: zip 21 | name_template: >- 22 | {{- .ProjectName }}_ 23 | {{- if eq .Os "darwin" }}macos 24 | {{- else }}{{ .Os }}{{ end }} 25 | 26 | checksum: 27 | disable: true 28 | 29 | signs: 30 | - signature: "${artifact}_macos.zip" 31 | ids: 32 | - macos 33 | cmd: gon 34 | args: 35 | - .gon.hcl 36 | artifacts: all 37 | 38 | snapshot: 39 | name_template: "{{ .Tag }}-next" 40 | 41 | changelog: 42 | sort: asc 43 | filters: 44 | exclude: 45 | - "README" 46 | 47 | release: 48 | ids: 49 | - none 50 | extra_files: 51 | - glob: ./dist/gon_macos.zip 52 | 53 | brews: 54 | - # Name template of the recipe 55 | name: gon 56 | folder: Formula 57 | repository: 58 | owner: Bearer 59 | name: homebrew-tap 60 | token: "{{ .Env.HOMEBREW_TAP_GITHUB_TOKEN }}" 61 | description: "Sign, notarize, and package macOS CLI applications written in any language." 62 | -------------------------------------------------------------------------------- /internal/createdmg/createdmg.go: -------------------------------------------------------------------------------- 1 | package createdmg 2 | 3 | import ( 4 | "context" 5 | "io/ioutil" 6 | "os" 7 | "os/exec" 8 | "path/filepath" 9 | 10 | "github.com/bearer/gon/internal/createdmg/bindata" 11 | ) 12 | 13 | // Cmd returns an *exec.Cmd that has the Path prepopulated to execute the 14 | // create-dmg script. You MUST call Close on this command when you're done. 15 | func Cmd(ctx context.Context) (*exec.Cmd, error) { 16 | // Create a temporary directory where we'll extract the project 17 | td, err := ioutil.TempDir("", "createdmg") 18 | if err != nil { 19 | return nil, err 20 | } 21 | 22 | // Extract the create-dmg project 23 | if err := bindata.RestoreAssets(td, ""); err != nil { 24 | os.RemoveAll(td) 25 | return nil, err 26 | } 27 | 28 | // Create a command 29 | return exec.CommandContext(ctx, filepath.Join(td, "create-dmg")), nil 30 | } 31 | 32 | // Close cleans up the temporary resources associated with the command. 33 | // This Cmd should've been returned by Cmd otherwise we may delete unrelated 34 | // data. 35 | func Close(cmd *exec.Cmd) error { 36 | // Protect against unset commands 37 | if cmd == nil || cmd.Path == "" || filepath.Base(cmd.Path) == cmd.Path { 38 | return nil 39 | } 40 | 41 | return os.RemoveAll(filepath.Dir(cmd.Path)) 42 | } 43 | -------------------------------------------------------------------------------- /notarize/status.go: -------------------------------------------------------------------------------- 1 | package notarize 2 | 3 | // Status is an interface that can be implemented to receive status callbacks. 4 | // 5 | // All the methods in this interface must NOT block for too long or it'll 6 | // block the notarization process. 7 | type Status interface { 8 | // Submitting is called when the file is being submitted for notarization. 9 | Submitting() 10 | 11 | // Submitted is called when the file is submitted to Apple for notarization. 12 | // The arguments give you access to the requestUUID to query more information. 13 | Submitted(requestUUID string) 14 | 15 | // InfoStatus is called as the status of the submitted package changes. 16 | // The info argument contains additional information about the status. 17 | // Note that some fields in the info argument may not be populated, please 18 | // refer to the docs. 19 | InfoStatus(Info) 20 | 21 | // LogStatus is called as the status of the submitted package changes. 22 | LogStatus(Log) 23 | } 24 | 25 | // noopStatus implements Status and does nothing. 26 | type noopStatus struct{} 27 | 28 | func (noopStatus) Submitting() {} 29 | func (noopStatus) Submitted(string) {} 30 | func (noopStatus) InfoStatus(Info) {} 31 | func (noopStatus) LogStatus(Log) {} 32 | 33 | // Assert that we always implement it 34 | var _ Status = noopStatus{} 35 | -------------------------------------------------------------------------------- /notarize/notarize_test.go: -------------------------------------------------------------------------------- 1 | package notarize 2 | 3 | import ( 4 | "os" 5 | "os/exec" 6 | "path/filepath" 7 | "testing" 8 | 9 | "github.com/hashicorp/go-hclog" 10 | ) 11 | 12 | func TestMain(m *testing.M) { 13 | // Set our default logger 14 | logger := hclog.L() 15 | logger.SetLevel(hclog.Trace) 16 | hclog.SetDefault(logger) 17 | 18 | // If we got a subcommand, run that 19 | if v := os.Getenv(childEnv); v != "" && childCommands[v] != nil { 20 | os.Exit(childCommands[v]()) 21 | } 22 | 23 | os.Exit(m.Run()) 24 | } 25 | 26 | // childEnv is the env var that must be set to trigger a child command. 27 | const childEnv = "GON_TEST_CHILD" 28 | 29 | // childCommands is the list of commands we support 30 | var childCommands = map[string]func() int{} 31 | 32 | // childCmd is used to create a command that executes a command in the 33 | // childCommands map in a new process. 34 | func childCmd(t *testing.T, name string, args ...string) *exec.Cmd { 35 | t.Helper() 36 | 37 | // Get the path to our executable 38 | selfPath, err := filepath.Abs(os.Args[0]) 39 | if err != nil { 40 | t.Fatalf("error creating child command: %s", err) 41 | return nil 42 | } 43 | 44 | cmd := exec.Command(selfPath, args...) 45 | cmd.Env = os.Environ() 46 | cmd.Env = append(cmd.Env, childEnv+"="+name) 47 | cmd.Stdout = os.Stdout 48 | cmd.Stderr = os.Stderr 49 | 50 | return cmd 51 | } 52 | -------------------------------------------------------------------------------- /vendor/create-dmg/doc-project/Developer Notes.md: -------------------------------------------------------------------------------- 1 | # create-dmg Developer Notes 2 | 3 | ## Repo layout 4 | 5 | - `create-dmg` in the root of the repo is the main program 6 | - `support/` contains auxiliary scripts used by `create-dmg`; it must be at that relative position to `create-dmg` 7 | - `builder/` contains ???? 8 | - `examples/` contains user-facing examples 9 | - `tests/` contains regression tests for developers 10 | - `doc-project/` contains developer-facing documentation about this project 11 | 12 | ### tests/ 13 | 14 | The `tests/` folder contains regression tests for developers. 15 | 16 | Each test is in its own subfolder. 17 | Each subfolder name should start with a 3-digit number that is the number of the corresponding bug report in create-dmg's GitHub issue tracker. 18 | 19 | The tests are to be run manually, with the results examined manually. 20 | There's no automated script to run them as a suite and check their results. 21 | That might be nice to have. 22 | 23 | ### examples/ 24 | 25 | Each example is in its own subfolder. 26 | The subfolder prefix number is arbitrary; these numbers should roughly be in order of "advancedness" of examples, so it makes sense for users to go through them in order. 27 | 28 | ## Versioning 29 | 30 | As of May 2020, we're using SemVer versioning. 31 | The old version numbers were 4-parters, like "1.0.0.7". 32 | Now we use 3-part SemVer versions, like "1.0.8". 33 | This change happened after version 1.0.0.7; 1.0.8 is the next release after 1.0.0.7. 34 | 35 | The suffix "-SNAPSHOT" is used to denote a version that is still under development. 36 | -------------------------------------------------------------------------------- /notarize/upload_test.go: -------------------------------------------------------------------------------- 1 | package notarize 2 | 3 | import ( 4 | "context" 5 | "fmt" 6 | "strings" 7 | "testing" 8 | 9 | "github.com/hashicorp/go-hclog" 10 | "github.com/stretchr/testify/require" 11 | ) 12 | 13 | func init() { 14 | childCommands["upload-success"] = testCmdUploadSuccess 15 | childCommands["upload-exit-status"] = testCmdUploadExitStatus 16 | } 17 | 18 | func TestUpload_success(t *testing.T) { 19 | uuid, err := upload(context.Background(), &Options{ 20 | Logger: hclog.L(), 21 | BaseCmd: childCmd(t, "upload-success"), 22 | }) 23 | 24 | require.NoError(t, err) 25 | require.Equal(t, uuid, "cfd69166-8e2f-1397-8636-ec06f98e3597") 26 | } 27 | 28 | func TestUpload_exitStatus(t *testing.T) { 29 | uuid, err := upload(context.Background(), &Options{ 30 | Logger: hclog.L(), 31 | BaseCmd: childCmd(t, "upload-exit-status"), 32 | }) 33 | 34 | require.Error(t, err) 35 | require.Empty(t, uuid) 36 | } 37 | 38 | // testCmdUploadSuccess mimicks a successful submission. 39 | func testCmdUploadSuccess() int { 40 | fmt.Println(strings.TrimSpace(` 41 | 42 | 43 | 44 | 45 | id 46 | cfd69166-8e2f-1397-8636-ec06f98e3597 47 | message 48 | Successfully uploaded file 49 | path 50 | /path/to/binary.zip 51 | 52 | 53 | `)) 54 | return 0 55 | } 56 | 57 | // testCmdUploadExitStatus 58 | func testCmdUploadExitStatus() int { 59 | return 1 60 | } 61 | -------------------------------------------------------------------------------- /staple/staple.go: -------------------------------------------------------------------------------- 1 | // Package staple staples a notarization ticket to a file, allowing it 2 | // to be validated offline. This only works for files of type "app", "dmg", 3 | // or "pkg". 4 | package staple 5 | 6 | import ( 7 | "bytes" 8 | "context" 9 | "fmt" 10 | "os/exec" 11 | "path/filepath" 12 | 13 | "github.com/hashicorp/go-hclog" 14 | ) 15 | 16 | // Options are the options for creating the zip archive. 17 | type Options struct { 18 | // File to staple. It is stapled in-place. 19 | File string 20 | 21 | // Logger is the logger to use. If this is nil then no logging will be done. 22 | Logger hclog.Logger 23 | 24 | // BaseCmd is the base command for executing the codesign binary. This is 25 | // used for tests to overwrite where the codesign binary is. 26 | BaseCmd *exec.Cmd 27 | } 28 | 29 | // Staple staples the notarization ticket to a file. 30 | func Staple(ctx context.Context, opts *Options) error { 31 | logger := opts.Logger 32 | if logger == nil { 33 | logger = hclog.NewNullLogger() 34 | } 35 | 36 | // Build our command 37 | var cmd exec.Cmd 38 | if opts.BaseCmd != nil { 39 | cmd = *opts.BaseCmd 40 | } 41 | 42 | // We only set the path if it isn't set. This lets the options set the 43 | // path to the codesigning binary that we use. 44 | if cmd.Path == "" { 45 | path, err := exec.LookPath("xcrun") 46 | if err != nil { 47 | return err 48 | } 49 | cmd.Path = path 50 | } 51 | 52 | cmd.Args = []string{ 53 | filepath.Base(cmd.Path), 54 | "stapler", 55 | "staple", 56 | opts.File, 57 | } 58 | 59 | // We store all output in out for logging and in case there is an error 60 | var out bytes.Buffer 61 | cmd.Stdout = &out 62 | cmd.Stderr = cmd.Stdout 63 | 64 | // Log what we're going to execute 65 | logger.Info("executing stapler", 66 | "file", opts.File, 67 | "command_path", cmd.Path, 68 | "command_args", cmd.Args, 69 | ) 70 | 71 | // Execute 72 | if err := cmd.Run(); err != nil { 73 | logger.Error("error stapling", "err", err, "output", out.String()) 74 | return fmt.Errorf("error stapling:\n\n%s", out.String()) 75 | } 76 | 77 | logger.Info("stapling complete", "file", opts.File) 78 | return nil 79 | } 80 | -------------------------------------------------------------------------------- /vendor/create-dmg/support/template.applescript: -------------------------------------------------------------------------------- 1 | on run (volumeName) 2 | tell application "Finder" 3 | tell disk (volumeName as string) 4 | open 5 | 6 | set theXOrigin to WINX 7 | set theYOrigin to WINY 8 | set theWidth to WINW 9 | set theHeight to WINH 10 | 11 | set theBottomRightX to (theXOrigin + theWidth) 12 | set theBottomRightY to (theYOrigin + theHeight) 13 | set dsStore to "\"" & "/Volumes/" & volumeName & "/" & ".DS_STORE\"" 14 | 15 | tell container window 16 | set current view to icon view 17 | set toolbar visible to false 18 | set statusbar visible to false 19 | set the bounds to {theXOrigin, theYOrigin, theBottomRightX, theBottomRightY} 20 | set statusbar visible to false 21 | REPOSITION_HIDDEN_FILES_CLAUSE 22 | end tell 23 | 24 | set opts to the icon view options of container window 25 | tell opts 26 | set icon size to ICON_SIZE 27 | set text size to TEXT_SIZE 28 | set arrangement to not arranged 29 | end tell 30 | BACKGROUND_CLAUSE 31 | 32 | -- Positioning 33 | POSITION_CLAUSE 34 | 35 | -- Hiding 36 | HIDING_CLAUSE 37 | 38 | -- Application and QL Link Clauses 39 | APPLICATION_CLAUSE 40 | QL_CLAUSE 41 | close 42 | open 43 | -- Force saving of the size 44 | delay 1 45 | 46 | tell container window 47 | set statusbar visible to false 48 | set the bounds to {theXOrigin, theYOrigin, theBottomRightX - 10, theBottomRightY - 10} 49 | end tell 50 | end tell 51 | 52 | delay 1 53 | 54 | tell disk (volumeName as string) 55 | tell container window 56 | set statusbar visible to false 57 | set the bounds to {theXOrigin, theYOrigin, theBottomRightX, theBottomRightY} 58 | end tell 59 | end tell 60 | 61 | --give the finder some time to write the .DS_Store file 62 | delay 3 63 | 64 | set waitTime to 0 65 | set ejectMe to false 66 | repeat while ejectMe is false 67 | delay 1 68 | set waitTime to waitTime + 1 69 | 70 | if (do shell script "[ -f " & dsStore & " ]; echo $?") = "0" then set ejectMe to true 71 | end repeat 72 | log "waited " & waitTime & " seconds for .DS_STORE to be created." 73 | end tell 74 | end run 75 | -------------------------------------------------------------------------------- /.github/workflows/release.yml: -------------------------------------------------------------------------------- 1 | name: Release 2 | on: 3 | workflow_dispatch: 4 | 5 | permissions: 6 | contents: write 7 | packages: write 8 | 9 | env: 10 | GH_USER: "bearer-bot" 11 | 12 | jobs: 13 | tag: 14 | runs-on: ubuntu-latest 15 | 16 | steps: 17 | - uses: actions/checkout@v4 18 | - name: Bump version and push tag 19 | if: startsWith(github.ref, 'refs/tags') != true 20 | id: tag_version 21 | uses: mathieudutour/github-tag-action@v6.1 22 | with: 23 | github_token: ${{ secrets.GITHUB_TOKEN }} 24 | tag_prefix: v 25 | default_bump: patch 26 | outputs: 27 | ref: refs/tags/${{ steps.tag_version.outputs.new_tag || github.ref_name }} 28 | 29 | build: 30 | needs: [tag] 31 | name: build 32 | runs-on: macos-13 33 | steps: 34 | - name: Checkout 35 | uses: actions/checkout@v4 36 | with: 37 | fetch-depth: 0 38 | ref: ${{ needs.tag.outputs.ref }} 39 | - run: git fetch --force --tags 40 | - name: Set up Go 41 | uses: actions/setup-go@v4 42 | with: 43 | go-version: 1.21 44 | - name: Setup Gon 45 | run: brew install Bearer/tap/gon 46 | - name: Import Code-Signing Certificates 47 | uses: Apple-Actions/import-codesign-certs@v2 48 | with: 49 | # The certificates in a PKCS12 file encoded as a base64 string 50 | p12-file-base64: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_P12_BASE64 }} 51 | # The password used to import the PKCS12 file. 52 | p12-password: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_PASSWORD }} 53 | - uses: goreleaser/goreleaser-action@v5 54 | name: Run GoReleaser 55 | with: 56 | version: latest 57 | args: release --clean 58 | env: 59 | GOOS: darwin 60 | GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} 61 | AC_APPLICATION_IDENTITY: ${{ secrets.AC_APPLICATION_IDENTITY }} 62 | AC_USERNAME: ${{ secrets.AC_USERNAME }} 63 | AC_PASSWORD: ${{ secrets.AC_PASSWORD }} 64 | AC_PROVIDER: ${{ secrets.AC_PROVIDER }} 65 | HOMEBREW_TAP_GITHUB_TOKEN: ${{ secrets.BEARER_GITHUB_TOKEN }} 66 | -------------------------------------------------------------------------------- /cmd/gon/status_human.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "fmt" 5 | "os" 6 | "path/filepath" 7 | "strings" 8 | "sync" 9 | 10 | "github.com/fatih/color" 11 | 12 | "github.com/bearer/gon/notarize" 13 | ) 14 | 15 | // statusHuman implements notarize.Status and outputs information to 16 | // the CLI for human consumption. 17 | type statusHuman struct { 18 | Prefix string 19 | Lock *sync.Mutex 20 | 21 | lastInfoStatus string 22 | lastLogStatus string 23 | } 24 | 25 | func (s *statusHuman) Submitting() { 26 | s.Lock.Lock() 27 | defer s.Lock.Unlock() 28 | 29 | color.New().Fprintf(os.Stdout, " %sSubmitting file for notarization...\n", s.Prefix) 30 | } 31 | 32 | func (s *statusHuman) Submitted(uuid string) { 33 | s.Lock.Lock() 34 | defer s.Lock.Unlock() 35 | 36 | color.New().Fprintf(os.Stdout, " %sSubmitted. Request UUID: %s\n", s.Prefix, uuid) 37 | color.New().Fprintf( 38 | os.Stdout, " %sWaiting for results from Apple. This can take minutes to hours.\n", s.Prefix) 39 | } 40 | 41 | func (s *statusHuman) InfoStatus(info notarize.Info) { 42 | s.Lock.Lock() 43 | defer s.Lock.Unlock() 44 | 45 | if info.Status != s.lastInfoStatus { 46 | s.lastInfoStatus = info.Status 47 | color.New().Fprintf(os.Stdout, " %sInfoStatus: %s\n", s.Prefix, info.Status) 48 | } 49 | } 50 | 51 | func (s *statusHuman) LogStatus(log notarize.Log) { 52 | s.Lock.Lock() 53 | defer s.Lock.Unlock() 54 | 55 | if log.Status != s.lastLogStatus { 56 | s.lastLogStatus = log.Status 57 | color.New().Fprintf(os.Stdout, " %sLogStatus: %s\n", s.Prefix, log.Status) 58 | } 59 | } 60 | 61 | // statusPrefixList takes a list of items and returns the prefixes to use 62 | // with status messages for each. The returned slice is guaranteed to be 63 | // allocated and the same length as items. 64 | func statusPrefixList(items []*item) []string { 65 | // Special-case: for lists of one, we don't use any prefix at all. 66 | if len(items) == 1 { 67 | return []string{""} 68 | } 69 | 70 | // Create a list of basenames and also keep track of max length 71 | result := make([]string, len(items)) 72 | max := 0 73 | for idx, f := range items { 74 | result[idx] = filepath.Base(f.Path) 75 | if l := len(result[idx]); l > max { 76 | max = l 77 | } 78 | } 79 | 80 | // Pad all the strings to the max length 81 | for idx, _ := range result { 82 | result[idx] += strings.Repeat(" ", max-len(result[idx])) 83 | result[idx] = fmt.Sprintf("[%s] ", result[idx]) 84 | } 85 | 86 | return result 87 | } 88 | 89 | var _ notarize.Status = (*statusHuman)(nil) 90 | -------------------------------------------------------------------------------- /notarize/info_test.go: -------------------------------------------------------------------------------- 1 | package notarize 2 | 3 | import ( 4 | "context" 5 | "fmt" 6 | "strings" 7 | "testing" 8 | 9 | "github.com/hashicorp/go-hclog" 10 | "github.com/stretchr/testify/require" 11 | ) 12 | 13 | func init() { 14 | childCommands["info-accepted"] = testCmdInfoAcceptedSubmission 15 | childCommands["info-invalid"] = testCmdInfoInvalidSubmission 16 | } 17 | 18 | func TestInfo_accepted(t *testing.T) { 19 | info, err := info(context.Background(), "foo", &Options{ 20 | Logger: hclog.L(), 21 | BaseCmd: childCmd(t, "info-accepted"), 22 | }) 23 | 24 | require := require.New(t) 25 | require.NoError(err) 26 | require.Equal(info.RequestUUID, "32684f68-d63e-49ba-9234-25eeec84b369") 27 | require.Equal(info.Status, "Accepted") 28 | require.Equal(info.StatusMessage, "Successfully received submission info") 29 | } 30 | 31 | func TestInfo_invalid(t *testing.T) { 32 | info, err := info(context.Background(), "foo", &Options{ 33 | Logger: hclog.L(), 34 | BaseCmd: childCmd(t, "info-invalid"), 35 | }) 36 | 37 | require := require.New(t) 38 | require.NoError(err) 39 | require.Equal(info.RequestUUID, "cfd69166-8e2f-1397-8636-ec06f98e3597") 40 | require.Equal(info.Status, "Invalid") 41 | } 42 | 43 | // testCmdInfoAcceptedSubmission mimicks an accepted submission. 44 | func testCmdInfoAcceptedSubmission() int { 45 | fmt.Println(strings.TrimSpace(` 46 | 47 | 48 | 49 | 50 | createdDate 51 | 2023-08-01T08:22:19.939Z 52 | id 53 | 32684f68-d63e-49ba-9234-25eeec84b369 54 | message 55 | Successfully received submission info 56 | name 57 | binary.zip 58 | status 59 | Accepted 60 | 61 | 62 | `)) 63 | return 0 64 | } 65 | 66 | // testCmdInfoInvalidSubmission mimicks an invalid submission. 67 | func testCmdInfoInvalidSubmission() int { 68 | fmt.Println(strings.TrimSpace(` 69 | 70 | 71 | 72 | 73 | createdDate 74 | 2023-08-01T08:12:11.193Z 75 | id 76 | cfd69166-8e2f-1397-8636-ec06f98e3597 77 | message 78 | Successfully received submission info 79 | name 80 | binary.zip 81 | status 82 | Invalid 83 | 84 | 85 | `)) 86 | return 0 87 | } 88 | -------------------------------------------------------------------------------- /vendor/create-dmg/support/eula-resources-template.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | LPic 6 | 7 | 8 | Attributes 9 | 0x0000 10 | Data 11 | 12 | AAAAAgAAAAAAAAAAAAQAAA== 13 | 14 | ID 15 | 5000 16 | Name 17 | 18 | 19 | 20 | STR# 21 | 22 | 23 | Attributes 24 | 0x0000 25 | Data 26 | 27 | AAYNRW5nbGlzaCB0ZXN0MQVBZ3JlZQhEaXNhZ3JlZQVQcmludAdT 28 | YXZlLi4ueklmIHlvdSBhZ3JlZSB3aXRoIHRoZSB0ZXJtcyBvZiB0 29 | aGlzIGxpY2Vuc2UsIGNsaWNrICJBZ3JlZSIgdG8gYWNjZXNzIHRo 30 | ZSBzb2Z0d2FyZS4gSWYgeW91IGRvIG5vdCBhZ3JlZSwgY2xpY2sg 31 | IkRpc2FncmVlIi4= 32 | 33 | ID 34 | 5000 35 | Name 36 | English buttons 37 | 38 | 39 | Attributes 40 | 0x0000 41 | Data 42 | 43 | AAYHRW5nbGlzaAVBZ3JlZQhEaXNhZ3JlZQVQcmludAdTYXZlLi4u 44 | e0lmIHlvdSBhZ3JlZSB3aXRoIHRoZSB0ZXJtcyBvZiB0aGlzIGxp 45 | Y2Vuc2UsIHByZXNzICJBZ3JlZSIgdG8gaW5zdGFsbCB0aGUgc29m 46 | dHdhcmUuIElmIHlvdSBkbyBub3QgYWdyZWUsIGNsaWNrICJEaXNh 47 | Z3JlZSIu 48 | 49 | ID 50 | 5002 51 | Name 52 | English 53 | 54 | 55 | ${EULA_FORMAT} 56 | 57 | 58 | Attributes 59 | 0x0000 60 | Data 61 | 62 | ${EULA_DATA} 63 | 64 | ID 65 | 5000 66 | Name 67 | English 68 | 69 | 70 | TMPL 71 | 72 | 73 | Attributes 74 | 0x0000 75 | Data 76 | 77 | E0RlZmF1bHQgTGFuZ3VhZ2UgSUREV1JEBUNvdW50T0NOVAQqKioq 78 | TFNUQwtzeXMgbGFuZyBJRERXUkQebG9jYWwgcmVzIElEIChvZmZz 79 | ZXQgZnJvbSA1MDAwRFdSRBAyLWJ5dGUgbGFuZ3VhZ2U/RFdSRAQq 80 | KioqTFNURQ== 81 | 82 | ID 83 | 128 84 | Name 85 | LPic 86 | 87 | 88 | styl 89 | 90 | 91 | Attributes 92 | 0x0000 93 | Data 94 | 95 | AAMAAAAAAAwACQAUAAAAAAAAAAAAAAAAACcADAAJABQBAAAAAAAA 96 | AAAAAAAAKgAMAAkAFAAAAAAAAAAAAAA= 97 | 98 | ID 99 | 5000 100 | Name 101 | English 102 | 103 | 104 | 105 | 106 | -------------------------------------------------------------------------------- /notarize/upload.go: -------------------------------------------------------------------------------- 1 | package notarize 2 | 3 | import ( 4 | "bytes" 5 | "context" 6 | "fmt" 7 | "io" 8 | "os/exec" 9 | "path/filepath" 10 | 11 | "github.com/hashicorp/go-hclog" 12 | "howett.net/plist" 13 | ) 14 | 15 | // upload submits the file for notarization and returns the request UUID 16 | // or an error. 17 | func upload(ctx context.Context, opts *Options) (string, error) { 18 | logger := opts.Logger 19 | if logger == nil { 20 | logger = hclog.NewNullLogger() 21 | } 22 | 23 | // Build our command 24 | var cmd exec.Cmd 25 | if opts.BaseCmd != nil { 26 | cmd = *opts.BaseCmd 27 | } 28 | 29 | // We only set the path if it isn't set. This lets the options set the 30 | // path to the codesigning binary that we use. 31 | if cmd.Path == "" { 32 | path, err := exec.LookPath("xcrun") 33 | if err != nil { 34 | return "", err 35 | } 36 | cmd.Path = path 37 | } 38 | 39 | cmd.Args = []string{ 40 | filepath.Base(cmd.Path), 41 | "notarytool", 42 | "submit", opts.File, 43 | "--apple-id", opts.DeveloperId, 44 | "--password", opts.Password, 45 | "--team-id", opts.Provider, 46 | "--output-format", "plist", 47 | } 48 | 49 | // We store all output in out for logging and in case there is an error 50 | var out, combined bytes.Buffer 51 | cmd.Stdout = io.MultiWriter(&out, &combined) 52 | cmd.Stderr = &combined 53 | 54 | // Log what we're going to execute 55 | logger.Info("submitting file for notarization", 56 | "file", opts.File, 57 | "command_path", cmd.Path, 58 | "command_args", cmd.Args, 59 | ) 60 | 61 | // Execute 62 | err := cmd.Run() 63 | 64 | // Log the result 65 | logger.Info("notarization submission complete", 66 | "output", out.String(), 67 | "err", err, 68 | ) 69 | 70 | // If we have any output, try to decode that since even in the case of 71 | // an error it will output some information. 72 | var result uploadResult 73 | if out.Len() > 0 { 74 | if _, perr := plist.Unmarshal(out.Bytes(), &result); perr != nil { 75 | return "", fmt.Errorf("failed to decode notarization submission output: %w", perr) 76 | } 77 | } 78 | 79 | // Now we check the error for actually running the process 80 | if err != nil { 81 | return "", fmt.Errorf("error submitting for notarization:\n\n%s", combined.String()) 82 | } 83 | 84 | // We should have a request UUID set at this point since we checked for errors 85 | if result.RequestUUID == "" { 86 | return "", fmt.Errorf( 87 | "notarization appeared to succeed, but we failed at parsing " + 88 | "the request UUID. Please enable logging, try again, and report " + 89 | "this as a bug.") 90 | } 91 | 92 | logger.Info("notarization request submitted", "request_id", result.RequestUUID) 93 | return result.RequestUUID, nil 94 | 95 | } 96 | 97 | // uploadResult is the plist structure when the upload succeeds 98 | type uploadResult struct { 99 | // Upload is non-nil if there is a successful upload 100 | RequestUUID string `plist:"id"` 101 | } 102 | -------------------------------------------------------------------------------- /sign/sign.go: -------------------------------------------------------------------------------- 1 | // Package sign codesigns files. 2 | package sign 3 | 4 | import ( 5 | "bytes" 6 | "context" 7 | "fmt" 8 | "io" 9 | "os/exec" 10 | 11 | "github.com/hashicorp/go-hclog" 12 | ) 13 | 14 | // Options are the options for Sign. 15 | type Options struct { 16 | // Files are the list of files to sign. This is required. The files 17 | // will be signed _in-place_ so you must take care to copy the files 18 | // to a new location if you do not want these files modified. 19 | Files []string 20 | 21 | // Identity is the identity to use for the signing operation. This is required. 22 | // This value must be a valid value for the `-s` flag for the `codesign` 23 | // binary. See the man pages for that for more help since the value can 24 | // be in a variety of forms. 25 | Identity string 26 | 27 | // Entitlements is an (optional) path to a plist format .entitlements file 28 | Entitlements string 29 | 30 | // Output is an io.Writer where the output of the command will be written. 31 | // If this is nil then the output will only be sent to the log (if set) 32 | // or in the error result value if signing failed. 33 | Output io.Writer 34 | 35 | // Logger is the logger to use. If this is nil then no logging will be done. 36 | Logger hclog.Logger 37 | 38 | // BaseCmd is the base command for executing the codesign binary. This is 39 | // used for tests to overwrite where the codesign binary is. 40 | BaseCmd *exec.Cmd 41 | } 42 | 43 | // Sign signs one or more files returning an error if any. 44 | func Sign(ctx context.Context, opts *Options) error { 45 | logger := opts.Logger 46 | if logger == nil { 47 | logger = hclog.NewNullLogger() 48 | } 49 | 50 | // Build our command 51 | var cmd exec.Cmd 52 | if opts.BaseCmd != nil { 53 | cmd = *opts.BaseCmd 54 | } 55 | 56 | // We only set the path if it isn't set. This lets the options set the 57 | // path to the codesigning binary that we use. 58 | if cmd.Path == "" { 59 | path, err := exec.LookPath("codesign") 60 | if err != nil { 61 | return err 62 | } 63 | cmd.Path = path 64 | } 65 | 66 | cmd.Args = []string{ 67 | "codesign", 68 | "-s", opts.Identity, 69 | "-f", 70 | "-v", 71 | "--timestamp", 72 | "--options", "runtime", 73 | } 74 | 75 | if len(opts.Entitlements) > 0 { 76 | cmd.Args = append(cmd.Args, "--entitlements", opts.Entitlements) 77 | } 78 | 79 | // Append the files that we want to sign 80 | cmd.Args = append(cmd.Args, opts.Files...) 81 | 82 | // We store all output in out for logging and in case there is an error 83 | var out bytes.Buffer 84 | cmd.Stdout = &out 85 | 86 | // If we have an output set, we write to both 87 | if opts.Output != nil { 88 | cmd.Stdout = io.MultiWriter(cmd.Stdout, opts.Output) 89 | } 90 | 91 | // We send stderr to the same place as stdout 92 | cmd.Stderr = cmd.Stdout 93 | 94 | // Log what we're going to execute 95 | logger.Info("executing codesigning", 96 | "files", opts.Files, 97 | "command_path", cmd.Path, 98 | "command_args", cmd.Args, 99 | ) 100 | 101 | // Execute 102 | if err := cmd.Run(); err != nil { 103 | logger.Error("error codesigning", "err", err, "output", out.String()) 104 | return fmt.Errorf("error signing:\n\n%s", out.String()) 105 | } 106 | 107 | logger.Info("codesigning complete", "output", out.String()) 108 | return nil 109 | } 110 | -------------------------------------------------------------------------------- /notarize/info.go: -------------------------------------------------------------------------------- 1 | package notarize 2 | 3 | import ( 4 | "bytes" 5 | "context" 6 | "fmt" 7 | "io" 8 | "os/exec" 9 | "path/filepath" 10 | 11 | "github.com/hashicorp/go-hclog" 12 | "howett.net/plist" 13 | ) 14 | 15 | // Info is the information structure for the state of a notarization request. 16 | // 17 | // All fields should be checked against their zero value since certain values 18 | // only become available at different states of the notarization process. If 19 | // we were only able to submit a notarization request and not check the status 20 | // once, only RequestUUID will be set. 21 | type Info struct { 22 | // RequestUUID is the UUID provided by Apple after submitting the 23 | // notarization request. This can be used to look up notarization information 24 | // using the Apple tooling. 25 | RequestUUID string `plist:"id"` 26 | 27 | // Date is the date and time of submission 28 | Date string `plist:"createdDate"` 29 | 30 | // Name is th file uploaded for submission. 31 | Name string `plist:"name"` 32 | 33 | // Status the status of the notarization. 34 | Status string `plist:"status"` 35 | 36 | // StatusMessage is a human-friendly message associated with a status. 37 | StatusMessage string `plist:"message"` 38 | } 39 | 40 | // info requests the information about a notarization and returns 41 | // the updated information. 42 | func info(ctx context.Context, uuid string, opts *Options) (*Info, error) { 43 | logger := opts.Logger 44 | if logger == nil { 45 | logger = hclog.NewNullLogger() 46 | } 47 | 48 | // Build our command 49 | var cmd exec.Cmd 50 | if opts.BaseCmd != nil { 51 | cmd = *opts.BaseCmd 52 | } 53 | 54 | // We only set the path if it isn't set. This lets the options set the 55 | // path to the codesigning binary that we use. 56 | if cmd.Path == "" { 57 | path, err := exec.LookPath("xcrun") 58 | if err != nil { 59 | return nil, err 60 | } 61 | cmd.Path = path 62 | } 63 | 64 | cmd.Args = []string{ 65 | filepath.Base(cmd.Path), 66 | "notarytool", 67 | "info", 68 | uuid, 69 | "--apple-id", opts.DeveloperId, 70 | "--password", opts.Password, 71 | "--team-id", opts.Provider, 72 | "--output-format", "plist", 73 | } 74 | 75 | // We store all output in out for logging and in case there is an error 76 | var out, combined bytes.Buffer 77 | cmd.Stdout = io.MultiWriter(&out, &combined) 78 | cmd.Stderr = &combined 79 | 80 | // Log what we're going to execute 81 | logger.Info("requesting notarization info", 82 | "uuid", uuid, 83 | "command_path", cmd.Path, 84 | "command_args", cmd.Args, 85 | ) 86 | 87 | // Execute 88 | err := cmd.Run() 89 | 90 | // Log the result 91 | logger.Info("notarization info command finished", 92 | "output", out.String(), 93 | "err", err, 94 | ) 95 | 96 | // If we have any output, try to decode that since even in the case of 97 | // an error it will output some information. 98 | var result Info 99 | if out.Len() > 0 { 100 | if _, perr := plist.Unmarshal(out.Bytes(), &result); perr != nil { 101 | return nil, fmt.Errorf("failed to decode notarization submission output: %w", perr) 102 | } 103 | } 104 | 105 | // Now we check the error for actually running the process 106 | if err != nil { 107 | return nil, fmt.Errorf("error checking on notarization status:\n\n%s", combined.String()) 108 | } 109 | 110 | logger.Info("notarization info", "uuid", uuid, "info", result) 111 | return &result, nil 112 | } 113 | -------------------------------------------------------------------------------- /notarize/log_test.go: -------------------------------------------------------------------------------- 1 | package notarize 2 | 3 | import ( 4 | "context" 5 | "fmt" 6 | "strings" 7 | "testing" 8 | 9 | "github.com/hashicorp/go-hclog" 10 | "github.com/stretchr/testify/require" 11 | ) 12 | 13 | func init() { 14 | childCommands["log-accepted"] = testCmdLogValidSubmission 15 | childCommands["log-invalid"] = testCmdLogInvalidSubmission 16 | } 17 | 18 | func TestLog_accepted(t *testing.T) { 19 | log, err := log(context.Background(), "foo", &Options{ 20 | Logger: hclog.L(), 21 | BaseCmd: childCmd(t, "log-accepted"), 22 | }) 23 | 24 | require := require.New(t) 25 | require.NoError(err) 26 | require.Equal(log.JobId, "3382aa04-e417-46a0-b1b4-42eebf85906c") 27 | require.Equal(log.Status, "Accepted") 28 | require.Equal(log.StatusSummary, "Ready for distribution") 29 | require.Equal(len(log.Issues), 0) 30 | require.Equal(len(log.TicketContents), 1) 31 | } 32 | 33 | func TestLog_invalid(t *testing.T) { 34 | log, err := log(context.Background(), "foo", &Options{ 35 | Logger: hclog.L(), 36 | BaseCmd: childCmd(t, "log-invalid"), 37 | }) 38 | 39 | require := require.New(t) 40 | require.NoError(err) 41 | require.Equal(log.JobId, "4ba7c420-7444-44bc-a190-1bd4bad97b13") 42 | require.Equal(log.Status, "Invalid") 43 | require.Equal(log.StatusSummary, "Archive contains critical validation errors") 44 | require.Equal(len(log.TicketContents), 0) 45 | require.Equal(len(log.Issues), 3) 46 | } 47 | 48 | // testCmdLogValidSubmission mimicks an accepted submission. 49 | func testCmdLogValidSubmission() int { 50 | fmt.Println(strings.TrimSpace(` 51 | { 52 | "logFormatVersion": 1, 53 | "jobId": "3382aa04-e417-46a0-b1b4-42eebf85906c", 54 | "status": "Accepted", 55 | "statusSummary": "Ready for distribution", 56 | "statusCode": 0, 57 | "archiveFilename": "gon.zip", 58 | "uploadDate": "2019-11-06T00:51:10Z", 59 | "sha256": "1070be725b5b0c89b8dad699a9080a3bf5809fe68bfe8f84d6ff4a282d661fd1", 60 | "ticketContents": [ 61 | { 62 | "path": "gon.zip/foo", 63 | "digestAlgorithm": "SHA-256", 64 | "cdhash": "b7049085e21423f102d6119bca93d57ebd903289", 65 | "arch": "x86_64" 66 | } 67 | ], 68 | "issues": null 69 | } 70 | `)) 71 | return 0 72 | } 73 | 74 | // testCmdLogInvalidSubmission mimicks an invalid submission. 75 | func testCmdLogInvalidSubmission() int { 76 | fmt.Println(strings.TrimSpace(` 77 | { 78 | "logFormatVersion": 1, 79 | "jobId": "4ba7c420-7444-44bc-a190-1bd4bad97b13", 80 | "status": "Invalid", 81 | "statusSummary": "Archive contains critical validation errors", 82 | "statusCode": 4000, 83 | "archiveFilename": "gon.zip", 84 | "uploadDate": "2019-11-06T00:54:22Z", 85 | "sha256": "c109f26d378fbf1efadc8987fdab79d2ce63155e8941823d4d11a907152e11a5", 86 | "ticketContents": null, 87 | "issues": [ 88 | { 89 | "severity": "error", 90 | "code": null, 91 | "path": "gon.zip/foo", 92 | "message": "The binary is not signed.", 93 | "docUrl": null, 94 | "architecture": "x86_64" 95 | }, 96 | { 97 | "severity": "error", 98 | "code": null, 99 | "path": "gon.zip/foo", 100 | "message": "The signature does not include a secure timestamp.", 101 | "docUrl": null, 102 | "architecture": "x86_64" 103 | }, 104 | { 105 | "severity": "error", 106 | "code": null, 107 | "path": "gon.zip/foo", 108 | "message": "The executable does not have the hardened runtime enabled.", 109 | "docUrl": null, 110 | "architecture": "x86_64" 111 | } 112 | ] 113 | } 114 | `)) 115 | return 0 116 | } 117 | -------------------------------------------------------------------------------- /notarize/log.go: -------------------------------------------------------------------------------- 1 | package notarize 2 | 3 | import ( 4 | "bytes" 5 | "context" 6 | "encoding/json" 7 | "fmt" 8 | "io" 9 | "os/exec" 10 | "path/filepath" 11 | 12 | "github.com/hashicorp/go-hclog" 13 | ) 14 | 15 | // Log Retrieves notarization log for a single completed submission 16 | type Log struct { 17 | JobId string `json:"jobId"` 18 | Status string `json:"status"` 19 | StatusSummary string `json:"statusSummary"` 20 | StatusCode int `json:"statusCode"` 21 | ArchiveFilename string `json:"archiveFilename"` 22 | UploadDate string `json:"uploadDate"` 23 | SHA256 string `json:"sha256"` 24 | Issues []LogIssue `json:"issues"` 25 | TicketContents []LogTicketContent `json:"ticketContents"` 26 | } 27 | 28 | // LogIssue is a single issue that may have occurred during notarization. 29 | type LogIssue struct { 30 | Severity string `json:"severity"` 31 | Path string `json:"path"` 32 | Message string `json:"message"` 33 | } 34 | 35 | // LogTicketContent is an entry that was noted as being within the archive. 36 | type LogTicketContent struct { 37 | Path string `json:"path"` 38 | DigestAlgorithm string `json:"digestAlgorithm"` 39 | CDHash string `json:"cdhash"` 40 | Arch string `json:"arch"` 41 | } 42 | 43 | // log requests the information about a notarization and returns 44 | // the updated information. 45 | func log(ctx context.Context, uuid string, opts *Options) (*Log, error) { 46 | logger := opts.Logger 47 | if logger == nil { 48 | logger = hclog.NewNullLogger() 49 | } 50 | 51 | // Build our command 52 | var cmd exec.Cmd 53 | if opts.BaseCmd != nil { 54 | cmd = *opts.BaseCmd 55 | } 56 | 57 | // We only set the path if it isn't set. This lets the options set the 58 | // path to the codesigning binary that we use. 59 | if cmd.Path == "" { 60 | path, err := exec.LookPath("xcrun") 61 | if err != nil { 62 | return nil, err 63 | } 64 | cmd.Path = path 65 | } 66 | 67 | cmd.Args = []string{ 68 | filepath.Base(cmd.Path), 69 | "notarytool", 70 | "log", 71 | uuid, 72 | "--apple-id", opts.DeveloperId, 73 | "--password", opts.Password, 74 | "--team-id", opts.Provider, 75 | } 76 | 77 | // We store all output in out for logging and in case there is an error 78 | var out, combined bytes.Buffer 79 | cmd.Stdout = io.MultiWriter(&out, &combined) 80 | cmd.Stderr = &combined 81 | 82 | // Log what we're going to execute 83 | logger.Info("requesting notarization log", 84 | "uuid", uuid, 85 | "command_path", cmd.Path, 86 | "command_args", cmd.Args, 87 | ) 88 | 89 | // Execute 90 | err := cmd.Run() 91 | 92 | // Log the result 93 | logger.Info("notarization log command finished", 94 | "output", out.String(), 95 | "err", err, 96 | ) 97 | 98 | // If we have any output, try to decode that since even in the case of 99 | // an error it will output some information. 100 | var result Log 101 | // return &result, json.NewDecoder().Decode(&result) 102 | if out.Len() > 0 { 103 | if derr := json.Unmarshal(out.Bytes(), &result); derr != nil { 104 | return nil, fmt.Errorf("failed to decode notarization submission output: %w", derr) 105 | 106 | } 107 | } 108 | 109 | // Now we check the error for actually running the process 110 | if err != nil { 111 | return nil, fmt.Errorf("error checking on notarization status:\n\n%s", combined.String()) 112 | } 113 | 114 | logger.Info("notarization log", "uuid", uuid, "info", result) 115 | return &result, nil 116 | } 117 | -------------------------------------------------------------------------------- /internal/config/config.go: -------------------------------------------------------------------------------- 1 | package config 2 | 3 | // Config is the configuration structure for gon. 4 | type Config struct { 5 | // Source is the list of binary files to sign. 6 | Source []string `hcl:"source,optional"` 7 | 8 | // BundleId is the bundle ID to use for the package that is created. 9 | // This should be in a format such as "com.example.app". The value can 10 | // be anything, this is required by Apple. 11 | BundleId string `hcl:"bundle_id,optional"` 12 | 13 | // Notarize is a single file (usually a .pkg installer or zip) 14 | // that is ready for notarization as-is 15 | Notarize []Notarize `hcl:"notarize,block"` 16 | 17 | // Sign are the settings for code-signing the binaries. 18 | Sign *Sign `hcl:"sign,block"` 19 | 20 | // AppleId are the credentials to use to talk to Apple. 21 | AppleId *AppleId `hcl:"apple_id,block"` 22 | 23 | // Zip, if present, creates a notarized zip file as the output. Note 24 | // that zip files do not support stapling, so the final result will 25 | // require an internet connection on first use to validate the notarization. 26 | Zip *Zip `hcl:"zip,block"` 27 | 28 | // Dmg, if present, creates a dmg file to package the signed `Source` files 29 | // into. Dmg files support stapling so this allows offline usage. 30 | Dmg *Dmg `hcl:"dmg,block"` 31 | } 32 | 33 | // AppleId are the authentication settings for Apple systems. 34 | type AppleId struct { 35 | // Username is your AC username, typically an email. This is required, but will 36 | // be read from the environment via AC_USERNAME if not specified via config. 37 | Username string `hcl:"username,optional"` 38 | 39 | // Password associated to your Apple ID. This is required, but will 40 | // be read from the environment via AC_PASSWORD if not specified via config. 41 | Password string `hcl:"password,optional"` 42 | 43 | // Provider is the AC provider. This is optional and only needs to be 44 | // specified if you're using an Apple ID account that has multiple 45 | // teams. 46 | Provider string `hcl:"provider,optional"` 47 | } 48 | 49 | // Notarize are the options for notarizing a pre-built file. 50 | type Notarize struct { 51 | // Path is the path to the file to notarize. This can be any supported 52 | // filetype (dmg, pkg, app, zip). 53 | Path string `hcl:"path"` 54 | 55 | // BundleId is the bundle ID to use for notarizing this package. 56 | // If this isn't specified then the root bundle_id is inherited. 57 | BundleId string `hcl:"bundle_id"` 58 | 59 | // Staple, if true will staple the notarization ticket to the file. 60 | Staple bool `hcl:"staple,optional"` 61 | } 62 | 63 | // Sign are the options for codesigning the binaries. 64 | type Sign struct { 65 | // ApplicationIdentity is the ID or name of the certificate to 66 | // use for signing binaries. This is used for all binaries in "source". 67 | ApplicationIdentity string `hcl:"application_identity,optional"` 68 | // Specify a path to an entitlements file in plist format 69 | EntitlementsFile string `hcl:"entitlements_file,optional"` 70 | } 71 | 72 | // Dmg are the options for a dmg file as output. 73 | type Dmg struct { 74 | // OutputPath is the path where the final dmg will be saved. 75 | OutputPath string `hcl:"output_path"` 76 | 77 | // Volume name is the name of the volume that shows up in the title 78 | // and sidebar after opening it. 79 | VolumeName string `hcl:"volume_name"` 80 | 81 | // Set position the folder window 82 | WindowPos []string `hcl:"window_pos,optional"` 83 | 84 | // Set size of the folder window 85 | WindowSize []string `hcl:"window_size,optional"` 86 | 87 | // Set window icons size 88 | IconSize string `hcl:"icon_size,optional"` 89 | 90 | // Set position of the file's icon 91 | Icon []string `hcl:"icon,optional"` 92 | 93 | // make a drop link to Applications, at location x, y 94 | AppDropLink []string `hcl:"app_drop_link,optional"` 95 | } 96 | 97 | // Zip are the options for a zip file as output. 98 | type Zip struct { 99 | // OutputPath is the path where the final zip file will be saved. 100 | OutputPath string `hcl:"output_path"` 101 | } 102 | -------------------------------------------------------------------------------- /cmd/gon/item.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "context" 5 | "os" 6 | "sync" 7 | 8 | "github.com/fatih/color" 9 | "github.com/hashicorp/go-hclog" 10 | 11 | "github.com/bearer/gon/internal/config" 12 | "github.com/bearer/gon/notarize" 13 | "github.com/bearer/gon/staple" 14 | ) 15 | 16 | // item represents an item to notarize. 17 | type item struct { 18 | // Path is the path to the file to notarize. 19 | Path string 20 | 21 | // BundleId is the bundle ID to use for this notarization. 22 | BundleId string 23 | 24 | // Staple is true if we should perform stapling on this file. Not 25 | // all files support stapling so the default depends on the type of file. 26 | Staple bool 27 | 28 | // state is the current state of this item. 29 | State itemState 30 | } 31 | 32 | // itemState is the state of an item. 33 | type itemState struct { 34 | Notarized bool 35 | NotarizeError error 36 | 37 | Stapled bool 38 | StapleError error 39 | } 40 | 41 | // processOptions are the shared options for running operations on an item. 42 | type processOptions struct { 43 | Config *config.Config 44 | Logger hclog.Logger 45 | 46 | // Prefix is the prefix string for output 47 | Prefix string 48 | 49 | // OutputLock protects access to the terminal output. 50 | // 51 | // UploadLock protects simultaneous notary submission. 52 | OutputLock *sync.Mutex 53 | UploadLock *sync.Mutex 54 | } 55 | 56 | // notarize notarize & staples the item. 57 | func (i *item) notarize(ctx context.Context, opts *processOptions) error { 58 | lock := opts.OutputLock 59 | 60 | // The bundle ID defaults to the root one 61 | bundleId := i.BundleId 62 | if bundleId == "" { 63 | bundleId = opts.Config.BundleId 64 | } 65 | 66 | // Start notarization 67 | _, _, err := notarize.Notarize(ctx, ¬arize.Options{ 68 | File: i.Path, 69 | DeveloperId: opts.Config.AppleId.Username, 70 | Password: opts.Config.AppleId.Password, 71 | Provider: opts.Config.AppleId.Provider, 72 | Logger: opts.Logger.Named("notarize"), 73 | Status: &statusHuman{Prefix: opts.Prefix, Lock: lock}, 74 | UploadLock: opts.UploadLock, 75 | }) 76 | 77 | // Save the error state. We don't save the notarization result yet 78 | // because we don't know it for sure until we retrieve the log information. 79 | i.State.NotarizeError = err 80 | 81 | // If we had an error, we mention immediate we have an error. 82 | if err != nil { 83 | lock.Lock() 84 | color.New(color.FgRed).Fprintf(os.Stdout, " %sError notarizing\n", opts.Prefix) 85 | lock.Unlock() 86 | } 87 | 88 | // If we aren't notarized, then return 89 | if err := i.State.NotarizeError; err != nil { 90 | return err 91 | } 92 | 93 | // Save our state 94 | i.State.Notarized = true 95 | lock.Lock() 96 | color.New(color.FgGreen).Fprintf(os.Stdout, " %sFile notarized!\n", opts.Prefix) 97 | lock.Unlock() 98 | 99 | // If we aren't stapling we exit now 100 | if !i.Staple { 101 | return nil 102 | } 103 | 104 | // Perform the stapling 105 | lock.Lock() 106 | color.New(color.Bold).Fprintf(os.Stdout, " %sStapling...\n", opts.Prefix) 107 | lock.Unlock() 108 | err = staple.Staple(ctx, &staple.Options{ 109 | File: i.Path, 110 | Logger: opts.Logger.Named("staple"), 111 | }) 112 | 113 | // Save our state 114 | i.State.Stapled = err == nil 115 | i.State.StapleError = err 116 | 117 | // After we're done we want to output information for this 118 | // file right away. 119 | lock.Lock() 120 | if err != nil { 121 | color.New(color.FgRed).Fprintf(os.Stdout, " %sNotarization succeeded but stapling failed\n", opts.Prefix) 122 | lock.Unlock() 123 | return err 124 | } 125 | color.New(color.FgGreen).Fprintf(os.Stdout, " %sFile notarized and stapled!\n", opts.Prefix) 126 | lock.Unlock() 127 | 128 | return nil 129 | } 130 | 131 | // String implements Stringer 132 | func (i *item) String() string { 133 | result := i.Path 134 | switch { 135 | case i.State.Notarized && i.State.Stapled: 136 | result += " (notarized and stapled)" 137 | 138 | case i.State.Notarized: 139 | result += " (notarized)" 140 | } 141 | 142 | return result 143 | } 144 | -------------------------------------------------------------------------------- /package/zip/zip.go: -------------------------------------------------------------------------------- 1 | // Package zip creates the "zip" package format for notarization. 2 | package zip 3 | 4 | import ( 5 | "bytes" 6 | "context" 7 | "io/ioutil" 8 | "os" 9 | "os/exec" 10 | "path/filepath" 11 | 12 | "github.com/hashicorp/go-hclog" 13 | ) 14 | 15 | // Options are the options for creating the zip archive. 16 | type Options struct { 17 | // Files to add to the zip package. 18 | Files []string 19 | 20 | // OutputPath is the path where the zip file will be written. The directory 21 | // containing this path must already exist. If a file already exist here 22 | // it will be overwritten. 23 | OutputPath string 24 | 25 | // Logger is the logger to use. If this is nil then no logging will be done. 26 | Logger hclog.Logger 27 | 28 | // BaseCmd is the base command for executing the codesign binary. This is 29 | // used for tests to overwrite where the codesign binary is. 30 | BaseCmd *exec.Cmd 31 | } 32 | 33 | // Zip creates a zip archive for notarization using the options given. 34 | // 35 | // For now this works by subprocessing to "ditto" which is the recommended 36 | // mechanism by the Apple documentation. We could in the future change to 37 | // using pure Go but given the requirement of gon to run directly on macOS 38 | // machines, we can be sure ditto exists and produces valid output. 39 | func Zip(ctx context.Context, opts *Options) error { 40 | logger := opts.Logger 41 | if logger == nil { 42 | logger = hclog.NewNullLogger() 43 | } 44 | 45 | // Setup our root directory with the given files. 46 | root, err := createRoot(ctx, logger, opts) 47 | if err != nil { 48 | return err 49 | } 50 | defer os.RemoveAll(root) 51 | 52 | // Make our command for creating the archive 53 | cmd, err := dittoCmd(ctx, opts.BaseCmd) 54 | if err != nil { 55 | return err 56 | } 57 | 58 | cmd.Args = []string{ 59 | filepath.Base(cmd.Path), 60 | "-c", // create an archive 61 | "-k", // create a PKZip archive, not CPIO 62 | } 63 | cmd.Args = append(cmd.Args, root) 64 | cmd.Args = append(cmd.Args, opts.OutputPath) 65 | 66 | // We store all output in out for logging and in case there is an error 67 | var out bytes.Buffer 68 | cmd.Stdout = &out 69 | cmd.Stderr = cmd.Stdout 70 | 71 | // Log what we're going to execute 72 | logger.Info("executing ditto for zip archive creation", 73 | "output_path", opts.OutputPath, 74 | "command_path", cmd.Path, 75 | "command_args", cmd.Args, 76 | ) 77 | 78 | // Execute 79 | if err = cmd.Run(); err != nil { 80 | logger.Error("error creating zip archive", "err", err, "output", out.String()) 81 | return err 82 | } 83 | 84 | logger.Info("zip archive creation complete", "output", out.String()) 85 | return nil 86 | } 87 | 88 | // dittoCmd returns an *exec.Cmd ready for executing `ditto` based on 89 | // the given base command. 90 | func dittoCmd(ctx context.Context, base *exec.Cmd) (*exec.Cmd, error) { 91 | path, err := exec.LookPath("ditto") 92 | if err != nil { 93 | return nil, err 94 | } 95 | 96 | // Copy the base command so we don't modify it. If it isn't set then 97 | // we create a new command. 98 | var cmd *exec.Cmd 99 | if base == nil { 100 | cmd = exec.CommandContext(ctx, path) 101 | } else { 102 | cmdCopy := *base 103 | cmd = &cmdCopy 104 | } 105 | 106 | // We only set the path if it isn't set. This lets the options set the 107 | // path to the codesigning binary that we use. 108 | if cmd.Path == "" { 109 | cmd.Path = path 110 | } 111 | 112 | return cmd, nil 113 | } 114 | 115 | // createRoot creates a root directory we can use `ditto` that contains all 116 | // the given Files as input. This lets us support multiple files. 117 | // 118 | // If the returned directory value is non-empty, you must defer to remove 119 | // the directory since it is meant to be a temporary directory. 120 | // 121 | // The directory is guaranteed to be empty if error is non-nil. 122 | func createRoot(ctx context.Context, logger hclog.Logger, opts *Options) (string, error) { 123 | // Build our copy command 124 | cmd, err := dittoCmd(ctx, opts.BaseCmd) 125 | if err != nil { 126 | return "", err 127 | } 128 | 129 | // Create our root directory 130 | root, err := ioutil.TempDir("", "gon-createzip") 131 | if err != nil { 132 | return "", err 133 | } 134 | 135 | // Setup our args to copy our files into the root 136 | cmd.Args = []string{ 137 | filepath.Base(cmd.Path), 138 | } 139 | cmd.Args = append(cmd.Args, opts.Files...) 140 | cmd.Args = append(cmd.Args, root) 141 | 142 | // We store all output in out for logging and in case there is an error 143 | var out bytes.Buffer 144 | cmd.Stdout = &out 145 | cmd.Stderr = cmd.Stdout 146 | 147 | // Log what we're going to execute 148 | logger.Info("executing ditto to copy files for archiving", 149 | "output_path", opts.OutputPath, 150 | "command_path", cmd.Path, 151 | "command_args", cmd.Args, 152 | ) 153 | 154 | // Execute copy 155 | if err = cmd.Run(); err != nil { 156 | os.RemoveAll(root) 157 | 158 | logger.Error( 159 | "error copying source files to create zip archive", 160 | "err", err, 161 | "output", out.String(), 162 | ) 163 | return "", err 164 | } 165 | 166 | return root, nil 167 | } 168 | -------------------------------------------------------------------------------- /package/dmg/dmg.go: -------------------------------------------------------------------------------- 1 | // Package dmg creates a "dmg" disk image. This package is purposely 2 | // skewed towards the features required for notarization with gon and 3 | // isn't meant to be a general purpose dmg creation library. 4 | // 5 | // This package works by embedding create-dmg[1] into the binary, 6 | // self-extracting to a temporary directory, and executing the script. This is 7 | // NOT a pure Go implementation of dmg creation. Please understand the risks 8 | // associated with this before choosing to use this package. 9 | // 10 | // [1]: https://github.com/andreyvit/create-dmg 11 | package dmg 12 | 13 | import ( 14 | "bytes" 15 | "context" 16 | "fmt" 17 | "io/ioutil" 18 | "os" 19 | "os/exec" 20 | "path/filepath" 21 | 22 | "github.com/hashicorp/go-hclog" 23 | 24 | "github.com/bearer/gon/internal/createdmg" 25 | ) 26 | 27 | // Options are the options for creating the dmg archive. 28 | type Options struct { 29 | // Files is a list of files to put into the root of the dmg. This is 30 | // expected to contain already-signed binaries and so on. This overlaps 31 | // fully with Root so if no files are specified here and Root is specified 32 | // we can still create a Dmg. 33 | // 34 | // If both Files and Root are set, we'll add this list of files to the 35 | // root directory in the dmg. 36 | Files []string 37 | 38 | // Root is the directory to use as the root of the dmg file. This can 39 | // optionally be set to specify additional files that you want within 40 | // the dmg. If this isn't set, we'll create a root with the files specified 41 | // in Files. 42 | Root string 43 | 44 | // OutputPath is the path where the dmg file will be written. The directory 45 | // containing this path must already exist. If a file already exist here 46 | // it will be overwritten. 47 | OutputPath string 48 | 49 | // VolumeName is the name of the dmg volume when mounted. 50 | VolumeName string 51 | 52 | // Set position the folder window 53 | WindowPos []string 54 | 55 | // Set size of the folder window 56 | WindowSize []string 57 | 58 | // Set window icons size 59 | IconSize string 60 | 61 | // Set position of the file's icon 62 | Icon []string 63 | 64 | // make a drop link to Applications, at location x, y 65 | AppDropLink []string 66 | 67 | // Logger is the logger to use. If this is nil then no logging will be done. 68 | Logger hclog.Logger 69 | 70 | // BaseCmd is the base command for executing the codesign binary. This is 71 | // used for tests to overwrite where the codesign binary is. 72 | BaseCmd *exec.Cmd 73 | } 74 | 75 | // Dmg creates a dmg archive for notarization using the options given. 76 | func Dmg(ctx context.Context, opts *Options) error { 77 | logger := opts.Logger 78 | if logger == nil { 79 | logger = hclog.NewNullLogger() 80 | } 81 | 82 | // Build our command 83 | var cmd *exec.Cmd 84 | if opts.BaseCmd != nil { 85 | cmdCopy := *opts.BaseCmd 86 | cmd = &cmdCopy 87 | } 88 | 89 | // If the options didn't set a command, we do so from our vendored create-dmg 90 | if cmd == nil { 91 | var err error 92 | cmd, err = createdmg.Cmd(ctx) 93 | if err != nil { 94 | return err 95 | } 96 | defer createdmg.Close(cmd) 97 | } 98 | 99 | // Set our basic settings 100 | args := []string{ 101 | filepath.Base(cmd.Path), // argv[0] 102 | "--volname", opts.VolumeName, 103 | } 104 | 105 | // Inject our files 106 | for _, f := range opts.Files { 107 | args = append(args, "--add-file", filepath.Base(f), f, "0", "0") 108 | } 109 | 110 | if opts.WindowPos != nil { 111 | args = append(args, "--window-pos") 112 | args = append(args, opts.WindowPos...) 113 | } 114 | 115 | if opts.WindowSize != nil { 116 | args = append(args, "--window-size") 117 | args = append(args, opts.WindowSize...) 118 | } 119 | 120 | if opts.IconSize != "" { 121 | args = append(args, "--icon-size", opts.IconSize) 122 | } 123 | 124 | if opts.Icon != nil { 125 | args = append(args, "--icon") 126 | args = append(args, opts.Icon...) 127 | } 128 | 129 | if opts.AppDropLink != nil { 130 | args = append(args, "--app-drop-link") 131 | args = append(args, opts.AppDropLink...) 132 | } 133 | 134 | // Set our root directory. If one wasn't specified, we create an empty 135 | // temporary directory to act as our root and we just use the flags to 136 | // inject our files. 137 | root := opts.Root 138 | if root == "" { 139 | td, err := ioutil.TempDir("", "gon") 140 | if err != nil { 141 | return err 142 | } 143 | defer os.RemoveAll(td) 144 | root = td 145 | } 146 | 147 | // Add the final arguments and set it on cmd 148 | cmd.Args = append(args, opts.OutputPath, root) 149 | 150 | // If our output path exists prior to running, we have to delete that 151 | if _, err := os.Stat(opts.OutputPath); err == nil { 152 | logger.Info("output path exists, removing", "path", opts.OutputPath) 153 | if err := os.Remove(opts.OutputPath); err != nil { 154 | return err 155 | } 156 | } 157 | 158 | // We store all output in out for logging and in case there is an error 159 | var out bytes.Buffer 160 | cmd.Stdout = &out 161 | cmd.Stderr = cmd.Stdout 162 | 163 | // Log what we're going to execute 164 | logger.Info("executing create-dmg for dmg creation", 165 | "output_path", opts.OutputPath, 166 | "command_path", cmd.Path, 167 | "command_args", cmd.Args, 168 | ) 169 | 170 | // Execute 171 | if err := cmd.Run(); err != nil { 172 | logger.Error("error creating dmg", "err", err, "output", out.String()) 173 | return fmt.Errorf("error creating dmg:\n\n%s", out.String()) 174 | } 175 | 176 | logger.Info("dmg creation complete", "output", out.String()) 177 | return nil 178 | } 179 | -------------------------------------------------------------------------------- /notarize/notarize.go: -------------------------------------------------------------------------------- 1 | // Package notarize notarizes packages with Apple. 2 | package notarize 3 | 4 | import ( 5 | "context" 6 | "fmt" 7 | "os/exec" 8 | "sync" 9 | "time" 10 | 11 | "github.com/hashicorp/go-hclog" 12 | ) 13 | 14 | // Options are the options for notarization. 15 | type Options struct { 16 | // File is the file to notarize. This must be in zip, dmg, or pkg format. 17 | File string 18 | 19 | // DeveloperId is your Apple Developer Apple ID. 20 | DeveloperId string 21 | 22 | // Password is the password associated to your Apple Developer Apple ID. 23 | Password string 24 | 25 | // Provider is the Apple Connect provider to use. This is optional 26 | // and is only used for Apple Connect accounts that support multiple 27 | // providers. 28 | Provider string 29 | 30 | // UploadLock, if specified, will limit concurrency when uploading 31 | // packages. The notary submission process does not allow concurrent 32 | // uploads of packages with the same bundle ID, it appears. If you set 33 | // this lock, we'll hold the lock while we upload. 34 | UploadLock *sync.Mutex 35 | 36 | // Status, if non-nil, will be invoked with status updates throughout 37 | // the notarization process. 38 | Status Status 39 | 40 | // Logger is the logger to use. If this is nil then no logging will be done. 41 | Logger hclog.Logger 42 | 43 | // BaseCmd is the base command for executing app submission. This is 44 | // used for tests to overwrite where the codesign binary is. If this isn't 45 | // specified then we use `xcrun notarytool` as the base. 46 | BaseCmd *exec.Cmd 47 | } 48 | 49 | // Notarize performs the notarization process for macOS applications. This 50 | // will block for the duration of this process which can take many minutes. 51 | // The Status field in Options can be used to get status change notifications. 52 | // 53 | // This will return the notarization info and an error if any occurred. 54 | // The Info result _may_ be non-nil in the presence of an error and can be 55 | // used to gather more information about the notarization attempt. 56 | // 57 | // If error is nil, then Info is guaranteed to be non-nil. 58 | // If error is not nil, notarization failed and Info _may_ be non-nil. 59 | func Notarize(ctx context.Context, opts *Options) (*Info, *Log, error) { 60 | logger := opts.Logger 61 | if logger == nil { 62 | logger = hclog.NewNullLogger() 63 | } 64 | 65 | status := opts.Status 66 | if status == nil { 67 | status = noopStatus{} 68 | } 69 | 70 | lock := opts.UploadLock 71 | if lock == nil { 72 | lock = &sync.Mutex{} 73 | } 74 | 75 | // First perform the upload 76 | lock.Lock() 77 | status.Submitting() 78 | uuid, err := upload(ctx, opts) 79 | lock.Unlock() 80 | if err != nil { 81 | return nil, nil, err 82 | } 83 | status.Submitted(uuid) 84 | 85 | // Begin polling the info. The first thing we wait for is for the status 86 | // _to even exist_. While we get an error requesting info with an error 87 | // code of 1519 (UUID not found), then we are stuck in a queue. Sometimes 88 | // this queue is hours long. We just have to wait. 89 | infoResult := &Info{RequestUUID: uuid} 90 | for { 91 | time.Sleep(10 * time.Second) 92 | _, err := info(ctx, infoResult.RequestUUID, opts) 93 | if err == nil { 94 | break 95 | } 96 | 97 | // If we got error code 1519 that means that the UUID was not found. 98 | // This means we're in a queue. 99 | if e, ok := err.(Errors); ok && e.ContainsCode(1519) { 100 | continue 101 | } 102 | 103 | // A real error, just return that 104 | return infoResult, nil, err 105 | } 106 | 107 | // Now that the UUID result has been found, we poll more quickly 108 | // waiting for the analysis to complete. This usually happens within 109 | // minutes. 110 | for { 111 | // Update the info. It is possible for this to return a nil info 112 | // and we dont' ever want to set result to nil so we have a check. 113 | newInfoResult, err := info(ctx, infoResult.RequestUUID, opts) 114 | if newInfoResult != nil { 115 | infoResult = newInfoResult 116 | } 117 | 118 | if err != nil { 119 | // This code is the network became unavailable error. If this 120 | // happens then we just log and retry. 121 | if e, ok := err.(Errors); ok && e.ContainsCode(-19000) { 122 | logger.Warn("error that network became unavailable, will retry") 123 | goto RETRYINFO 124 | } 125 | 126 | return infoResult, nil, err 127 | } 128 | 129 | status.InfoStatus(*infoResult) 130 | 131 | // If we reached a terminal state then exit 132 | if infoResult.Status == "Accepted" || infoResult.Status == "Invalid" { 133 | break 134 | } 135 | 136 | RETRYINFO: 137 | // Sleep, we just do a constant poll every 5 seconds. I haven't yet 138 | // found any rate limits to the service so this seems okay. 139 | time.Sleep(5 * time.Second) 140 | } 141 | 142 | logResult := &Log{JobId: uuid} 143 | for { 144 | // Update the log. It is possible for this to return a nil log 145 | // and we dont' ever want to set result to nil so we have a check. 146 | newLogResult, err := log(ctx, logResult.JobId, opts) 147 | if newLogResult != nil { 148 | logResult = newLogResult 149 | } 150 | 151 | if err != nil { 152 | // This code is the network became unavailable error. If this 153 | // happens then we just log and retry. 154 | if e, ok := err.(Errors); ok && e.ContainsCode(-19000) { 155 | logger.Warn("error that network became unavailable, will retry") 156 | goto RETRYLOG 157 | } 158 | 159 | return infoResult, logResult, err 160 | } 161 | 162 | status.LogStatus(*logResult) 163 | 164 | // If we reached a terminal state then exit 165 | if logResult.Status == "Accepted" || logResult.Status == "Invalid" { 166 | break 167 | } 168 | 169 | RETRYLOG: 170 | // Sleep, we just do a constant poll every 5 seconds. I haven't yet 171 | // found any rate limits to the service so this seems okay. 172 | time.Sleep(5 * time.Second) 173 | } 174 | 175 | // If we're in an invalid status then return an error 176 | err = nil 177 | if logResult.Status == "Invalid" && infoResult.Status == "Invalid" { 178 | err = fmt.Errorf("package is invalid.") 179 | } 180 | 181 | return infoResult, logResult, err 182 | } 183 | -------------------------------------------------------------------------------- /vendor/create-dmg/README.md: -------------------------------------------------------------------------------- 1 | create-dmg 2 | ========== 3 | 4 | A shell script to build fancy DMGs. 5 | 6 | Status and contribution policy 7 | ------------------------------ 8 | 9 | Create-dmg is mostly maintained by [@aonez](https://github.com/aonez) and the contributors who send pull requests. 10 | The project home page is . 11 | 12 | We will merge any pull request that adds something useful and does not break existing things. 13 | 14 | If you're an active user and want to be a maintainer, or just want to chat, please ping us on Gitter at [gitter.im/create-dmg/Lobby](https://gitter.im/create-dmg/Lobby), or [email Andrew directly](floss@apjanke.net). 15 | 16 | Create-dmg was originally created by [Andrey Tarantsov](https://github.com/andreyvit). 17 | In May 2020 [Andrew Janke](https://github.com/apjanke) helped vastly with the project. 18 | 19 | Installation 20 | ------------ 21 | 22 | - You can install this script using [Homebrew](https://brew.sh): 23 | 24 | ```sh 25 | brew install create-dmg 26 | ``` 27 | 28 | - You can download the [latest release](https://github.com/create-dmg/create-dmg/releases/latest) and install it from there: 29 | 30 | ```sh 31 | make install 32 | ``` 33 | 34 | - You can also clone the entire repository and run it locally from there: 35 | 36 | ```sh 37 | git clone https://github.com/create-dmg/create-dmg.git 38 | ``` 39 | 40 | Usage 41 | ----- 42 | 43 | ```sh 44 | create-dmg [options ...] 45 | ``` 46 | 47 | All contents of source\_folder will be copied into the disk image. 48 | 49 | **Options:** 50 | 51 | - **--volname \:** set volume name (displayed in the Finder sidebar and window title) 52 | - **--volicon \:** set volume icon 53 | - **--background \:** set folder background image (provide png, gif, jpg) 54 | - **--window-pos \ \:** set position the folder window 55 | - **--window-size \ \:** set size of the folder window 56 | - **--text-size \:** set window text size (10-16) 57 | - **--icon-size \:** set window icons size (up to 128) 58 | - **--icon \ \ \:** set position of the file's icon 59 | - **--hide-extension \:** hide the extension of file 60 | - **--app-drop-link \ \:** make a drop link to Applications, at location x, y 61 | - **--ql-drop-link \ \:** make a drop link to /Library/QuickLook, at location x, y 62 | - **--eula \:** attach a license file to the dmg 63 | - **--rez \:** specify custom path to Rez tool used to include license file 64 | - **--no-internet-enable:** disable automatic mount© 65 | - **--format:** specify the final image format (UDZO|UDBZ|ULFO|ULMO) (default is UDZO) 66 | - **--filesystem:** specify the image filesystem (HFS+|APFS) (default is HFS+, APFS supports macOS 10.13 or newer) 67 | - **--encrypt:** enable encryption for the resulting disk image (AES-256 - you will be prompted for password) 68 | - **--encrypt-aes128:** enable encryption for the resulting disk image (AES-128 - you will be prompted for password) 69 | - **--add-file \ \ \ \:** add additional file or folder (can be used multiple times) 70 | - **--disk-image-size \:** set the disk image size manually to x MB 71 | - **--hdiutil-verbose:** execute hdiutil in verbose mode 72 | - **--hdiutil-quiet:** execute hdiutil in quiet mode 73 | - **--bless:** bless the mount folder (deprecated, needs macOS 12.2.1 or older, [#127](https://github.com/create-dmg/create-dmg/pull/127)) 74 | - **--codesign \:** codesign the disk image with the specified signature 75 | - **--notarize \:** notarize the disk image (waits and staples) with the keychain stored credentials 76 | For more information check [Apple's documentation](https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/customizing_the_notarization_workflow) 77 | - **--skip-jenkins:** skip Finder-prettifying AppleScript, useful in Sandbox and non-GUI environments, [#72](https://github.com/create-dmg/create-dmg/pull/72) 78 | - **--sandbox-safe:** hdiutil with sandbox compatibility, do not bless and do not execute the cosmetic AppleScript (not supported for APFS disk images) 79 | - **--version:** show tool version number 80 | - **-h, --help:** display the help 81 | 82 | Encryption 83 | ------- 84 | hdiutil supports native disk image encryption using AES-256 (slower but stronger) or AES-128 (faster but weaker). Enabling disk image encryption via create-dmg will require the entry of the password during the middle (compression phase) of the process. Take care to enter the password correctly, because hdiutil will not prompt a second time to confirm the password. 85 | 86 | Example 87 | ------- 88 | 89 | ```sh 90 | #!/bin/sh 91 | test -f Application-Installer.dmg && rm Application-Installer.dmg 92 | create-dmg \ 93 | --volname "Application Installer" \ 94 | --volicon "application_icon.icns" \ 95 | --background "installer_background.png" \ 96 | --window-pos 200 120 \ 97 | --window-size 800 400 \ 98 | --icon-size 100 \ 99 | --icon "Application.app" 200 190 \ 100 | --hide-extension "Application.app" \ 101 | --app-drop-link 600 185 \ 102 | "Application-Installer.dmg" \ 103 | "source_folder/" 104 | ``` 105 | 106 | See the `examples` folder in the source tree for more examples. 107 | 108 | Requirements 109 | ------------ 110 | 111 | Nothing except a standard installation of macOS/OS X is required. 112 | 113 | We think this works in OS X 10.6 Snow Leopard and later. 114 | 115 | We'd like to keep it working in as many versions as possible, but unfortunately, we just don't have test boxes running old versions of OS X adequate to make this happen. Development and testing mostly happens in the last 3-5 years' worth of macOS releases; as of 2020, this means macOS 10.12 and later. 116 | 117 | But if you find a bug in an older version, go ahead and report it! We'll try to work with you to get it fixed. 118 | 119 | If you're running OS X 10.5 or earlier, you're SOL. That's just too hard to deal with in 2023. ;) 120 | 121 | Alternatives 122 | ------------ 123 | 124 | - [node-appdmg](https://github.com/LinusU/node-appdmg) 125 | - [dmgbuild](https://pypi.python.org/pypi/dmgbuild) 126 | - see the [StackOverflow question](http://stackoverflow.com/questions/96882/how-do-i-create-a-nice-looking-dmg-for-mac-os-x-using-command-line-tools) 127 | -------------------------------------------------------------------------------- /go.sum: -------------------------------------------------------------------------------- 1 | github.com/agext/levenshtein v1.2.1 h1:QmvMAjj2aEICytGiWzmxoE0x2KZvE0fvmqMOfy2tjT8= 2 | github.com/agext/levenshtein v1.2.1/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= 3 | github.com/apparentlymart/go-dump v0.0.0-20180507223929-23540a00eaa3/go.mod h1:oL81AME2rN47vu18xqj1S1jPIPuN7afo62yKTNn3XMM= 4 | github.com/apparentlymart/go-textseg v1.0.0 h1:rRmlIsPEEhUTIKQb7T++Nz/A5Q6C9IuX2wFoYVvnCs0= 5 | github.com/apparentlymart/go-textseg v1.0.0/go.mod h1:z96Txxhf3xSFMPmb5X/1W05FF/Nj9VFpLOpjS5yuumk= 6 | github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 7 | github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= 8 | github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 9 | github.com/fatih/color v1.7.0 h1:DkWD4oS2D8LGGgTQ6IvwJJXSL5Vp2ffcQg58nFV38Ys= 10 | github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= 11 | github.com/go-test/deep v1.0.3 h1:ZrJSEWsXzPOxaZnFteGEfooLba+ju3FYIbOrS+rQd68= 12 | github.com/go-test/deep v1.0.3/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= 13 | github.com/golang/protobuf v1.1.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= 14 | github.com/google/go-cmp v0.2.0 h1:+dTQ8DZQJz0Mb/HjFlkptS1FeQ4cWSnN941F8aEG4SQ= 15 | github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= 16 | github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA= 17 | github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= 18 | github.com/hashicorp/go-hclog v0.9.3-0.20191025211905-234833755cb2 h1:STV8OvzphW1vlhPFxcG8d6OIilzBSKRAoWFJt+Onu10= 19 | github.com/hashicorp/go-hclog v0.9.3-0.20191025211905-234833755cb2/go.mod h1:whpDNt7SSdeAju8AWKIWsul05p54N/39EeqMAyrmvFQ= 20 | github.com/hashicorp/go-multierror v1.0.0 h1:iVjPR7a6H0tWELX5NxNe7bYopibicUzc7uPribsnS6o= 21 | github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= 22 | github.com/hashicorp/hcl/v2 v2.0.0 h1:efQznTz+ydmQXq3BOnRa3AXzvCeTq1P4dKj/z5GLlY8= 23 | github.com/hashicorp/hcl/v2 v2.0.0/go.mod h1:oVVDG71tEinNGYCxinCYadcmKU9bglqW9pV3txagJ90= 24 | github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= 25 | github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= 26 | github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= 27 | github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= 28 | github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= 29 | github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= 30 | github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348 h1:MtvEpTB6LX3vkb4ax0b5D2DHbNAUsen0Gx5wZoq3lV4= 31 | github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k= 32 | github.com/mattn/go-colorable v0.1.4 h1:snbPLB8fVfU9iwbbo30TPtbLRzwWu6aJS6Xh4eaaviA= 33 | github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= 34 | github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= 35 | github.com/mattn/go-isatty v0.0.10 h1:qxFzApOv4WsAL965uUPIsXzAKCZxN2p9UqdhFS4ZW10= 36 | github.com/mattn/go-isatty v0.0.10/go.mod h1:qgIWMr58cqv1PHHyhnkY9lrL7etaEgOFcMEpPG5Rm84= 37 | github.com/mitchellh/go-wordwrap v0.0.0-20150314170334-ad45545899c7 h1:DpOJ2HYzCv8LZP15IdmG+YdwD2luVPHITV96TkirNBM= 38 | github.com/mitchellh/go-wordwrap v0.0.0-20150314170334-ad45545899c7/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= 39 | github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= 40 | github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= 41 | github.com/sebdah/goldie v1.0.0 h1:9GNhIat69MSlz/ndaBg48vl9dF5fI+NBB6kfOxgfkMc= 42 | github.com/sebdah/goldie v1.0.0/go.mod h1:jXP4hmWywNEwZzhMuv2ccnqTSFpuq8iyQhtQdkkZBH4= 43 | github.com/sergi/go-diff v1.0.0 h1:Kpca3qRNrduNnOQeazBd0ysaKrUJiIuISHxogkT9RPQ= 44 | github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= 45 | github.com/spf13/pflag v1.0.2/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= 46 | github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= 47 | github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= 48 | github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q= 49 | github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= 50 | github.com/vmihailenco/msgpack v3.3.3+incompatible/go.mod h1:fy3FlTQTDXWkZ7Bh6AcGMlsjHatGryHQYUTf1ShIgkk= 51 | github.com/zclconf/go-cty v1.1.0 h1:uJwc9HiBOCpoKIObTQaLR+tsEXx1HBHnOsOOpcdhZgw= 52 | github.com/zclconf/go-cty v1.1.0/go.mod h1:xnAOWiHeOqg2nWS62VtQ7pbOu17FtxJNW8RLEih+O3s= 53 | golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= 54 | golang.org/x/crypto v0.0.0-20190426145343-a29dc8fdc734/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= 55 | golang.org/x/net v0.0.0-20180811021610-c39426892332/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= 56 | golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= 57 | golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 58 | golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 59 | golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 60 | golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 61 | golang.org/x/sys v0.0.0-20190502175342-a43fa875dd82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 62 | golang.org/x/sys v0.0.0-20191008105621-543471e840be h1:QAcqgptGM8IQBC9K/RC4o+O9YmqEm0diQn9QmZw/0mU= 63 | golang.org/x/sys v0.0.0-20191008105621-543471e840be/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 64 | golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= 65 | golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs= 66 | golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= 67 | golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= 68 | google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= 69 | gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= 70 | gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= 71 | gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 72 | howett.net/plist v0.0.0-20181124034731-591f970eefbb h1:jhnBjNi9UFpfpl8YZhA9CrOqpnJdvzuiHsl/dnxl11M= 73 | howett.net/plist v0.0.0-20181124034731-591f970eefbb/go.mod h1:vMygbs4qMhSZSc4lCUl2OEE+rDiIIJAIdR4m7MiMcm0= 74 | -------------------------------------------------------------------------------- /cmd/gon/main.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "context" 5 | "flag" 6 | "fmt" 7 | "io" 8 | "os" 9 | "strings" 10 | "sync" 11 | 12 | "github.com/fatih/color" 13 | "github.com/hashicorp/go-hclog" 14 | "github.com/hashicorp/go-multierror" 15 | 16 | "github.com/bearer/gon/internal/config" 17 | "github.com/bearer/gon/package/dmg" 18 | "github.com/bearer/gon/package/zip" 19 | "github.com/bearer/gon/sign" 20 | ) 21 | 22 | // Set by build process 23 | var ( 24 | version string 25 | ) 26 | 27 | func main() { 28 | os.Exit(realMain()) 29 | } 30 | 31 | func realMain() int { 32 | // Look for version 33 | for _, v := range os.Args[1:] { 34 | v = strings.TrimLeft(v, "-") 35 | if v == "v" || v == "version" { 36 | if version == "" { 37 | version = "dev" 38 | } 39 | 40 | fmt.Printf("version %s\n", version) 41 | return 0 42 | } 43 | } 44 | 45 | var logLevel string 46 | var logJSON bool 47 | flags := flag.NewFlagSet(os.Args[0], flag.ExitOnError) 48 | flags.BoolVar(&logJSON, "log-json", false, "Output logs in JSON format for machine readability.") 49 | flags.StringVar(&logLevel, "log-level", "", "Log level to output. Defaults to no logging.") 50 | flags.Parse(os.Args[1:]) 51 | args := flags.Args() 52 | 53 | // Build a logger 54 | logOut := io.Discard 55 | if logLevel != "" { 56 | logOut = os.Stderr 57 | } 58 | logger := hclog.New(&hclog.LoggerOptions{ 59 | Level: hclog.LevelFromString(logLevel), 60 | Output: logOut, 61 | JSONFormat: logJSON, 62 | }) 63 | 64 | // We expect a configuration file 65 | if len(args) != 1 { 66 | fmt.Fprintf(os.Stdout, color.RedString("❗️ Path to configuration expected.\n\n")) 67 | printHelp(flags) 68 | return 1 69 | } 70 | 71 | // Parse the configuration 72 | cfg, err := config.ParseFile(args[0]) 73 | if err != nil { 74 | fmt.Fprintf(os.Stdout, color.RedString("❗️ Error loading configuration:\n\n%s\n", err)) 75 | return 1 76 | } 77 | 78 | // The files to notarize should be added to this. We'll submit one notarization 79 | // request per file here. 80 | var items []*item 81 | 82 | // A bunch of validation 83 | if len(cfg.Source) > 0 { 84 | if cfg.BundleId == "" { 85 | color.New(color.Bold, color.FgRed).Fprintf(os.Stdout, 86 | "❗️ `bundle_id` configuration required with `source` set\n") 87 | color.New(color.FgRed).Fprintf(os.Stdout, 88 | "When you set the `source` configuration, you must also specify the\n"+ 89 | "`bundle_id` that will be used for packaging and notarization.\n") 90 | return 1 91 | } 92 | 93 | if cfg.Sign == nil { 94 | color.New(color.Bold, color.FgRed).Fprintf(os.Stdout, 95 | "❗️ `sign` configuration required with `source` set\n") 96 | color.New(color.FgRed).Fprintf(os.Stdout, 97 | "When you set the `source` configuration, you must also specify the\n"+ 98 | "`sign` configuration to sign the input files.\n") 99 | return 1 100 | } 101 | } else { 102 | if len(cfg.Notarize) == 0 { 103 | color.New(color.Bold, color.FgRed).Fprintf(os.Stdout, "❗️ No source files specified\n") 104 | color.New(color.FgRed).Fprintf(os.Stdout, 105 | "Your configuration had an empty 'source' and empty 'notarize' values. This must be populated with\n"+ 106 | "at least one file to sign, package, and notarize.\n") 107 | return 1 108 | } 109 | 110 | if cfg.Zip != nil { 111 | color.New(color.Bold, color.FgRed).Fprintf(os.Stdout, 112 | "❗️ `zip` can only be set while `source` is also set\n") 113 | color.New(color.FgRed).Fprintf(os.Stdout, 114 | "Zip packaging is only supported when `source` is specified. This is\n"+ 115 | "because the `zip` option packages the source files. If there are no\n"+ 116 | "source files specified, then there is nothing to package.\n") 117 | return 1 118 | } 119 | 120 | if cfg.Dmg != nil { 121 | color.New(color.Bold, color.FgRed).Fprintf(os.Stdout, 122 | "❗️ `dmg` can only be set while `source` is also set\n") 123 | color.New(color.FgRed).Fprintf(os.Stdout, 124 | "Dmg packaging is only supported when `source` is specified. This is\n"+ 125 | "because the `dmg` option packages the source files. If there are no\n"+ 126 | "source files specified, then there is nothing to package.\n") 127 | return 1 128 | } 129 | } 130 | 131 | // Notarize is an alternative to "Source", where you specify 132 | // a single .pkg or .zip that is ready for notarization and stapling 133 | if len(cfg.Notarize) > 0 { 134 | for _, c := range cfg.Notarize { 135 | items = append(items, &item{ 136 | Path: c.Path, 137 | BundleId: c.BundleId, 138 | Staple: c.Staple, 139 | }) 140 | } 141 | } 142 | 143 | // If not specified in the configuration, we initialize a new struct that we'll 144 | // load with values from the environment. 145 | if cfg.AppleId == nil { 146 | cfg.AppleId = &config.AppleId{} 147 | } 148 | if cfg.AppleId.Username == "" { 149 | appleIdUsername, ok := os.LookupEnv("AC_USERNAME") 150 | if !ok { 151 | color.New(color.Bold, color.FgRed).Fprintf(os.Stdout, "❗️ No apple_id username provided\n") 152 | color.New(color.FgRed).Fprintf(os.Stdout, 153 | "An Apple ID username must be specified in the `apple_id` block or\n"+ 154 | "it must exist in the environment as AC_USERNAME,\n"+ 155 | "otherwise we won't be able to authenticate with Apple to notarize.\n") 156 | return 1 157 | } 158 | 159 | cfg.AppleId.Username = appleIdUsername 160 | } 161 | 162 | if cfg.AppleId.Password == "" { 163 | appleIdPassword, ok := os.LookupEnv("AC_PASSWORD") 164 | if !ok { 165 | color.New(color.Bold, color.FgRed).Fprintf(os.Stdout, "❗️ No apple_id password provided\n") 166 | color.New(color.FgRed).Fprintf(os.Stdout, 167 | "An Apple ID password (or lookup directive) must be specified in the\n"+ 168 | "`apple_id` block or it must exist in the environment as AC_PASSWORD,\n"+ 169 | "otherwise we won't be able to authenticate with Apple to notarize.\n") 170 | return 1 171 | } 172 | 173 | cfg.AppleId.Password = appleIdPassword 174 | } 175 | 176 | if cfg.AppleId.Provider == "" { 177 | cfg.AppleId.Provider = os.Getenv("AC_PROVIDER") 178 | } 179 | 180 | // If we're in source mode, then sign & package as configured 181 | if len(cfg.Source) > 0 { 182 | if cfg.Sign != nil { 183 | // Perform codesigning 184 | if cfg.Sign.ApplicationIdentity == "" { 185 | applicationIdentity, ok := os.LookupEnv("AC_APPLICATION_IDENTITY") 186 | if !ok { 187 | color.New(color.Bold, color.FgRed).Fprintf(os.Stdout, "❗️ No application_identity provided\n") 188 | color.New(color.FgRed).Fprintf(os.Stdout, 189 | "An application identity must be specified in the `sign` block or\n"+ 190 | "it must exist in the environment as AC_APPLICATION_IDENTITY,\n"+ 191 | "otherwise we won't be able to sign your files.\n") 192 | return 1 193 | } 194 | 195 | cfg.Sign.ApplicationIdentity = applicationIdentity 196 | } 197 | color.New(color.Bold).Fprintf(os.Stdout, "==> %s Signing files...\n", iconSign) 198 | err = sign.Sign(context.Background(), &sign.Options{ 199 | Files: cfg.Source, 200 | Identity: cfg.Sign.ApplicationIdentity, 201 | Entitlements: cfg.Sign.EntitlementsFile, 202 | Logger: logger.Named("sign"), 203 | }) 204 | if err != nil { 205 | fmt.Fprintf(os.Stdout, color.RedString("❗️ Error signing files:\n\n%s\n", err)) 206 | return 1 207 | } 208 | color.New(color.Bold, color.FgGreen).Fprintf(os.Stdout, " Code signing successful\n") 209 | } 210 | 211 | // Create a zip 212 | if cfg.Zip != nil { 213 | color.New(color.Bold).Fprintf(os.Stdout, "==> %s Creating Zip archive...\n", iconPackage) 214 | err = zip.Zip(context.Background(), &zip.Options{ 215 | Files: cfg.Source, 216 | OutputPath: cfg.Zip.OutputPath, 217 | }) 218 | if err != nil { 219 | fmt.Fprintf(os.Stdout, color.RedString("❗️ Error creating zip archive:\n\n%s\n", err)) 220 | return 1 221 | } 222 | color.New(color.Bold, color.FgGreen).Fprintf(os.Stdout, " Zip archive created with signed files\n") 223 | 224 | // Queue to notarize 225 | items = append(items, &item{Path: cfg.Zip.OutputPath}) 226 | } 227 | 228 | // Create a dmg 229 | if cfg.Dmg != nil && cfg.Sign != nil { 230 | // First create the dmg itself. This passes in the signed files. 231 | color.New(color.Bold).Fprintf(os.Stdout, "==> %s Creating dmg...\n", iconPackage) 232 | color.New().Fprintf(os.Stdout, " This will open Finder windows momentarily.\n") 233 | err = dmg.Dmg(context.Background(), &dmg.Options{ 234 | Files: cfg.Source, 235 | OutputPath: cfg.Dmg.OutputPath, 236 | VolumeName: cfg.Dmg.VolumeName, 237 | WindowPos: cfg.Dmg.WindowPos, 238 | WindowSize: cfg.Dmg.WindowSize, 239 | IconSize: cfg.Dmg.IconSize, 240 | Icon: cfg.Dmg.Icon, 241 | AppDropLink: cfg.Dmg.AppDropLink, 242 | Logger: logger.Named("dmg"), 243 | }) 244 | if err != nil { 245 | fmt.Fprintf(os.Stdout, color.RedString("❗️ Error creating dmg:\n\n%s\n", err)) 246 | return 1 247 | } 248 | color.New().Fprintf(os.Stdout, " Dmg file created: %s\n", cfg.Dmg.OutputPath) 249 | 250 | // Next we need to sign the actual DMG as well 251 | color.New().Fprintf(os.Stdout, " Signing dmg...\n") 252 | err = sign.Sign(context.Background(), &sign.Options{ 253 | Files: []string{cfg.Dmg.OutputPath}, 254 | Identity: cfg.Sign.ApplicationIdentity, 255 | Logger: logger.Named("dmg"), 256 | }) 257 | if err != nil { 258 | fmt.Fprintf(os.Stdout, color.RedString("❗️ Error signing dmg:\n\n%s\n", err)) 259 | return 1 260 | } 261 | color.New(color.Bold, color.FgGreen).Fprintf(os.Stdout, " Dmg created and signed\n") 262 | 263 | // Queue to notarize 264 | items = append(items, &item{Path: cfg.Dmg.OutputPath, Staple: true}) 265 | } 266 | } 267 | 268 | // If we have no items to notarize then its probably an error in the configuration. 269 | if len(items) == 0 { 270 | color.New(color.Bold, color.FgYellow).Fprintf(os.Stdout, "\n⚠️ No items to notarize\n") 271 | color.New(color.FgYellow).Fprintf(os.Stdout, 272 | "You must specify a 'notarize' section or a 'source' section plus a 'zip' or 'dmg' section "+ 273 | "in your configuration to enable packaging and notarization. Without these sections, gon\n"+ 274 | "will only sign your input files in 'source'.\n") 275 | return 0 276 | } 277 | 278 | // Notarize 279 | color.New(color.Bold).Fprintf(os.Stdout, "==> %s Notarizing...\n", iconNotarize) 280 | if len(items) > 1 { 281 | color.New().Fprintf(os.Stdout, " Files will be notarized concurrently to optimize queue wait\n") 282 | } 283 | for _, f := range items { 284 | color.New().Fprintf(os.Stdout, " Path: %s\n", f.Path) 285 | } 286 | 287 | // Build our prefixes 288 | prefixes := statusPrefixList(items) 289 | 290 | // Start our notarizations 291 | var wg sync.WaitGroup 292 | var lock, uploadLock sync.Mutex 293 | var totalErr error 294 | for idx := range items { 295 | wg.Add(1) 296 | go func(idx int) { 297 | defer wg.Done() 298 | 299 | err := items[idx].notarize(context.Background(), &processOptions{ 300 | Config: cfg, 301 | Logger: logger, 302 | Prefix: prefixes[idx], 303 | OutputLock: &lock, 304 | UploadLock: &uploadLock, 305 | }) 306 | 307 | if err != nil { 308 | lock.Lock() 309 | defer lock.Unlock() 310 | totalErr = multierror.Append(totalErr, err) 311 | } 312 | }(idx) 313 | } 314 | 315 | // Wait for notarization to happen 316 | wg.Wait() 317 | 318 | // If totalErr is not nil then we had one or more errors. 319 | if totalErr != nil { 320 | fmt.Fprintf(os.Stdout, color.RedString("\n❗️ Error notarizing:\n\n%s\n", totalErr)) 321 | return 1 322 | } 323 | 324 | // Success, output all the files that were notarized again to remind the user 325 | color.New(color.Bold, color.FgGreen).Fprintf(os.Stdout, "\nNotarization complete! Notarized files:\n") 326 | for _, f := range items { 327 | color.New(color.FgGreen).Fprintf(os.Stdout, " - %s\n", f.String()) 328 | } 329 | 330 | return 0 331 | } 332 | 333 | func printHelp(fs *flag.FlagSet) { 334 | fmt.Fprintf(os.Stdout, strings.TrimSpace(help)+"\n\n", os.Args[0]) 335 | fs.PrintDefaults() 336 | } 337 | 338 | const help = ` 339 | gon signs, notarizes, and packages binaries for macOS. 340 | 341 | Usage: %[1]s [flags] CONFIG 342 | 343 | A configuration file is required to use gon. If a "-" is specified, gon 344 | will attempt to read the configuration from stdin. Configuration is in HCL 345 | or JSON format. The JSON format makes it particularly easy to machine-generate 346 | the configuration and pass it into gon. 347 | 348 | For example configurations as well as full help text, see the README on GitHub: 349 | http://github.com/bearer/gon 350 | 351 | Flags: 352 | ` 353 | 354 | const iconSign = `✏️` 355 | const iconPackage = `📦` 356 | const iconNotarize = `🍎` 357 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # gon - CLI and Go Library for macOS Notarization 2 | 3 | gon is a simple, no-frills tool for 4 | [signing and notarizing](https://developer.apple.com/developer-id/) 5 | your CLI binaries for macOS. gon is available as a CLI that can be run 6 | manually or in automation pipelines. It is also available as a Go library for 7 | embedding in projects written in Go. gon can sign and notarize binaries written 8 | in any language. 9 | 10 | Beginning with macOS Catalina (10.15), Apple is 11 | [requiring all software distributed outside of the Mac App Store to be signed and notarized](https://developer.apple.com/news/?id=10032019a). 12 | Software that isn't properly signed or notarized will be shown an 13 | [error message](https://github.com/hashicorp/terraform/issues/23033) 14 | with the only actionable option being to "Move to Bin". The software cannot 15 | be run even from the command-line. The 16 | [workarounds are painful for users](https://github.com/hashicorp/terraform/issues/23033#issuecomment-542302933). 17 | gon helps you automate the process of notarization. 18 | 19 | 20 | 21 | 22 | - [Features](#features) 23 | - [Example](#example) 24 | - [Installation](#installation) 25 | - [Usage](#usage) 26 | - [Prerequisite: Acquiring a Developer ID Certificate](#prerequisite-acquiring-a-developer-id-certificate) 27 | - [Configuration File](#configuration-file) 28 | - [Notarization-Only Configuration](#notarization-only-configuration) 29 | - [Processing Time](#processing-time) 30 | - [Using within Automation](#using-within-automation) 31 | - [Machine-Readable Output](#machine-readable-output) 32 | - [Prompts](#prompts) 33 | - [Usage with GoReleaser](#usage-with-goreleaser) 34 | - [Go Library](#go-library) 35 | - [Troubleshooting](#troubleshooting) 36 | - [Roadmap](#roadmap) 37 | 38 | 39 | 40 | ## Features 41 | 42 | - Code sign one or multiple files written in any language 43 | - Package signed files into a dmg or zip 44 | - Notarize packages and wait for the notarization to complete 45 | - Concurrent notarization for multiple output formats 46 | - Stapling notarization tickets to supported formats (dmg) so that 47 | Gatekeeper validation works offline. 48 | 49 | ## Example 50 | 51 | The example below runs `gon` against itself to generate a zip and dmg. 52 | 53 | ![gon Example](https://user-images.githubusercontent.com/1299/68089803-66961b00-fe21-11e9-820e-cfd7ecae93a2.gif) 54 | 55 | ## Installation 56 | 57 | The easiest way to install `gon` is via [Homebrew](https://brew.sh): 58 | 59 | brew install Bearer/tap/gon 60 | 61 | You may also download the appropriate release for your platform 62 | from the [releases page](https://github.com/Bearer/gon/releases). 63 | These are all signed and notarized to run out of the box on macOS 10.15+. 64 | 65 | You can also compile from source using Go 1.13 or later using standard 66 | `go build`. Please ensure that Go modules are enabled. 67 | 68 | ## Usage 69 | 70 | `gon` requires a configuration file that can be specified as a file path 71 | or passed in via stdin. The configuration specifies 72 | all the settings `gon` will use to sign and package your files. 73 | 74 | **gon must be run on a macOS machine with XCode 11.0 or later.** Code 75 | signing, notarization, and packaging all require tools that are only available 76 | on macOS machines. 77 | 78 | ``` 79 | gon [flags] [CONFIG] 80 | ``` 81 | 82 | When executed, `gon` will sign, package, and notarize configured files 83 | into requested formats. `gon` will exit with a `0` exit code on success 84 | and any other value on failure. 85 | 86 | ### Prerequisite: Acquiring a Developer ID Certificate 87 | 88 | Before using `gon`, you must acquire a Developer ID Certificate. To do 89 | this, you can either do it via the web or via Xcode locally on a Mac. Using 90 | Xcode is easier if you already have it installed. 91 | 92 | Via the web: 93 | 94 | 1. Sign into [developer.apple.com](https://developer.apple.com) with valid 95 | Apple ID credentials. You may need to sign up for an Apple developer account. 96 | 97 | 2. Navigate to the [certificates](https://developer.apple.com/account/resources/certificates/list) 98 | page. 99 | 100 | 3. Click the "+" icon, select "Developer ID Application" and follow the steps. 101 | 102 | 4. After downloading the certificate, double-click to import it into your 103 | keychain. If you're building on a CI machine, every CI machine must have 104 | this certificate in their keychain. 105 | 106 | Via Xcode: 107 | 108 | 1. Open Xcode and go to Xcode => Preferences => Accounts 109 | 110 | 2. Click the "+" in the bottom left and add your Apple ID if you haven't already. 111 | 112 | 3. Select your Apple account and click "Manage Certificates" in the bottom 113 | right corner. 114 | 115 | 4. Click "+" in the bottom left corner and click "Developer ID Application". 116 | 117 | 5. Right-click the newly created cert in the list, click "export" and 118 | export the file as a p12-formatted certificate. _Save this somewhere_. 119 | You'll never be able to download it again. 120 | 121 | To verify you did this correctly, you can inspect your keychain: 122 | 123 | ```sh 124 | $ security find-identity -v 125 | 1) 359452C7CD2B5F8A64059FF1C130B105F235BEAF "Developer ID Application: Bearer Inc (5T2VP4YAG8)" 126 | 1 valid identities found 127 | ``` 128 | 129 | You should see one or more certificates and at least one should be your 130 | Developer ID Application certificate. The hexadecimal string prefix is the 131 | value you can use in your configuration file to specify the identity. 132 | 133 | ### Configuration File 134 | 135 | The configuration file can specify allow/deny lists of licenses for reports, 136 | license overrides for specific dependencies, and more. The configuration file 137 | format is [HCL](https://github.com/hashicorp/hcl/tree/hcl2) or JSON. 138 | 139 | Example: 140 | 141 | ```hcl 142 | source = ["./example"] 143 | bundle_id = "com.bearer.example" 144 | 145 | apple_id { 146 | username = "bearer@example.com" 147 | provider = "5T2VP4YAG8" 148 | } 149 | 150 | sign { 151 | application_identity = "Developer ID Application: Bearer Inc" 152 | } 153 | 154 | dmg { 155 | output_path = "example.dmg" 156 | volume_name = "Example" 157 | } 158 | 159 | zip { 160 | output_path = "example.zip" 161 | } 162 | ``` 163 | 164 | ```json 165 | { 166 | "source" : ["./example"], 167 | "bundle_id" : "com.bearer.example", 168 | "apple_id": { 169 | "username" : "bearer@example.com", 170 | "provider": "5T2VP4YAG8" 171 | }, 172 | "sign" :{ 173 | "application_identity" : "Developer ID Application: Bearer Inc" 174 | }, 175 | "dmg" :{ 176 | "output_path": "example.dmg", 177 | "volume_name": "Example" 178 | }, 179 | "zip" :{ 180 | "output_path" : "example.zip" 181 | } 182 | } 183 | ``` 184 | 185 | Supported configurations: 186 | 187 | - `source` (`array`) - A list of files to sign, package, and 188 | notarize. If you want to sign multiple files with different identities 189 | or into different packages, then you should invoke `gon` with separate 190 | configurations. This is optional if you're using the notarization-only 191 | mode with the `notarize` block. 192 | 193 | - `bundle_id` (`string`) - The [bundle ID](https://cocoacasts.com/what-are-app-ids-and-bundle-identifiers/) 194 | for your application. You should choose something unique for your application. 195 | You can also [register these with Apple](https://developer.apple.com/account/resources/identifiers/list). 196 | This is optional if you're using the notarization-only 197 | mode with the `notarize` block. 198 | 199 | - `apple_id` - Settings related to the Apple ID to use for notarization. 200 | 201 | - `username` (`string`) - The Apple ID username, typically an email address. 202 | This will default to the `AC_USERNAME` environment variable if not set. 203 | 204 | - `password` (`string`) - The password for the associated Apple ID. 205 | This will default to the `AC_PASSWORD` environment variable if not set. 206 | 207 | **NOTE**: If you have 2FA enabled, the password must be an application password, not 208 | your normal apple id password. See [Troubleshooting](#troubleshooting) for details. 209 | 210 | - `provider` (`string`) - The App Store Connect provider when using 211 | multiple teams within App Store Connect. If this isn't set, we'll attempt 212 | to read the `AC_PROVIDER` environment variable as a default. 213 | 214 | - `sign` - Settings related to signing files. 215 | 216 | - `application_identity` (`string`) - The name or ID of the "Developer ID Application" 217 | certificate to use to sign applications. This accepts any valid value for the `-s` 218 | flag for the `codesign` binary on macOS. See `man codesign` for detailed 219 | documentation on accepted values. If this isn't set, we'll attempt to read 220 | the `AC_APPLICATION_IDENTITY` environment variable as a default. 221 | 222 | - `entitlements_file` (`string` _optional_) - The full path to a plist format .entitlements file, used for the `--entitlements` argument to `codesign` 223 | 224 | - `dmg` (_optional_) - Settings related to creating a disk image (dmg) as output. 225 | This will only be created if this is specified. The dmg will also have the 226 | notarization ticket stapled so that it can be verified offline and 227 | _do not_ require internet to use. 228 | 229 | - `output_path` (`string`) - The path to create the zip archive. If this path 230 | already exists, it will be overwritten. All files in `source` will be copied 231 | into the root of the zip archive. 232 | 233 | - `volume_name` (`string`) - The name of the mounted dmg that shows up 234 | in finder, the mounted file path, etc. 235 | 236 | - `zip` (_optional_) - Settings related to creating a zip archive as output. A zip archive 237 | will only be created if this is specified. Note that zip archives don't support 238 | stapling, meaning that files within the notarized zip archive will require an 239 | internet connection to verify on first use. 240 | 241 | - `output_path` (`string`) - The path to create the zip archive. If this path 242 | already exists, it will be overwritten. All files in `source` will be copied 243 | into the root of the zip archive. 244 | 245 | Notarization-only mode: 246 | 247 | - `notarize` (_optional_) - Settings for notarizing already built files. 248 | This is an alternative to using the `source` option. This option can be 249 | repeated to notarize multiple files. 250 | 251 | - `path` (`string`) - The path to the file to notarize. This must be 252 | one of Apple's supported file types for notarization: dmg, pkg, app, or 253 | zip. 254 | 255 | - `bundle_id` (`string`) - The bundle ID to use for this notarization. 256 | This is used instead of the top-level `bundle_id` (which controls the 257 | value for source-based runs). 258 | 259 | - `staple` (`bool` _optional_) - Controls if `stapler staple` should run 260 | if notarization succeeds. This should only be set for filetypes that 261 | support it (dmg, pkg, or app). 262 | 263 | ### Notarization-Only Configuration 264 | 265 | You can configure `gon` to notarize already-signed files. This is useful 266 | if you're integrating `gon` into an existing build pipeline that may already 267 | support creation of pkg, app, etc. files. 268 | 269 | Because notarization requires the payload of packages to also be signed, this 270 | mode assumes that you have codesigned the payload as well as the package 271 | itself. `gon` _will not_ sign your package in the `notarize` blocks. 272 | Please do not confuse this with when `source` is set and `gon` itself 273 | _creates_ your packages, in which case it will also sign them. 274 | 275 | You can use this in addition to specifying `source` as well. In this case, 276 | we will codesign & package the files specified in `source` and then notarize 277 | those results as well as those in `notarize` blocks. 278 | 279 | Example in HCL and then the identical configuration in JSON: 280 | 281 | ```hcl 282 | notarize { 283 | path = "/path/to/example.pkg" 284 | bundle_id = "com.bearer.example" 285 | staple = true 286 | } 287 | 288 | apple_id { 289 | username = "bearer@example.com" 290 | } 291 | ``` 292 | 293 | ```json 294 | { 295 | "notarize": [{ 296 | "path": "/path/to/example.pkg", 297 | "bundle_id": "com.bearer.example", 298 | "staple": true 299 | }], 300 | 301 | "apple_id": { 302 | "username": "bearer@example.com", 303 | } 304 | } 305 | ``` 306 | 307 | Note you may specify multiple `notarize` blocks to notarize multipel files 308 | concurrently. 309 | 310 | ### Processing Time 311 | 312 | The notarization process requires submitting your package(s) to Apple 313 | and waiting for them to scan them. Apple provides no public SLA as far as I 314 | can tell. 315 | 316 | In developing `gon` and working with the notarization process, I've 317 | found the process to be fast on average (< 10 minutes) but in some cases 318 | notarization requests have been queued for an hour or more. 319 | 320 | `gon` will output status updates as it goes, and will wait indefinitely 321 | for notarization to complete. If `gon` is interrupted, you can check the 322 | status of a request yourself using the request UUID that `gon` outputs 323 | after submission. 324 | 325 | ### Using within Automation 326 | 327 | `gon` is built to support running within automated environments such 328 | as CI pipelines. In this environment, you should use JSON configuration 329 | files with `gon` and the `-log-json` flag to get structured logging 330 | output. 331 | 332 | #### Machine-Readable Output 333 | 334 | `gon` always outputs human-readable output on stdout (including errors) 335 | and all log output on stderr. By specifying `-log-json` the log entries 336 | will be structured with JSON. You can process the stream of JSON using 337 | a tool such as `jq` or any scripting language to extract critical information 338 | such as the request UUID, status, and more. 339 | 340 | When `gon` is run in an environment with no TTY, the human output will 341 | not be colored. This makes it friendlier for output logs. 342 | 343 | Example: 344 | 345 | gon -log-level=info -log-json ./config.hcl 346 | 347 | ... 348 | 349 | **Note you must specify _both_ `-log-level` and `-log-json`.** The 350 | `-log-level` flag enables logging in general. An `info` level is enough 351 | in automation environments to get all the information you'd want. 352 | 353 | #### Prompts 354 | 355 | On first-run may be prompted multiple times for passwords. If you 356 | click "Always Allow" then you will not be prompted again. These prompts 357 | are originating from Apple software that `gon` is subprocessing, and not 358 | from `gon` itself. 359 | 360 | I do not currently know how to script the approvals, so the recommendation 361 | on build machines is to run `gon` manually once. If anyone finds a way to 362 | automate this please open an issue, let me know, and I'll update this README. 363 | 364 | ## Usage with GoReleaser 365 | 366 | [GoReleaser](https://goreleaser.com) is a popular full featured release 367 | automation tool for Go-based projects. Gon can be used with GoReleaser to 368 | augment the signing step to notarize your binaries as part of a GoReleaser 369 | pipeline. 370 | 371 | Here is an example GoReleaser configuration to sign your binaries: 372 | 373 | ```yaml 374 | builds: 375 | - binary: foo 376 | id: foo 377 | goos: 378 | - linux 379 | - windows 380 | goarch: 381 | - amd64 382 | # notice that we need a separated build for the macos binary only: 383 | - binary: foo 384 | id: foo-macos 385 | goos: 386 | - darwin 387 | goarch: 388 | - amd64 389 | signs: 390 | - signature: "${artifact}.dmg" 391 | ids: 392 | - foo-macos # here we filter the macos only build id 393 | # you'll need to have gon on PATH 394 | cmd: gon 395 | # you can follow the gon docs to properly create the gon.hcl config file: 396 | # https://github.com/Bearer/gon 397 | args: 398 | - gon.hcl 399 | artifacts: all 400 | ``` 401 | 402 | To learn more, see the [GoReleaser documentation](https://goreleaser.com/customization/#Signing). 403 | 404 | ## Go Library 405 | 406 | [![Godoc](https://godoc.org/github.com/bearer/gon?status.svg)](https://godoc.org/github.com/bearer/gon) 407 | 408 | We also expose a supported API for signing, packaging, and notarizing 409 | files using the Go programming language. Please see the linked Go documentation 410 | for more details. 411 | 412 | The libraries exposed are purposely lower level and separate out the sign, 413 | package, notarization, and stapling steps. This lets you integrate this 414 | functionality into any tooling easily vs. having an opinionated `gon`-CLI 415 | experience. 416 | 417 | ## Troubleshooting 418 | 419 | ### "We are unable to create an authentication session. (-22016)" 420 | 421 | You likely have Apple 2FA enabled. You'll need to [generate an application password](https://appleid.apple.com/account/manage) and use that instead of your Apple ID password. 422 | 423 | ## Credits 424 | 425 | [gon]([url](https://github.com/mitchellh/gon)) was originally created by [@mitchellh](https://github.com/mitchellh). 426 | This is a maintained fork of the original library. 427 | 428 | Read more about the reasons for the fork [here](https://github.com/mitchellh/gon/commit/2d4f161ccecd1aae878f4416d5ccd622b1b01fdb). 429 | 430 | ## License 431 | 432 | The project is licensed under the [MIT License](LICENSE). 433 | -------------------------------------------------------------------------------- /vendor/create-dmg/create-dmg: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Create a read-only disk image of the contents of a folder 4 | 5 | # Bail out on any unhandled errors 6 | set -e; 7 | # Any command that exits with non-zero code will cause the pipeline to fail 8 | set -o pipefail; 9 | 10 | CDMG_VERSION='1.2.1' 11 | 12 | # The full path to the "support/" directory this script is using 13 | # (This will be set up by code later in the script.) 14 | CDMG_SUPPORT_DIR="" 15 | 16 | OS_FULL_VERSION="$(sw_vers | sed -n 2p | cut -d : -f 2 | tr -d '[:space:]' | cut -c1-)" 17 | OS_MAJOR_VERSION="$(echo $OS_FULL_VERSION | cut -d . -f 1)" 18 | OS_MINOR_VERSION="$(echo $OS_FULL_VERSION | cut -d . -f 2)" 19 | WINX=10 20 | WINY=60 21 | WINW=500 22 | WINH=350 23 | ICON_SIZE=128 24 | TEXT_SIZE=16 25 | FORMAT="UDZO" 26 | FILESYSTEM="HFS+" 27 | ADD_FILE_SOURCES=() 28 | ADD_FILE_TARGETS=() 29 | IMAGEKEY="" 30 | HDIUTIL_VERBOSITY="" 31 | SANDBOX_SAFE=0 32 | BLESS=0 33 | SKIP_JENKINS=0 34 | MAXIMUM_UNMOUNTING_ATTEMPTS=3 35 | SIGNATURE="" 36 | NOTARIZE="" 37 | 38 | function pure_version() { 39 | echo "$CDMG_VERSION" 40 | } 41 | 42 | function hdiutil_detach_retry() { 43 | # Unmount 44 | unmounting_attempts=0 45 | until 46 | echo "Unmounting disk image..." 47 | (( unmounting_attempts++ )) 48 | hdiutil detach "$1" 49 | exit_code=$? 50 | (( exit_code == 0 )) && break # nothing goes wrong 51 | (( exit_code != 16 )) && exit $exit_code # exit with the original exit code 52 | # The above statement returns 1 if test failed (exit_code == 16). 53 | # It can make the code in the {do... done} block to be executed 54 | do 55 | (( unmounting_attempts == MAXIMUM_UNMOUNTING_ATTEMPTS )) && exit 16 # patience exhausted, exit with code EBUSY 56 | echo "Wait a moment..." 57 | sleep $(( 1 * (2 ** unmounting_attempts) )) 58 | done 59 | unset unmounting_attempts 60 | } 61 | 62 | function version() { 63 | echo "create-dmg $(pure_version)" 64 | } 65 | 66 | function usage() { 67 | version 68 | cat < 73 | 74 | All contents of will be copied into the disk image. 75 | 76 | Options: 77 | --volname 78 | set volume name (displayed in the Finder sidebar and window title) 79 | --volicon 80 | set volume icon 81 | --background 82 | set folder background image (provide png, gif, or jpg) 83 | --window-pos 84 | set position the folder window 85 | --window-size 86 | set size of the folder window 87 | --text-size 88 | set window text size (10-16) 89 | --icon-size 90 | set window icons size (up to 128) 91 | --icon file_name 92 | set position of the file's icon 93 | --hide-extension 94 | hide the extension of file 95 | --app-drop-link 96 | make a drop link to Applications, at location x,y 97 | --ql-drop-link 98 | make a drop link to user QuickLook install dir, at location x,y 99 | --eula 100 | attach a license file to the dmg (plain text or RTF) 101 | --no-internet-enable 102 | disable automatic mount & copy 103 | --format 104 | specify the final disk image format (UDZO|UDBZ|ULFO|ULMO) (default is UDZO) 105 | --filesystem 106 | specify the disk image filesystem (HFS+|APFS) (default is HFS+, APFS supports macOS 10.13 or newer) 107 | --encrypt 108 | enable encryption for the resulting disk image (AES-256 - you will be prompted for password) 109 | --encrypt-aes128 110 | enable encryption for the resulting disk image (AES-128 - you will be prompted for password) 111 | --add-file | 112 | add additional file or folder (can be used multiple times) 113 | --disk-image-size 114 | set the disk image size manually to x MB 115 | --hdiutil-verbose 116 | execute hdiutil in verbose mode 117 | --hdiutil-quiet 118 | execute hdiutil in quiet mode 119 | --bless 120 | bless the mount folder (deprecated, needs macOS 12.2.1 or older) 121 | --codesign 122 | codesign the disk image with the specified signature 123 | --notarize 124 | notarize the disk image (waits and staples) with the keychain stored credentials 125 | --sandbox-safe 126 | execute hdiutil with sandbox compatibility and do not bless (not supported for APFS disk images) 127 | --version 128 | show create-dmg version number 129 | -h, --help 130 | display this help screen 131 | 132 | EOHELP 133 | exit 0 134 | } 135 | 136 | # factors can cause interstitial disk images to contain more than a single 137 | # partition - expand the hunt for the temporary disk image by checking for 138 | # the path of the volume, versus assuming its the first result (as in pr/152). 139 | function find_mount_dir() { 140 | local dev_name="${1}" 141 | 142 | >&2 echo "Searching for mounted interstitial disk image using ${dev_name}... " 143 | # enumerate up to 9 partitions 144 | for i in {1..9}; do 145 | # attempt to find the partition 146 | local found_dir 147 | found_dir=$(hdiutil info | grep -E --color=never "${dev_name}" | head -${i} | awk '{print $3}') 148 | if [[ -n "${found_dir}" ]]; then 149 | echo "${found_dir}" 150 | return 0 151 | fi 152 | done 153 | } 154 | 155 | # Argument parsing 156 | 157 | while [[ "${1:0:1}" = "-" ]]; do 158 | case $1 in 159 | --volname) 160 | VOLUME_NAME="$2" 161 | shift; shift;; 162 | --volicon) 163 | VOLUME_ICON_FILE="$2" 164 | shift; shift;; 165 | --background) 166 | BACKGROUND_FILE="$2" 167 | BACKGROUND_FILE_NAME="$(basename "$BACKGROUND_FILE")" 168 | BACKGROUND_CLAUSE="set background picture of opts to file \".background:$BACKGROUND_FILE_NAME\"" 169 | REPOSITION_HIDDEN_FILES_CLAUSE="set position of every item to {theBottomRightX + 100, 100}" 170 | shift; shift;; 171 | --icon-size) 172 | ICON_SIZE="$2" 173 | shift; shift;; 174 | --text-size) 175 | TEXT_SIZE="$2" 176 | shift; shift;; 177 | --window-pos) 178 | WINX=$2; WINY=$3 179 | shift; shift; shift;; 180 | --window-size) 181 | WINW=$2; WINH=$3 182 | shift; shift; shift;; 183 | --icon) 184 | POSITION_CLAUSE="${POSITION_CLAUSE}set position of item \"$2\" to {$3, $4} 185 | " 186 | shift; shift; shift; shift;; 187 | --hide-extension) 188 | HIDING_CLAUSE="${HIDING_CLAUSE}set the extension hidden of item \"$2\" to true 189 | " 190 | shift; shift;; 191 | -h | --help) 192 | usage;; 193 | --version) 194 | version; exit 0;; 195 | --pure-version) 196 | pure_version; exit 0;; 197 | --ql-drop-link) 198 | QL_LINK=$2 199 | QL_CLAUSE="set position of item \"QuickLook\" to {$2, $3} 200 | " 201 | shift; shift; shift;; 202 | --app-drop-link) 203 | APPLICATION_LINK=$2 204 | APPLICATION_CLAUSE="set position of item \"Applications\" to {$2, $3} 205 | " 206 | shift; shift; shift;; 207 | --eula) 208 | EULA_RSRC=$2 209 | shift; shift;; 210 | --no-internet-enable) 211 | NOINTERNET=1 212 | shift;; 213 | --format) 214 | FORMAT="$2" 215 | shift; shift;; 216 | --filesystem) 217 | FILESYSTEM="$2" 218 | shift; shift;; 219 | --encrypt) 220 | ENABLE_ENCRYPTION=1 221 | AESBITS=256 222 | shift;; 223 | --encrypt-aes128) 224 | ENABLE_ENCRYPTION=1 225 | AESBITS=128 226 | shift;; 227 | --add-file | --add-folder) 228 | ADD_FILE_TARGETS+=("$2") 229 | ADD_FILE_SOURCES+=("$3") 230 | POSITION_CLAUSE="${POSITION_CLAUSE} 231 | set position of item \"$2\" to {$4, $5} 232 | " 233 | shift; shift; shift; shift; shift;; 234 | --disk-image-size) 235 | DISK_IMAGE_SIZE="$2" 236 | shift; shift;; 237 | --hdiutil-verbose) 238 | HDIUTIL_VERBOSITY='-verbose' 239 | shift;; 240 | --hdiutil-quiet) 241 | HDIUTIL_VERBOSITY='-quiet' 242 | shift;; 243 | --codesign) 244 | SIGNATURE="$2" 245 | shift; shift;; 246 | --notarize) 247 | NOTARIZE="$2" 248 | shift; shift;; 249 | --sandbox-safe) 250 | SANDBOX_SAFE=1 251 | shift;; 252 | --bless) 253 | BLESS=1 254 | shift;; 255 | --rez) 256 | echo "REZ is no more directly used. You can remove the --rez argument." 257 | shift; shift;; 258 | --skip-jenkins) 259 | SKIP_JENKINS=1 260 | shift;; 261 | -*) 262 | echo "Unknown option: $1. Run 'create-dmg --help' for help." 263 | exit 1;; 264 | esac 265 | case $FORMAT in 266 | UDZO) 267 | IMAGEKEY="-imagekey zlib-level=9";; 268 | UDBZ) 269 | IMAGEKEY="-imagekey bzip2-level=9";; 270 | ULFO) 271 | ;; 272 | ULMO) 273 | ;; 274 | *) 275 | echo >&2 "Unknown disk image format: $FORMAT" 276 | exit 1;; 277 | esac 278 | done 279 | 280 | if [[ -z "$2" ]]; then 281 | echo "Not enough arguments. Run 'create-dmg --help' for help." 282 | exit 1 283 | fi 284 | 285 | DMG_PATH="$1" 286 | SRC_FOLDER="$(cd "$2" > /dev/null; pwd)" 287 | 288 | # Argument validation checks 289 | 290 | if [[ "${DMG_PATH: -4}" != ".dmg" ]]; then 291 | echo "Output file name must end with a .dmg extension. Run 'create-dmg --help' for help." 292 | exit 1 293 | fi 294 | 295 | if [[ "${FILESYSTEM}" != "HFS+" ]] && [[ "${FILESYSTEM}" != "APFS" ]]; then 296 | echo "Unknown disk image filesystem: ${FILESYSTEM}. Run 'create-dmg --help' for help." 297 | exit 1 298 | fi 299 | 300 | if [[ "${FILESYSTEM}" == "APFS" ]] && [[ ${SANDBOX_SAFE} -eq 1 ]]; then 301 | echo "Creating an APFS disk image that is sandbox safe is not supported." 302 | exit 1 303 | fi 304 | 305 | # Main script logic 306 | 307 | SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" 308 | DMG_DIRNAME="$(dirname "$DMG_PATH")" 309 | DMG_DIR="$(cd "$DMG_DIRNAME" > /dev/null; pwd)" 310 | DMG_NAME="$(basename "$DMG_PATH")" 311 | DMG_TEMP_NAME="$DMG_DIR/rw.$$.${DMG_NAME}" 312 | 313 | # Detect where we're running from 314 | 315 | sentinel_file="$SCRIPT_DIR/.this-is-the-create-dmg-repo" 316 | if [[ -f "$sentinel_file" ]]; then 317 | # We're running from inside a repo 318 | CDMG_SUPPORT_DIR="$SCRIPT_DIR/support" 319 | else 320 | # We're running inside an installed location 321 | bin_dir="$SCRIPT_DIR" 322 | prefix_dir=$(dirname "$bin_dir") 323 | CDMG_SUPPORT_DIR="$prefix_dir/share/create-dmg/support" 324 | fi 325 | 326 | if [[ -z "$VOLUME_NAME" ]]; then 327 | VOLUME_NAME="$(basename "$DMG_PATH" .dmg)" 328 | fi 329 | 330 | if [[ ! -d "$CDMG_SUPPORT_DIR" ]]; then 331 | echo >&2 "Cannot find support/ directory: expected at: $CDMG_SUPPORT_DIR" 332 | exit 1 333 | fi 334 | 335 | if [[ -f "$SRC_FOLDER/.DS_Store" ]]; then 336 | echo "Deleting .DS_Store found in source folder" 337 | rm "$SRC_FOLDER/.DS_Store" 338 | fi 339 | 340 | # Create the image 341 | echo "Creating disk image..." 342 | if [[ -f "${DMG_TEMP_NAME}" ]]; then 343 | rm -f "${DMG_TEMP_NAME}" 344 | fi 345 | 346 | # Use Megabytes since hdiutil fails with very large byte numbers 347 | function blocks_to_megabytes() { 348 | # Add 1 extra MB, since there's no decimal retention here 349 | MB_SIZE=$((($1 * 512 / 1000 / 1000) + 1)) 350 | echo $MB_SIZE 351 | } 352 | 353 | function get_size() { 354 | # Get block size in disk 355 | if [[ $OS_MAJOR_VERSION -ge 12 ]]; then 356 | bytes_size=$(du -B 512 -s "$1") 357 | else 358 | bytes_size=$(du -s "$1") 359 | fi 360 | bytes_size=$(echo $bytes_size | sed -e 's/ .*//g') 361 | echo $(blocks_to_megabytes $bytes_size) 362 | } 363 | 364 | # Create the DMG with the specified size or the hdiutil estimation 365 | CUSTOM_SIZE='' 366 | if [[ -n "$DISK_IMAGE_SIZE" ]]; then 367 | CUSTOM_SIZE="-size ${DISK_IMAGE_SIZE}m" 368 | fi 369 | 370 | if [[ $SANDBOX_SAFE -eq 0 ]]; then 371 | if [[ "$FILESYSTEM" == "APFS" ]]; then 372 | FILESYSTEM_ARGUMENTS="" 373 | else 374 | FILESYSTEM_ARGUMENTS="-c c=64,a=16,e=16" 375 | fi 376 | hdiutil create ${HDIUTIL_VERBOSITY} -srcfolder "$SRC_FOLDER" -volname "${VOLUME_NAME}" \ 377 | -fs "${FILESYSTEM}" -fsargs "${FILESYSTEM_ARGUMENTS}" -format UDRW ${CUSTOM_SIZE} "${DMG_TEMP_NAME}" 378 | else 379 | hdiutil makehybrid ${HDIUTIL_VERBOSITY} -default-volume-name "${VOLUME_NAME}" -hfs -o "${DMG_TEMP_NAME}" "$SRC_FOLDER" 380 | hdiutil convert -format UDRW -ov -o "${DMG_TEMP_NAME}" "${DMG_TEMP_NAME}" 381 | DISK_IMAGE_SIZE_CUSTOM=$DISK_IMAGE_SIZE 382 | fi 383 | 384 | # Get the created DMG actual size 385 | DISK_IMAGE_SIZE=$(get_size "${DMG_TEMP_NAME}") 386 | 387 | # Use the custom size if bigger 388 | if [[ $SANDBOX_SAFE -eq 1 ]] && [[ ! -z "$DISK_IMAGE_SIZE_CUSTOM" ]] && [[ $DISK_IMAGE_SIZE_CUSTOM -gt $DISK_IMAGE_SIZE ]]; then 389 | DISK_IMAGE_SIZE=$DISK_IMAGE_SIZE_CUSTOM 390 | fi 391 | 392 | # Estimate the additional sources size 393 | if [[ -n "$ADD_FILE_SOURCES" ]]; then 394 | for i in "${!ADD_FILE_SOURCES[@]}"; do 395 | SOURCE_SIZE=$(get_size "${ADD_FILE_SOURCES[$i]}") 396 | DISK_IMAGE_SIZE=$(expr $DISK_IMAGE_SIZE + $SOURCE_SIZE) 397 | done 398 | fi 399 | 400 | # Add extra space for additional resources 401 | DISK_IMAGE_SIZE=$(expr $DISK_IMAGE_SIZE + 20) 402 | 403 | # Make sure target image size is within limits 404 | MIN_DISK_IMAGE_SIZE=$(hdiutil resize -limits "${DMG_TEMP_NAME}" | awk 'NR=1{print int($1/2048+1)}') 405 | if [ $MIN_DISK_IMAGE_SIZE -gt $DISK_IMAGE_SIZE ]; then 406 | DISK_IMAGE_SIZE=$MIN_DISK_IMAGE_SIZE 407 | fi 408 | 409 | # Resize the image for the extra stuff 410 | hdiutil resize ${HDIUTIL_VERBOSITY} -size ${DISK_IMAGE_SIZE}m "${DMG_TEMP_NAME}" 411 | 412 | # Mount the new DMG 413 | 414 | echo "Mounting disk image..." 415 | 416 | MOUNT_RANDOM_PATH="/Volumes" 417 | if [[ $SANDBOX_SAFE -eq 1 ]]; then 418 | MOUNT_RANDOM_PATH="/tmp" 419 | fi 420 | DEV_NAME=$(hdiutil attach -mountrandom ${MOUNT_RANDOM_PATH} -readwrite -noverify -noautoopen -nobrowse "${DMG_TEMP_NAME}" | grep -E --color=never '^/dev/' | sed 1q | awk '{print $1}') 421 | echo "Device name: $DEV_NAME" 422 | MOUNT_DIR=$(find_mount_dir "${DEV_NAME}s") 423 | 424 | if [[ -z "${MOUNT_DIR}" ]]; then 425 | >&2 echo "ERROR: unable to proceed with final disk image creation because the interstitial disk image was not found." 426 | >&2 echo "The interstitial disk image will likely be mounted and will need to be cleaned up manually." 427 | exit 1 428 | fi 429 | 430 | echo "Mount dir: $MOUNT_DIR" 431 | 432 | if [[ -n "$BACKGROUND_FILE" ]]; then 433 | echo "Copying background file '$BACKGROUND_FILE'..." 434 | [[ -d "$MOUNT_DIR/.background" ]] || mkdir "$MOUNT_DIR/.background" 435 | cp "$BACKGROUND_FILE" "$MOUNT_DIR/.background/$BACKGROUND_FILE_NAME" 436 | fi 437 | 438 | if [[ -n "$APPLICATION_LINK" ]]; then 439 | echo "Making link to Applications dir..." 440 | echo $MOUNT_DIR 441 | ln -s /Applications "$MOUNT_DIR/Applications" 442 | fi 443 | 444 | if [[ -n "$QL_LINK" ]]; then 445 | echo "Making link to QuickLook install dir..." 446 | echo $MOUNT_DIR 447 | ln -s "/Library/QuickLook" "$MOUNT_DIR/QuickLook" 448 | fi 449 | 450 | if [[ -n "$VOLUME_ICON_FILE" ]]; then 451 | echo "Copying volume icon file '$VOLUME_ICON_FILE'..." 452 | cp "$VOLUME_ICON_FILE" "$MOUNT_DIR/.VolumeIcon.icns" 453 | SetFile -c icnC "$MOUNT_DIR/.VolumeIcon.icns" 454 | fi 455 | 456 | if [[ -n "$ADD_FILE_SOURCES" ]]; then 457 | echo "Copying custom files..." 458 | for i in "${!ADD_FILE_SOURCES[@]}"; do 459 | echo "${ADD_FILE_SOURCES[$i]}" 460 | cp -a "${ADD_FILE_SOURCES[$i]}" "$MOUNT_DIR/${ADD_FILE_TARGETS[$i]}" 461 | done 462 | fi 463 | 464 | VOLUME_NAME=$(basename $MOUNT_DIR) 465 | 466 | # Run AppleScript to do all the Finder cosmetic stuff 467 | APPLESCRIPT_FILE=$(mktemp -t createdmg.tmp.XXXXXXXXXX) 468 | if [[ $SANDBOX_SAFE -eq 1 ]]; then 469 | echo "Skipping Finder-prettifying AppleScript because we are in Sandbox..." 470 | else 471 | if [[ $SKIP_JENKINS -eq 0 ]]; then 472 | cat "$CDMG_SUPPORT_DIR/template.applescript" \ 473 | | sed -e "s/WINX/$WINX/g" -e "s/WINY/$WINY/g" -e "s/WINW/$WINW/g" \ 474 | -e "s/WINH/$WINH/g" -e "s/BACKGROUND_CLAUSE/$BACKGROUND_CLAUSE/g" \ 475 | -e "s/REPOSITION_HIDDEN_FILES_CLAUSE/$REPOSITION_HIDDEN_FILES_CLAUSE/g" \ 476 | -e "s/ICON_SIZE/$ICON_SIZE/g" -e "s/TEXT_SIZE/$TEXT_SIZE/g" \ 477 | | perl -pe "s/POSITION_CLAUSE/$POSITION_CLAUSE/g" \ 478 | | perl -pe "s/QL_CLAUSE/$QL_CLAUSE/g" \ 479 | | perl -pe "s/APPLICATION_CLAUSE/$APPLICATION_CLAUSE/g" \ 480 | | perl -pe "s/HIDING_CLAUSE/$HIDING_CLAUSE/" \ 481 | > "$APPLESCRIPT_FILE" 482 | sleep 2 # pause to workaround occasional "Can’t get disk" (-1728) issues 483 | echo "Running AppleScript to make Finder stuff pretty: /usr/bin/osascript \"${APPLESCRIPT_FILE}\" \"${VOLUME_NAME}\"" 484 | if /usr/bin/osascript "${APPLESCRIPT_FILE}" "${VOLUME_NAME}"; then 485 | # Okay, we're cool 486 | true 487 | else 488 | echo >&2 "Failed running AppleScript" 489 | hdiutil_detach_retry "${DEV_NAME}" 490 | exit 64 491 | fi 492 | echo "Done running the AppleScript..." 493 | sleep 4 494 | rm "$APPLESCRIPT_FILE" 495 | fi 496 | fi 497 | 498 | # Make sure it's not world writeable 499 | echo "Fixing permissions..." 500 | chmod -Rf go-w "${MOUNT_DIR}" &> /dev/null || true 501 | echo "Done fixing permissions" 502 | 503 | # Make the top window open itself on mount: 504 | if [[ $BLESS -eq 1 && $SANDBOX_SAFE -eq 0 ]]; then 505 | echo "Blessing started" 506 | if [ $(uname -m) == "arm64" ]; then 507 | bless --folder "${MOUNT_DIR}" 508 | else 509 | bless --folder "${MOUNT_DIR}" --openfolder "${MOUNT_DIR}" 510 | fi 511 | echo "Blessing finished" 512 | else 513 | echo "Skipping blessing on sandbox" 514 | fi 515 | 516 | if [[ -n "$VOLUME_ICON_FILE" ]]; then 517 | # Tell the volume that it has a special file attribute 518 | SetFile -a C "$MOUNT_DIR" 519 | fi 520 | 521 | # Delete unnecessary file system events log if possible 522 | echo "Deleting .fseventsd" 523 | rm -rf "${MOUNT_DIR}/.fseventsd" || true 524 | 525 | hdiutil_detach_retry "${DEV_NAME}" 526 | 527 | # Compress image and optionally encrypt 528 | if [[ $ENABLE_ENCRYPTION -eq 0 ]]; then 529 | echo "Compressing disk image..." 530 | hdiutil convert ${HDIUTIL_VERBOSITY} "${DMG_TEMP_NAME}" -format ${FORMAT} ${IMAGEKEY} -o "${DMG_DIR}/${DMG_NAME}" 531 | else 532 | echo "Compressing and encrypting disk image..." 533 | echo "NOTE: hdiutil will only prompt a single time for a password - ensure entry is correct." 534 | hdiutil convert ${HDIUTIL_VERBOSITY} "${DMG_TEMP_NAME}" -format ${FORMAT} ${IMAGEKEY} -encryption AES-${AESBITS} -stdinpass -o "${DMG_DIR}/${DMG_NAME}" 535 | fi 536 | rm -f "${DMG_TEMP_NAME}" 537 | 538 | # Adding EULA resources 539 | if [[ -n "${EULA_RSRC}" && "${EULA_RSRC}" != "-null-" ]]; then 540 | echo "Adding EULA resources..." 541 | # 542 | # Use udifrez instead flatten/rez/unflatten 543 | # https://github.com/create-dmg/create-dmg/issues/109 544 | # 545 | # Based on a thread from dawn2dusk & peterguy 546 | # https://developer.apple.com/forums/thread/668084 547 | # 548 | EULA_RESOURCES_FILE=$(mktemp -t createdmg.tmp.XXXXXXXXXX) 549 | EULA_FORMAT=$(file -b ${EULA_RSRC}) 550 | if [[ ${EULA_FORMAT} == 'Rich Text Format data'* ]] ; then 551 | EULA_FORMAT='RTF ' 552 | else 553 | EULA_FORMAT='TEXT' 554 | fi 555 | # Encode the EULA to base64 556 | # Replace 'openssl base64' with 'base64' if Mac OS X 10.6 support is no more needed 557 | # EULA_DATA="$(base64 -b 52 "${EULA_RSRC}" | sed s$'/^\(.*\)$/\t\t\t\\1/')" 558 | EULA_DATA="$(openssl base64 -in "${EULA_RSRC}" | tr -d '\n' | awk '{gsub(/.{52}/,"&\n")}1' | sed s$'/^\(.*\)$/\t\t\t\\1/')" 559 | # Fill the template with the custom EULA contents 560 | eval "cat > \"${EULA_RESOURCES_FILE}\" </dev/null 2>/dev/null; then 579 | hdiutil internet-enable -yes "${DMG_DIR}/${DMG_NAME}" 580 | else 581 | echo "hdiutil does not support internet-enable. Note it was removed in macOS 10.15." 582 | fi 583 | fi 584 | 585 | if [[ -n "${SIGNATURE}" && "${SIGNATURE}" != "-null-" ]]; then 586 | echo "Codesign started" 587 | codesign -s "${SIGNATURE}" "${DMG_DIR}/${DMG_NAME}" 588 | dmgsignaturecheck="$(codesign --verify --deep --verbose=2 --strict "${DMG_DIR}/${DMG_NAME}" 2>&1 >/dev/null)" 589 | if [ $? -eq 0 ]; then 590 | echo "The disk image is now codesigned" 591 | else 592 | echo "The signature seems invalid${NC}" 593 | exit 1 594 | fi 595 | fi 596 | 597 | if [[ -n "${NOTARIZE}" && "${NOTARIZE}" != "-null-" ]]; then 598 | echo "Notarization started" 599 | xcrun notarytool submit "${DMG_DIR}/${DMG_NAME}" --keychain-profile "${NOTARIZE}" --wait 600 | echo "Stapling the notarization ticket" 601 | staple="$(xcrun stapler staple "${DMG_DIR}/${DMG_NAME}")" 602 | if [ $? -eq 0 ]; then 603 | echo "The disk image is now notarized" 604 | else 605 | echo "$staple" 606 | echo "The notarization failed with error $?" 607 | exit 1 608 | fi 609 | fi 610 | 611 | # All done! 612 | echo "Disk image done" 613 | exit 0 614 | -------------------------------------------------------------------------------- /internal/createdmg/bindata/bindata.go: -------------------------------------------------------------------------------- 1 | // Code generated by go-bindata. DO NOT EDIT. 2 | // sources: 3 | // ../../../vendor/create-dmg/LICENSE (1.12kB) 4 | // ../../../vendor/create-dmg/Makefile (885B) 5 | // ../../../vendor/create-dmg/README.md (5.923kB) 6 | // ../../../vendor/create-dmg/builder/create-dmg.builder (516B) 7 | // ../../../vendor/create-dmg/create-dmg (18.411kB) 8 | // ../../../vendor/create-dmg/doc-project/Developer Notes.md (1.412kB) 9 | // ../../../vendor/create-dmg/doc-project/Release Checklist.md (325B) 10 | // ../../../vendor/create-dmg/support/eula-resources-template.xml (2.372kB) 11 | // ../../../vendor/create-dmg/support/template.applescript (1.828kB) 12 | // ../../../vendor/create-dmg/.this-is-the-create-dmg-repo (128B) 13 | 14 | package bindata 15 | 16 | import ( 17 | "bytes" 18 | "compress/gzip" 19 | "crypto/sha256" 20 | "fmt" 21 | "io" 22 | "io/ioutil" 23 | "os" 24 | "path/filepath" 25 | "strings" 26 | "time" 27 | ) 28 | 29 | func bindataRead(data []byte, name string) ([]byte, error) { 30 | gz, err := gzip.NewReader(bytes.NewBuffer(data)) 31 | if err != nil { 32 | return nil, fmt.Errorf("read %q: %v", name, err) 33 | } 34 | 35 | var buf bytes.Buffer 36 | _, err = io.Copy(&buf, gz) 37 | clErr := gz.Close() 38 | 39 | if err != nil { 40 | return nil, fmt.Errorf("read %q: %v", name, err) 41 | } 42 | if clErr != nil { 43 | return nil, err 44 | } 45 | 46 | return buf.Bytes(), nil 47 | } 48 | 49 | type asset struct { 50 | bytes []byte 51 | info os.FileInfo 52 | digest [sha256.Size]byte 53 | } 54 | 55 | type bindataFileInfo struct { 56 | name string 57 | size int64 58 | mode os.FileMode 59 | modTime time.Time 60 | } 61 | 62 | func (fi bindataFileInfo) Name() string { 63 | return fi.name 64 | } 65 | func (fi bindataFileInfo) Size() int64 { 66 | return fi.size 67 | } 68 | func (fi bindataFileInfo) Mode() os.FileMode { 69 | return fi.mode 70 | } 71 | func (fi bindataFileInfo) ModTime() time.Time { 72 | return fi.modTime 73 | } 74 | func (fi bindataFileInfo) IsDir() bool { 75 | return false 76 | } 77 | func (fi bindataFileInfo) Sys() interface{} { 78 | return nil 79 | } 80 | 81 | var _license = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\x64\x52\x4d\x6f\xe3\x36\x14\xbc\xf3\x57\x0c\x72\x4a\x00\x35\x4d\x83\x1e\x8a\xde\x18\x8b\xb6\xd8\x4a\xa4\x41\xd1\xeb\xfa\x48\x4b\x74\xc4\x56\x26\x0d\x91\x5e\xc3\xff\xbe\xa0\xec\xec\x36\xdd\x93\x61\xbe\xf9\x78\x33\x4f\x7a\xb0\x68\xb8\x46\xed\x3a\xeb\xa3\xc5\x63\xc3\xf5\x13\x21\x8b\x70\xba\x4e\xee\x7d\x48\x78\xec\x9e\xf0\xfa\xf2\xf2\xdb\x4f\xaf\x2f\xbf\xfc\x0a\xea\xfb\xc9\x5e\xa1\xcd\x64\x7c\x8a\xe1\xeb\x0f\xc0\xd7\x97\x1b\xe6\x82\x3f\x8c\xff\xc7\x12\xb2\xb6\xd3\xd1\xc5\xe8\x82\x87\x8b\x18\xec\x64\xf7\x57\xbc\x67\xba\xed\x0b\x1c\x26\x6b\x11\x0e\xe8\x06\x33\xbd\xdb\x02\x29\xc0\xf8\x2b\x4e\x76\x8a\xc1\x23\xec\x93\x71\xde\xf9\x77\x18\x74\xe1\x74\x25\xe1\x80\x34\xb8\x88\x18\x0e\xe9\x62\x26\x0b\xe3\x7b\x98\x18\x43\xe7\x4c\xb2\x3d\xfa\xd0\x9d\x8f\xd6\x27\x93\xb2\xdf\xc1\x8d\x36\xe2\x31\x0d\x16\x0f\xed\x9d\xf1\xf0\x34\x9b\xf4\xd6\x8c\xc4\x79\xe4\xd9\xc7\x08\x17\x97\x86\x70\x4e\x98\x6c\x4c\x93\xeb\xb2\x46\x01\xe7\xbb\xf1\xdc\xe7\x1d\x3e\xc6\xa3\x3b\xba\xbb\x43\xa6\xcf\xe9\x23\x49\x01\xe7\x68\x8b\x79\xcf\x02\xc7\xd0\xbb\x43\xfe\xb5\x73\xac\xd3\x79\x3f\xba\x38\x14\xe8\x5d\x96\xde\x9f\x93\x2d\x10\xf3\xe3\xdc\x7a\x91\x73\xfc\x1c\x26\x44\x3b\x8e\xa4\x0b\x27\x67\x23\xe6\xac\xdf\xb7\x9b\x31\x79\xf5\x53\x2e\x34\xdd\x2b\x8a\xf9\xe5\x32\x84\xe3\xe7\x24\x2e\x92\xc3\x79\xf2\x2e\x0e\x76\xe6\xf4\x01\x31\xcc\x8e\x7f\xdb\x2e\xe5\x97\x0c\x3f\x84\x71\x0c\x97\x1c\xad\x0b\xbe\x77\x39\x51\xfc\x9d\x90\xfc\x49\x98\x7d\xf8\x6a\xe7\x2c\xb7\xe3\xfa\x90\x5c\x77\xab\x7b\x3e\xc0\xe9\xfb\x55\xef\xa3\x38\x98\x71\xc4\xde\xde\x0b\xb3\x3d\x9c\x87\xf9\x4f\x9c\x29\xdb\xc7\x64\x7c\x72\x66\xc4\x29\x4c\xb3\xdf\xff\x63\x3e\x13\xa2\x2b\x86\x56\x2e\xf5\x96\x2a\x06\xde\x62\xad\xe4\x17\x5e\xb2\x12\x0f\xb4\x05\x6f\x1f\x0a\x6c\xb9\xae\xe4\x46\x63\x4b\x95\xa2\x42\xef\x20\x97\xa0\x62\x87\x3f\xb9\x28\x0b\xb0\xbf\xd6\x8a\xb5\x2d\xa4\x22\xbc\x59\xd7\x9c\x95\x05\xb8\x58\xd4\x9b\x92\x8b\x15\xde\x36\x1a\x42\x6a\xd4\xbc\xe1\x9a\x95\xd0\x12\xd9\xf0\x2e\xc5\x59\x9b\xc5\x1a\xa6\x16\x15\x15\x9a\xbe\xf1\x9a\xeb\x5d\x41\x96\x5c\x8b\xac\xb9\x94\x0a\x14\x6b\xaa\x34\x5f\x6c\x6a\xaa\xb0\xde\xa8\xb5\x6c\x19\xa8\x28\x21\xa4\xe0\x62\xa9\xb8\x58\xb1\x86\x09\xfd\x0c\x2e\x20\x24\xd8\x17\x26\x34\xda\x8a\xd6\x75\xb6\x22\x74\xa3\x2b\xa9\xf2\x7e\x58\xc8\xf5\x4e\xf1\x55\xa5\x51\xc9\xba\x64\xaa\xc5\x1b\x43\xcd\xe9\x5b\xcd\x6e\x56\x62\x87\x45\x4d\x79\x53\xa0\xa4\x0d\x5d\xb1\x99\x25\x75\xc5\x14\xc9\xb0\xdb\x76\xd8\x56\x2c\x3f\x65\x3f\x2a\x40\x17\x9a\x4b\x91\x63\x2c\xa4\xd0\x8a\x2e\x74\x01\x2d\x95\xfe\x46\xdd\xf2\x96\x15\xa0\x8a\xb7\xb9\x90\xa5\x92\x4d\x41\x72\x9d\x72\x99\x21\x5c\x64\x9e\x60\x37\x95\x5c\x35\x3e\x5d\x44\xaa\xf9\xff\xa6\x65\xdf\x04\x51\x32\x5a\x73\xb1\x6a\x33\x39\x47\xfc\x00\x3f\x93\x7f\x03\x00\x00\xff\xff\xcc\xc1\xd1\x26\x60\x04\x00\x00") 82 | 83 | func licenseBytes() ([]byte, error) { 84 | return bindataRead( 85 | _license, 86 | "LICENSE", 87 | ) 88 | } 89 | 90 | func license() (*asset, error) { 91 | bytes, err := licenseBytes() 92 | if err != nil { 93 | return nil, err 94 | } 95 | 96 | info := bindataFileInfo{name: "LICENSE", size: 1120, mode: os.FileMode(0644), modTime: time.Unix(1712862222, 0)} 97 | a := &asset{bytes: bytes, info: info, digest: [32]uint8{0x4b, 0xdb, 0x61, 0xf5, 0xfa, 0xc6, 0x9f, 0xd5, 0xcc, 0x3, 0x8, 0x53, 0x5f, 0xec, 0xbc, 0x4f, 0x22, 0xbb, 0x75, 0xa3, 0xe6, 0x15, 0xad, 0xbd, 0x5d, 0x73, 0x92, 0x37, 0x2f, 0xa, 0xc, 0xc3}} 98 | return a, nil 99 | } 100 | 101 | var _makefile = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\x94\x51\x4d\xaf\xa2\x30\x14\x5d\x7b\x7f\xc5\x4d\x86\x05\x2c\xb0\x1b\x33\x0b\x13\x17\x8d\x12\x35\xe3\x57\x90\xcd\xac\x4c\x2d\x65\x24\x03\x94\xb4\x35\x4f\x63\xf8\xef\x2f\x20\xf5\x11\x62\xde\xd3\x5d\x73\xce\xb9\xe7\x9c\xde\xfb\x0b\xd7\xec\xbf\x48\xd2\x4c\x60\x22\x15\x4e\xe5\x87\x66\x57\x80\x1d\x9d\xfe\xa1\xf3\xe0\x10\xd1\x70\x43\xd7\x01\x4e\x90\x2b\xc1\x8c\xf0\xe3\xfc\x1f\x40\xa9\x44\x92\x5e\x70\x82\xe4\xac\x15\xc9\x24\x67\x19\x88\x8b\xe0\x87\x07\xe1\xdc\xee\xcf\x0a\x8e\x69\x11\xa7\xaa\x81\x3a\x92\x8a\x1c\xd3\x02\x62\x66\x98\x92\xd2\x58\x81\xe5\xf4\x89\x29\xd1\xb0\x96\xe9\x28\x2b\x88\x25\x7f\x86\x93\x58\x72\xe2\xdc\x7a\xd5\x2b\xd0\x57\xcd\x65\x91\xf4\x43\x84\xe1\x90\xb3\xba\xdc\xa4\xe7\x93\xb3\x02\xb4\x6a\x33\x86\x00\xfb\x45\xb0\x5a\xd5\xbf\x3d\xa6\x05\xd1\x27\x58\x6e\xf6\x11\x6d\x90\xb4\xd0\x86\x65\x99\x45\x0e\xbb\x70\x3b\x0f\xe9\xba\xce\x71\x5b\xcc\x7b\x90\x33\x1a\xd1\xa6\x41\x0b\x54\xe8\xe7\xf8\x7b\x34\x02\x18\xee\x16\xdb\xcd\xdf\xb1\xb5\xc3\x73\x61\x8d\xa1\x7d\x8c\xbb\xfb\x1f\x7c\x99\xa3\x1f\xa3\xe3\xce\x82\x7d\x34\x5b\x86\x9e\xe3\xde\x3f\xe7\x7d\x27\xb9\x1f\xa4\x2b\xb1\xb5\xbd\x4e\xc8\xb3\x11\xf2\x5a\x87\xf6\x6e\x1e\x71\xdc\xde\x2d\x3c\x18\xf0\x12\xfd\x10\xf5\xb9\x2c\xa5\x32\xef\x8e\x89\x0b\xcb\xcb\x4c\xe8\x77\xe7\x8c\xd0\xe6\xf5\x21\x78\xac\x7f\x0c\x03\x95\xa3\x9f\xfc\xb8\x8c\x5a\xa5\x92\x97\x13\x3e\x03\x00\x00\xff\xff\x96\x3e\x91\xa2\x75\x03\x00\x00") 102 | 103 | func makefileBytes() ([]byte, error) { 104 | return bindataRead( 105 | _makefile, 106 | "Makefile", 107 | ) 108 | } 109 | 110 | func makefile() (*asset, error) { 111 | bytes, err := makefileBytes() 112 | if err != nil { 113 | return nil, err 114 | } 115 | 116 | info := bindataFileInfo{name: "Makefile", size: 885, mode: os.FileMode(0644), modTime: time.Unix(1712862222, 0)} 117 | a := &asset{bytes: bytes, info: info, digest: [32]uint8{0xbd, 0xa7, 0xad, 0x61, 0x3, 0x5f, 0x45, 0xc6, 0x5c, 0x12, 0xeb, 0x9, 0xd0, 0x57, 0xac, 0x2e, 0xb2, 0xf3, 0x72, 0x3, 0x2d, 0xb5, 0x3f, 0xa8, 0xab, 0xcf, 0xb, 0x95, 0x6d, 0x3a, 0xca, 0xa8}} 118 | return a, nil 119 | } 120 | 121 | var _readmeMd = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\x9c\x58\x7d\x73\xdb\x36\xd2\xff\x9f\x9f\x62\xeb\xce\x34\x92\x1f\x91\xb2\xd5\x27\x2f\x4d\x7d\x99\xba\x97\xa4\xed\x8d\x73\xbe\xab\xe3\xe9\x5d\xed\x8e\x02\x11\x2b\x12\x11\x88\x65\x00\x50\x12\x33\xf9\xf0\x37\x0b\x90\x94\xe4\xd8\x9d\xcb\x65\x26\x23\x1a\xd8\xfd\xed\x62\x77\xb1\x2f\xc8\x2d\x0a\x8f\xa9\xac\x8a\xe4\x2f\xc3\xbf\x24\x39\x07\x57\xa2\xd6\xe0\x72\xab\x6a\x0f\x9e\x60\xd1\x28\x2d\x61\x29\x4c\xde\xc2\xcb\x37\x3f\xb9\x2c\x49\xae\xbc\xf0\x8d\x03\x61\x24\xe4\x64\xbc\x55\x8b\xc6\x2b\x32\x50\x93\x56\x79\x9b\xa4\x7f\xfa\x2f\x49\xfe\x3a\x88\x06\xe5\xa0\x22\xe7\x75\x0b\x95\x50\xc6\x0b\x65\x50\xc2\xa2\x85\x9b\x1f\x04\x19\xfc\xf8\xc7\xa8\xf4\xbe\x76\xcf\xa7\xd3\x42\xf9\xb2\x59\x64\x39\x55\xd3\xb0\x33\x0e\xd2\x7d\x89\x3b\x0d\xc8\x3a\xd8\x94\x04\x0e\x8d\x84\xba\xd1\x1a\x2c\x7e\x68\xd0\x79\x97\x25\x6f\x4b\x84\xda\xd2\x7b\xcc\x3d\x94\x54\x21\xd4\xa2\x40\x96\x7e\x76\x8f\x80\x9d\x69\xf6\x3e\x5f\x64\x49\xf2\x1b\xc2\x46\x69\x0d\x15\xda\x02\x41\x98\xf6\x40\x0c\xf8\x52\x78\x10\x52\x3a\x70\x54\xa1\x2f\x95\x29\xa0\x71\xb8\x6c\x74\x50\x56\x12\x3a\x30\xe4\x61\x61\x51\xac\x00\xb7\xca\x79\x26\x09\x84\x6c\xd6\x5f\x96\xd0\x52\xf3\xc8\x32\x34\x88\xdc\xab\x35\x32\xbf\x0d\xdc\x1b\x61\xa2\x3b\x10\xc4\xce\x58\x76\x02\x64\xe1\x7d\xe3\xfc\x40\x90\x97\xc2\x4f\xa0\xd6\x28\x1c\x42\x1d\x75\x00\x32\xf0\x93\xf2\x9e\xb1\x3c\xdc\x14\xe1\x33\x53\x07\x47\xbd\xa0\xc5\xa2\x3d\x30\xf8\x03\x34\xe3\x20\xf3\x06\x2b\xa1\x34\x9c\x1b\x69\x71\x03\x52\x59\xcc\xbd\x6e\xff\x18\x2d\x35\x39\xf7\x83\xa8\xdf\x0b\xb3\xc2\xcc\xa0\x1f\x67\x07\x1e\xdf\x08\x07\x64\x55\xa1\x8c\xd0\xba\x85\x08\x1e\x7d\x1e\xb0\x5a\x78\x2b\xac\x30\xde\xd1\xfa\x7e\xef\x07\xa2\xb5\x62\xdc\x5f\x0c\xbc\x11\x2d\xcc\x4e\x66\x27\x1d\xf7\x06\xfe\xc6\x72\xef\xe7\x8c\x3a\x8d\xa1\x44\x5d\xa3\x84\xb5\x08\x81\xb7\x51\xbe\x0c\x81\xd4\xc5\x07\x3b\xc2\x38\x2f\xb4\x16\x1c\xd4\xc9\x61\xec\xa6\xf0\x6f\x6a\x20\x17\x06\x54\x24\x62\xf7\xb9\xfe\xba\x34\x8e\xed\x7d\xf3\x33\x55\xb8\xb0\xb8\xd9\xa9\xc1\x7f\x65\xae\x1c\x3f\x4f\x12\x80\x77\xef\xde\xb9\x32\x01\x8e\x83\xcd\x00\xb3\x77\x1f\x03\xc5\xbe\x28\x49\x1b\xa3\x49\xc4\x78\xbf\xd1\xc2\x73\xb4\x59\x0c\x2e\xbe\xf7\xa8\xf7\x46\xf0\xb4\xe3\x70\xd3\x88\x10\xaf\x50\x2f\x5f\x79\x58\x5a\xaa\x58\x84\xc5\x03\x35\x2b\xb1\xc2\x9e\xec\x73\xdd\x84\x76\x04\xb9\x26\x83\x41\x3b\x34\x5e\x59\x04\x8b\x35\x39\xe5\xc9\xb6\x41\x88\x6d\x0c\x0b\xd0\x94\x07\xa7\x3f\x20\xa8\x50\xbe\x43\xfa\x6f\x8f\x94\x15\xca\xf7\x2a\x5d\x3b\x51\x60\xd2\xb9\x29\x42\xee\x08\xe1\x86\x6a\xf6\xa6\x83\x2c\xcb\xfe\x80\x33\x6a\x7c\xdd\xf8\xb9\x11\x15\x66\x7c\xb9\xe1\xcc\x51\x63\x73\x9c\x2f\x49\x4b\xb4\x2f\x92\x00\x79\xce\x7e\x21\xe3\xd1\x78\x07\xb4\x84\x48\x73\xdb\x11\xc5\x5c\xb0\xe0\x0c\x54\x2b\x64\x4b\x7a\x0a\x36\x90\xca\xad\x40\x55\xa2\xc0\x2c\x49\x8e\x8f\x2f\xa3\xe4\xe7\xc7\xc7\x6c\xb7\xe3\xe3\x34\x5d\x93\x66\xc9\x70\x7b\xc6\x3f\xb7\x2f\x9e\x1f\x1f\x83\x43\x0f\x6b\xd2\x4d\x85\x10\xf6\x46\x52\xb9\x5a\x8b\x36\x00\x07\xd8\xd7\xca\xb0\x54\xa7\x24\x2e\x44\x97\x14\x94\x91\xb4\x01\xaf\xbc\xc6\xf1\x0e\x5c\xe5\x64\xe0\xf6\x8c\x7f\x32\x95\x1b\xf7\x99\x04\xde\xe9\xc8\x17\x22\x5f\x15\x96\x1a\x23\xe1\xf6\xac\x56\x79\x56\x9b\x62\x47\xdf\x9d\x74\x8f\x28\x9c\x0b\x46\xb5\xa5\xb5\x92\x08\xb5\x29\x26\x50\xa8\xe5\x04\xde\xd7\x45\xaf\x42\x54\x2b\xad\xc9\xc1\xed\xd9\xf6\xf6\x05\xdc\x9e\xb5\x3b\xcc\x10\x19\x5c\x2e\xf8\x50\x83\x29\x99\xe3\x90\xdd\xa9\x8f\x6c\xa2\x8d\x92\xbe\x0c\x18\x25\xaa\xa2\xf4\x3b\xa0\x40\x40\xcb\x07\x71\x3c\x6e\x7d\x8f\xc2\xdf\x73\xfe\xde\xb1\xf7\xc6\xc3\x6d\x07\x35\x3a\x3d\x49\x4f\x9f\xf4\x87\x60\x1b\xf5\xdc\xfc\x7d\x3f\x37\xef\xb8\x8e\xbd\xa9\x39\xff\x9e\xce\x9e\xed\x43\xc0\xed\xd9\x52\x69\x9c\x47\x4f\xff\xa9\x3d\xfa\xa3\x28\x8d\x8f\xdc\xbe\x8f\x4a\x25\x31\xc5\xad\x47\xe3\xd4\x5d\x44\x46\xe1\xfd\x78\xfb\x06\x1a\x5a\x06\x9c\x0e\x40\xd4\x75\x2a\x2d\xd5\xa9\x56\x66\x75\x57\x87\x70\xbf\x05\xf0\x3e\x84\x7d\x4f\x70\x5e\xd7\x5a\xe5\x21\x01\xba\x09\xd7\x0c\xbe\xba\x41\xc9\xed\x04\xda\x0e\xf5\x83\xfe\x32\xd0\xe9\x85\x5a\x58\x61\xdb\xe9\x3f\x1b\x95\xaf\x2e\x88\x56\x0f\x42\x63\xa3\x05\xdc\x9e\xf1\xcf\x9c\xcf\x11\x41\x85\xf7\x22\x2f\x41\x80\x56\x39\x1a\x17\x4d\x05\xfd\xad\xab\x8a\x8e\xd9\xe2\x47\xb8\x3d\xb3\xf8\x71\x5e\x0b\x0e\x9d\x60\xe8\x1a\x73\xb5\x6c\x21\x6f\x9c\xa7\x0a\x78\x83\x19\x7f\xc5\x8f\xe0\x89\x34\xd7\x59\xc9\x0b\xca\xe4\xba\x91\x78\x20\xa1\x83\x35\x94\x2a\xe3\xd1\x1a\xf4\x29\x1a\xb1\xd0\xc8\xc0\x52\x39\xfe\x04\xd1\x78\xaa\x84\x57\x39\x54\xd4\x18\xff\x4d\x4e\x75\x7f\x98\x25\xd9\x4a\xf8\x7d\x2d\xa2\x9b\x8d\xd0\xdd\x75\x8a\x14\x30\xba\x7e\xf9\xfb\xe5\xa7\xeb\x97\x3f\xfe\xfe\xe9\xfa\xe2\xf5\xe5\xa7\xeb\x8b\x37\x97\x63\x18\x49\x5c\x8a\x46\x7b\x6e\x57\x98\xa0\x8f\x2e\x56\xcd\xb5\xce\x63\x75\x17\xba\x03\x1d\xf6\x61\xf4\xf3\xeb\xab\xff\xfb\x74\xfe\x8f\xd7\x57\x87\x70\xbc\x3c\x01\x5e\x07\xd7\xd4\x35\x59\xef\xa0\x12\xf9\xe5\x15\x9c\x9e\x64\xa7\xdf\x72\x9d\x37\xb8\x41\xdb\x8b\x44\x93\xdb\xb6\x0e\x47\x89\x16\x80\x6e\x85\xdd\xb7\x24\x1b\xa4\x5b\x74\x8d\x0e\x9d\xcd\x2e\x11\xc2\xe8\xfc\xd5\x55\x3a\x7b\xfc\x04\x52\xee\x71\x86\xd4\x59\x5b\xaa\x6a\xae\xff\xcc\x5c\x0b\xe7\x36\x64\xe5\x1d\x69\xa9\x40\x77\x3a\x7b\xf6\xbf\x0a\x3d\x9d\x3d\xfb\x12\xa1\x42\xca\x60\x59\xce\x19\xc2\x16\xe8\x77\x37\x97\x97\x3f\xc5\x44\xf3\xf9\x4d\x16\x52\xf2\xff\x70\x93\x85\x8e\x91\x49\xb6\xcf\x4b\x23\x2e\x95\x0b\x8c\x61\x56\xb1\xa6\x35\x47\xae\xaa\xd0\xf5\x82\x59\xef\x34\xe8\xdd\x67\x9d\xed\x2e\x47\x1c\x96\x95\x98\x6f\x2a\x61\x9a\x50\x4e\x3d\xc1\x16\xde\xfc\xd8\x27\x0b\xa9\x1a\xaf\x74\xba\x46\xbb\x20\x17\x62\x14\xb7\x98\x37\x1e\xa1\xdb\xe2\x82\xd2\xed\x42\x45\x12\xef\x30\x7e\x68\x14\xfa\x07\xd8\xc2\xde\x3e\xd3\x42\xa3\xe3\xd2\x06\xe1\x23\xe8\x19\xe2\x7f\x38\xb8\xc4\xda\x62\xce\x3d\xde\x04\x0c\xa2\x1c\x02\x6c\x96\xcd\xb2\x53\x36\x51\x20\x9c\xc0\xcd\xd7\xa7\xb3\xa7\x5f\xd0\xcd\x70\xeb\x3d\x3d\x9d\x3d\x1d\xf7\x06\xcc\x49\xa2\x53\x05\xe7\x47\xfe\x11\xbe\xb1\x5d\xde\x18\x76\xee\x98\x71\x68\xfd\xe2\xe5\xe1\x22\x3e\x70\x0e\x97\xde\x0b\x1b\xdd\x91\x5b\x94\xdc\xde\x08\xed\x02\xea\xb0\x75\x07\x75\xb4\x11\xca\xc7\xe9\xc8\x79\x51\x6b\x74\xe3\x9d\xa4\x15\xb6\x79\x29\x94\x01\xe7\xc9\xa2\x84\x3d\xd0\x04\x00\xe0\x35\x59\xa8\xc8\x72\xc3\x15\x93\x02\x07\x79\x5e\x62\xbe\x82\x1b\x4e\xca\x5c\x19\x24\xe5\x4d\x85\xc6\x87\xcd\x9d\xc5\x24\xae\x51\x53\x8d\x36\x13\x4c\x18\x4c\x77\x40\x3a\x75\x98\x37\x56\xf9\x76\xda\xa9\xae\x4c\x31\xaf\x44\x4e\x6e\xee\x68\xe9\x37\xc2\xe2\x7c\x81\x4b\xb2\x38\x97\xca\x0d\x63\xdd\x34\xe6\xcc\x48\xee\x4b\x9c\x77\xdc\x01\x73\xbe\x21\xbb\x5a\x6a\xda\xf4\x5e\x70\x2b\x55\xa7\xef\xd1\xac\x54\x68\x79\x80\xff\xee\x5a\x97\xb4\xb6\xe8\xbd\x5a\xb6\x7c\x4d\xc3\x61\xae\x42\xdb\x3c\xe9\xa7\x24\x65\xe0\x4a\x18\xb9\xa0\x6d\xb0\x9e\x21\x93\xfe\x74\xfd\x0b\xa0\x59\x2b\x4b\x86\xcf\xe1\x38\x4e\x9e\xce\xbe\x34\x4c\x9e\xce\x06\xf5\x22\x7e\xea\xc4\x32\x5c\x8d\x3e\xb6\x83\x83\xba\x4d\xc8\xa9\xaa\x85\x57\x0b\xa5\x95\x6f\x27\x20\x29\x8e\x6d\x21\xc2\xe3\x24\x17\x16\xfa\xfb\x11\xa7\x50\x57\x21\x67\xff\xbd\x73\xc1\x88\xa9\xba\xc4\xda\xa5\x9b\x90\x6b\x77\xc1\x32\xdc\xfe\x35\x5a\xae\xdb\xc1\x62\x25\x77\x25\x5c\x94\xba\x45\x30\x4d\xb5\x40\x1b\x29\xcb\x09\xa4\x29\x4f\x30\x5d\xf1\xe1\x1e\x31\x68\xc0\x6b\x49\xf2\x6a\x48\x8d\xfd\xe0\x92\xf4\x47\x1c\x32\xbc\x11\x61\xb4\xdc\x0b\xd9\xbd\x84\x1a\x47\x98\x3e\x5b\x8f\x9c\xa6\x0d\x37\x80\x8d\x07\xe7\x2d\x99\x02\xed\x98\x2f\x6d\x9f\x59\x47\x4b\xe1\x7c\x47\xb0\x41\xb1\x42\x3b\xce\x00\x5e\x71\x9e\xbe\x93\x8c\xf7\x64\xac\x95\xd8\x9b\x77\x62\x5e\xe6\x21\x9a\x27\x87\x6e\x88\xb0\x6d\xdf\x0e\xf5\x09\x1a\x64\x63\xe3\xb8\x8c\x50\x29\x29\x35\xc2\x88\x1d\x65\xd1\x05\x23\xd5\xa5\x70\x38\x1e\xb8\x2c\xe5\xe8\x5c\x06\xf0\x96\x3b\x91\x5c\xd8\xd0\x28\x20\x17\xf0\x43\xd8\x9c\x6c\x9c\x5d\x27\xb0\xc0\x5c\x34\x0e\xf7\x82\x42\xeb\xe0\xe9\x58\x31\x40\x80\xc3\x9c\x8c\x0c\x89\x3b\xcc\xda\x64\x96\xca\x56\x07\x80\x59\x92\xbc\xda\x8a\xaa\xd6\x38\x78\xa0\x1b\x47\xbe\xfe\x6a\xba\x50\x66\xea\xca\x24\x0c\x70\xe9\x72\xbf\xcd\x4a\xbb\xa1\x13\x2d\x0f\x24\xf0\xcd\x37\x60\xab\x87\xf7\xf7\x47\x9b\xdb\x04\x60\x37\x53\x1c\xed\xf1\xc0\xc0\x73\xb4\xa3\x0a\x4d\xe9\x91\xd8\x51\xcd\x87\x39\xa1\xa7\xda\x6b\xf7\x8f\x54\x0f\x31\xdf\xad\xf2\x8c\xd0\xd3\xee\xf5\xfa\xb3\x93\x13\x38\x9d\x9d\x1c\x6e\x84\x52\xf5\xec\xe4\x04\xfe\xff\xa4\xdf\xd9\x75\xd6\xa7\x07\x6b\x07\xba\x73\x12\x3b\x8a\x90\xdf\xf5\x44\x77\xfa\xe0\xcf\xc9\x23\xd9\x61\xb7\xfb\x84\x21\x9e\x3d\x0e\x7b\x47\x0f\x1a\x34\xf2\x1e\x1d\x4c\x81\xd3\xa3\x38\x06\x5e\x61\x0c\xcb\x77\x18\xfd\xea\xde\xf5\xd5\xad\x9b\xcc\x22\x17\x78\x8b\xa1\x95\x8b\x09\xbc\x27\xce\x92\xe4\xd7\x18\xdb\x21\x81\xdd\x79\x4f\xf8\x3b\xc5\x77\x22\xdc\xe6\x18\x23\xcc\x0b\x23\x85\x1d\x06\x73\xd1\x8f\x06\xa1\x6c\x4e\x2f\xaf\xe0\x5f\xdc\xb9\x75\xd7\x45\xc6\x57\x29\xc6\x58\xc5\x97\x08\xce\xc7\x8e\x15\x0b\x94\xa7\x27\xd9\x13\xb8\x32\xb4\x81\x0b\xa4\x9a\x61\x39\x7f\xf1\xfc\x6f\x03\xe7\x23\x09\x5a\xad\x42\x2c\xaf\x10\x6b\x1e\xd2\x19\x80\x35\x52\x06\x04\x17\x6b\xd3\xf6\x79\xc8\xf1\x42\x4d\xce\xa9\x85\xc6\x49\xb8\xf2\x0d\x57\x29\xdf\x18\xe1\x91\x2f\xd0\x06\xe3\x5b\x94\x24\xf3\xc8\x43\x29\xd6\x08\x21\xd4\x17\xb4\x45\x07\xb6\x31\x86\x91\x49\xcb\x1d\x24\x2d\xa3\xa6\x42\xe2\x87\x46\xf8\xa0\x4a\x18\x1e\xc2\x69\x4a\x51\xd7\x68\x32\x78\x19\x6b\x1b\x5b\x30\x3e\xfc\x61\x7c\x3b\xeb\x1e\x0f\x23\x99\xeb\xfd\xa1\x85\xf3\xf0\x6d\xfa\x18\x5a\x14\xd6\x3d\xe2\x23\xf9\x72\xb0\x61\xff\x72\xe2\xbe\xe7\xf3\xd0\x32\xbc\x1f\x4d\xa2\xbc\x0a\x85\xd9\x6f\x81\x67\x07\xf6\xfa\xb1\xf1\xa0\xc2\x23\x1d\x77\xef\x12\x04\x2c\x9a\x68\x28\x13\xbb\x98\xfe\x58\x13\x28\x08\x44\x89\x22\xda\xdb\x22\x27\x5e\x50\xfe\x2b\xf8\x0d\x1f\x69\x0d\x9c\xde\x3c\x05\x53\xc7\xca\xc3\x90\x9e\xa0\x40\x1f\x1e\x62\xd4\x36\x78\x76\xf7\x20\xd8\x9b\xae\x77\xea\x63\xce\xc1\x28\xac\x56\xdc\x3a\x75\x44\x57\x97\x17\x19\xbc\x2d\x85\x7f\xe4\xa2\x1b\x3c\x11\x94\xec\x74\x4f\x20\x51\x74\x55\x4e\x19\x3e\xf1\xb7\x19\x7c\x3f\x4e\x92\x73\xcd\x13\x4d\x28\x08\x77\x43\x33\x85\x1b\x43\x12\xf9\x3a\xc9\xaa\xb8\xb7\xe4\x5e\x28\xd3\xb8\xeb\xe9\x1e\x19\xd7\xb3\x1b\x59\x15\xe1\xd5\x78\xc7\x53\xb7\xb5\xca\xea\xd6\x97\x64\x32\xb2\x45\xf8\x7b\xda\x93\x31\x8f\xeb\xee\xd8\xcd\x95\x17\xf9\xea\x72\x8d\x96\x9b\x0a\x08\x0f\xab\x43\x97\xf3\x7c\x3a\x75\xbc\x4d\xdd\x76\xd0\xa1\x27\x71\xd3\xef\x9e\x3c\x7b\x36\x9b\x96\xb4\x49\x25\xa5\x2a\xed\x52\xa4\x48\x8d\xca\x31\xd5\x44\x1c\xd6\x9c\x31\x79\x20\x4b\x2b\x91\xa7\xe4\xd2\x6d\x1a\x0a\x5e\x9a\x53\x55\x09\x23\x39\x65\x60\xca\xc5\xd7\x8d\x93\xff\x04\x00\x00\xff\xff\x4b\x40\x84\x11\x23\x17\x00\x00") 122 | 123 | func readmeMdBytes() ([]byte, error) { 124 | return bindataRead( 125 | _readmeMd, 126 | "README.md", 127 | ) 128 | } 129 | 130 | func readmeMd() (*asset, error) { 131 | bytes, err := readmeMdBytes() 132 | if err != nil { 133 | return nil, err 134 | } 135 | 136 | info := bindataFileInfo{name: "README.md", size: 5923, mode: os.FileMode(0644), modTime: time.Unix(1712862222, 0)} 137 | a := &asset{bytes: bytes, info: info, digest: [32]uint8{0xa5, 0x42, 0xf1, 0x6b, 0x75, 0x74, 0xe3, 0x57, 0x6a, 0xc1, 0x8, 0xe9, 0xd9, 0xbe, 0xae, 0x13, 0xc1, 0x0, 0x39, 0x6c, 0xf6, 0xe0, 0xbb, 0x8, 0x3, 0xe9, 0x4b, 0x45, 0xe, 0xdc, 0x95, 0xb2}} 138 | return a, nil 139 | } 140 | 141 | var _builderCreateDmgBuilder = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\x7c\x90\xcd\x6a\xc3\x30\x10\x84\xcf\xbb\xef\x91\xa3\x93\x43\xaf\xa5\xd0\x1f\x17\x0c\xc5\x36\xb6\x92\xd2\x1a\x51\x94\x68\xed\x0a\xa4\x5a\x48\x32\x84\x3c\x7d\xc1\x22\x8d\xdc\x86\x1e\x35\xfb\xcd\xec\x68\xdb\x9c\x81\xb0\xf6\xe3\x4b\x18\x82\x83\x23\x11\x28\x93\x66\x40\xdc\xe5\x4d\x5b\x54\x65\xa2\xad\x0f\x93\x4b\x9e\xf0\x49\x42\xfa\x8d\x11\x3e\x90\x43\x2c\xf3\xd7\xa7\xa2\x81\xfd\xa4\xb4\x5c\x4b\xe5\x20\x90\xb1\xb0\xca\x66\x01\xb2\x19\x78\x2e\x5e\xf2\x34\xf0\xa4\x2c\xf4\x24\xc2\xe4\x48\xc2\x6a\x7e\xae\x10\xf1\xb1\xaa\xdf\x58\x05\xdd\x4f\x16\x47\x28\x4a\x56\xa5\xcb\xbb\x65\x2f\xbe\x49\xba\x47\xd8\x0b\x63\x35\xfd\x05\xa3\x7e\x86\x26\x6b\x47\x17\xae\x50\x71\x80\x80\xed\xf6\xa1\x65\xbb\xfb\xa6\x4d\x0a\xdd\x0a\x1d\xc8\xdd\xa5\x5b\xa1\xeb\x38\x47\xc4\xf7\xa2\x5e\xa4\x9d\x94\x3d\xd7\x8f\xfe\xac\x57\x9a\x7c\x66\x1d\xf5\xea\xc8\x17\xbf\x44\xac\xb7\x0c\x0c\x0d\x62\x3f\x1e\xe3\xe5\xfc\xaf\x7b\x5d\x23\x62\x82\x1e\x87\xe8\xf7\x37\xff\x58\x2f\xc3\x8b\xeb\x3b\x00\x00\xff\xff\xda\x50\x2e\xe6\x04\x02\x00\x00") 142 | 143 | func builderCreateDmgBuilderBytes() ([]byte, error) { 144 | return bindataRead( 145 | _builderCreateDmgBuilder, 146 | "builder/create-dmg.builder", 147 | ) 148 | } 149 | 150 | func builderCreateDmgBuilder() (*asset, error) { 151 | bytes, err := builderCreateDmgBuilderBytes() 152 | if err != nil { 153 | return nil, err 154 | } 155 | 156 | info := bindataFileInfo{name: "builder/create-dmg.builder", size: 516, mode: os.FileMode(0644), modTime: time.Unix(1711436763, 0)} 157 | a := &asset{bytes: bytes, info: info, digest: [32]uint8{0x45, 0x19, 0x22, 0x65, 0xf3, 0x99, 0x89, 0x73, 0x97, 0xd7, 0xcb, 0x8f, 0x52, 0xdf, 0x52, 0x7f, 0x54, 0x38, 0x3f, 0xee, 0x5f, 0xfc, 0xda, 0x21, 0x63, 0x94, 0xf9, 0x7, 0xd3, 0x15, 0x6d, 0x60}} 158 | return a, nil 159 | } 160 | 161 | var _createDmg = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xbc\x7c\xfd\x76\xda\xc8\xb3\xe0\xdf\xe8\x29\x2a\xb2\x4e\x80\xc4\x02\xe3\x49\x7c\xe7\xe7\x98\xfc\x16\xdb\x38\xe1\x8e\x0d\xb9\x80\x7f\x49\x26\xc9\xe5\x34\x52\x03\x7d\x2d\xd4\x9a\xee\x96\x31\x71\x38\x67\x5f\x63\x5f\x6f\x9f\x64\x4f\x7f\xe8\x03\x21\x9c\xcc\x3d\xbb\x9b\x39\x63\x43\xab\xab\xba\xba\xba\xba\xbe\xe5\x83\x67\xcd\x98\xb3\xe6\x94\x84\x4d\x1c\xde\xc3\x14\xf1\x85\x65\x1d\xc0\x05\xc3\x48\x60\x40\xc0\x30\xf2\x5d\x1a\x06\x6b\xf0\x09\xbf\x03\xb2\x44\x73\x0c\x74\x06\x62\x81\xc1\xa3\xa1\xc0\xa1\xe0\xf2\x3b\x82\x19\x0d\x7c\xcc\x24\xf0\x39\x22\x01\xd0\x58\x00\x0d\x01\x85\x6b\x88\xc3\x05\x0a\xfd\x00\xfb\x80\x19\xa3\x8c\x5b\x1c\x0b\x70\xf1\x1b\xeb\x00\x3a\xe1\x1a\x3c\xba\x5c\xa2\xd0\x07\xb1\x40\x02\xf0\x03\x11\x1c\x56\x44\x2c\x20\xa4\xa1\xfb\x1d\x33\x0a\x1e\xf5\x31\xac\x48\x10\x80\x87\x62\x8e\xd5\xda\x11\x89\x70\x40\x42\x0c\x82\xc2\x0c\x91\x40\xe3\xa4\x6a\x5c\x7e\x7f\x63\x59\x17\x97\x37\xef\x26\xff\xea\x0e\x47\xbd\x41\xbf\x5d\x6d\x35\x8e\x1b\xad\xaa\x24\x6f\xbc\xc0\x30\x8b\x83\x00\x22\x24\x16\x12\x5e\xe2\xb3\x79\x1c\x45\x94\x89\xa6\x0d\x3e\x61\xd8\x13\x94\xad\x41\x2c\x08\x07\xee\x31\x12\x09\x20\x1c\x62\x4e\xc2\xb9\x75\x00\xb5\xb1\x1c\x57\x04\x4d\x31\xc8\x85\xe3\x08\xa6\x6b\x4d\x67\x80\x04\x66\x40\x42\x85\x55\xc3\x36\xea\x9a\x96\xd1\xed\x87\x0f\x83\xe1\x78\x72\xd9\x1b\xb6\x6d\xdb\xb2\x06\xa3\xc9\xd5\xed\xf5\x75\x4a\xa3\xed\xd4\xf8\x6a\x72\x8f\x19\x87\x1f\xc0\xb1\x0f\x6e\x08\xc7\x11\xfc\x00\x2f\x16\xe0\xfa\x70\x0a\xee\x0c\x8e\xe1\x07\x08\x26\xbf\x56\xbf\x9c\xf2\x08\x79\xf8\xf4\x5b\x35\x99\xe3\xb5\xdc\xba\x2d\xf1\xde\x74\xfe\x7d\x30\xcc\x23\xc6\xde\x82\x82\x53\x58\x31\x43\xdd\x90\xa8\x5b\x06\xb6\xd7\xff\xfb\xb0\xc7\x75\xdb\xfa\xd8\xeb\x7f\x6a\xb7\x8e\xe4\xef\xcf\xed\x13\xf5\xfb\x63\xfb\xf5\x91\xfa\xf0\xbe\xfd\xdb\xeb\x23\xab\x77\x31\xe8\x4f\x46\xbd\x3f\xbb\xed\xd6\xf1\xef\xd6\xb8\xfb\x69\x6c\xbe\x9d\x58\x57\x83\xe1\x4d\x67\xdc\xb6\x6f\x2f\xff\x1c\xd8\xd6\x55\xef\xba\x3b\xfa\x3c\x1a\x77\x6f\xda\xf6\xfb\xab\xd1\x4b\xdb\xea\x5c\x5e\x4e\xe4\xe8\x64\x34\xb8\x1d\x5e\x74\x47\xed\x5a\x3d\x1b\x1b\x77\x86\xef\xba\x63\x35\xd6\xbb\xe9\xbc\xeb\xfe\xd1\xfd\x2c\x39\xfc\xfe\xb2\x77\x3b\xee\x29\x92\xcf\x07\xa3\xde\x58\x0d\x8e\x3a\xfd\xcb\xf3\xc1\xa7\xc9\xa8\x73\xd5\x6d\x1f\x59\xe7\xd7\xdd\xd1\xa8\x7d\x64\x8d\xfe\xe8\x7d\x98\xfc\x7b\xb7\xff\x47\xaf\x2f\xbf\xde\x74\x3e\xf5\x6e\x6e\x6f\x26\xb7\xfd\x9b\xc1\x6d\x7f\xdc\xeb\xbf\x9b\x74\xc6\xe3\xee\xcd\x87\xf1\xa8\xfd\x9b\x35\xea\xbd\xeb\x77\xc6\xb7\xc3\xae\x44\xd8\x1f\x8c\x3b\x43\xb9\x0b\x79\xa6\xb3\x38\xf4\x04\xa1\x21\x44\x31\xc3\xea\x2c\x09\x0d\x6b\x75\x78\xb4\x2a\x8a\x8d\xb6\x93\x17\x4b\xdb\xda\xe4\x40\x16\x3e\x89\x05\x09\x26\x3e\x16\xc8\x5b\x4c\x18\x16\x6c\xad\x41\x0f\xe0\x36\x5c\xd2\x38\x14\x56\x25\xd6\x1f\x48\x38\x9f\x20\x21\xf0\x32\x12\xbc\x7d\x24\x87\x05\x09\xac\x8a\x59\xe4\x36\x9d\x94\xbb\xb6\x8d\x46\xc3\xb6\x2a\x95\x5a\x0d\x4a\x70\xbc\x7c\x09\xf5\xba\x55\xa9\x18\x1a\x40\xd3\x00\xb6\xd3\x92\x30\xf2\x56\x4e\xa4\x78\xb7\x9d\x7f\x6a\x14\xe9\x08\xb4\xdb\x00\x47\x50\xaf\xc3\xf3\xe7\x30\x65\x18\xdd\x41\xee\xdf\x01\x84\x54\x2c\x24\x1d\x73\x8a\x39\xac\x18\x0d\xe7\x45\x04\xcf\xda\xd0\x3a\x31\x08\xe4\x28\x38\xd9\x33\x38\xd0\x43\x4a\x21\xc8\x1b\x45\x19\x99\x93\x10\x05\x7a\x58\xce\xb1\x2a\x15\x7d\xa7\xd1\x94\xde\x63\xe0\x02\x09\xbc\xc4\xa1\x00\x86\x45\xcc\x42\x0e\x2d\x20\x33\x10\x98\x0b\xa5\x28\xb0\x0f\xb5\x2d\xe2\x5b\x27\xf5\x86\xc2\x01\xd0\x13\xe0\xa1\x10\x96\xe8\x0e\x1b\x05\xe7\xe3\xe4\x2a\x3f\xfa\xb4\xd1\x68\x80\x4f\x43\xbc\x81\x69\x40\xbd\x3b\xa9\x3a\xa6\x18\xf0\x03\xf6\x62\x81\x7d\xab\xe2\xd3\xbd\xec\x95\x0b\x3d\x21\x52\xf9\xdd\xb7\x4e\xe4\xae\x23\x24\x08\x0e\x3d\x89\x7e\x81\x62\x2e\xb0\x7f\x98\xe3\x84\x22\xac\x7b\x7e\x3b\xfa\x9c\x1e\xf9\x47\x44\x04\x20\x58\x52\xb9\x77\x73\xd4\x3c\xc0\x38\x02\xa7\x56\x83\x16\xbc\x80\xda\x31\xbc\x78\x51\x46\x5c\x5d\x1d\xbd\xdc\x99\x94\x23\xa5\xcf\x76\x27\x6d\x49\x6a\x89\x5c\x7b\xca\x62\xb8\xfe\x72\x0e\x4e\x2d\x2f\xfc\xf5\x6d\x21\x8f\x39\x9a\x63\x0d\x68\x26\x58\x15\x0f\x09\x38\x3b\xeb\x0e\xde\x77\xaf\x3f\x58\x96\xb6\x3d\x5c\x9a\x14\x14\x7a\x6b\xb8\xbc\x79\x07\x33\x12\xe0\x86\x65\xdd\x4a\xe0\x53\x00\xa7\x36\x45\x1c\x87\x68\x89\xc1\x39\xaa\xc3\x17\x1a\x49\xdc\xfc\x1b\x9c\xd1\x58\x44\xb1\x98\xc8\x47\x0d\x7f\x39\x7f\x0b\x67\x9c\xc6\xcc\xc3\x13\x6d\x9e\xde\x5a\x56\x47\xda\x91\x9c\xe5\x2a\x4c\x48\xf5\xba\x47\x23\x82\x7d\x20\xa1\xb1\x10\xb9\x8b\x64\x59\x03\xbd\xe0\xa9\x05\xe0\xba\xf7\x34\x50\xa4\x9c\xc9\x9f\x6f\x2d\x2d\xf9\x92\x8d\xf7\x34\x88\x97\x18\xd4\xc3\x9a\x4f\x78\x14\xa0\xb5\x42\xa9\x10\x5e\x91\xd0\xc7\x0c\x38\xf1\xf1\x14\x31\x90\x26\x70\x45\x42\x9f\xae\x40\x10\x11\xe0\x7a\x82\x9b\x78\x34\x84\x33\xf9\xb3\x41\xbc\x90\x97\x2c\x20\x9f\xa9\xd9\x53\xe4\xdd\xcd\x19\x8d\x43\x1f\xce\x22\xe2\x35\xa2\x70\x9e\x9f\xae\xb7\x08\xb9\x59\xda\x9e\xd7\x22\x46\xef\x89\x8f\x21\x0a\xe7\x87\x30\x27\xb3\x43\xa0\x0c\xfe\x2b\x9a\x6b\x1a\x34\x55\x6e\x44\x39\x9c\x3d\xbc\x85\xb3\x75\x1e\x67\x44\x39\x51\x07\x2b\xb7\x64\x16\xd0\x00\x79\x58\x4e\xbe\x63\x38\x5b\x11\x5f\x2c\xde\xc2\xd9\x02\x93\xf9\x42\xe4\xb1\xa8\xe7\xc6\xad\xd8\x45\x22\xf0\x83\x30\x28\xe4\xc7\x89\xfc\x98\x87\x4e\xd8\x86\x1f\x0c\xa6\x5a\xeb\xc8\x6d\x9d\x68\xea\x25\x73\x0c\xb0\xfc\xb8\x0f\x58\x3e\xe3\x06\x3a\x8e\xe4\xdd\x6e\x1d\xff\x9e\x61\x50\x12\x38\xd1\xc7\xbc\x9f\x07\xc9\x0e\x48\x80\xab\x3c\x3b\x96\x05\xf1\xb1\x8b\x1f\x04\x0e\xa5\xbc\xc3\x59\x8a\x2b\x41\x22\x27\x28\xc8\x6c\x12\x9d\x29\x34\x0a\x1e\x45\x91\xeb\x33\x1a\xb9\x01\x09\xef\x0a\xeb\x2b\x65\x85\x40\x3e\x06\xf5\x58\x50\xe8\x44\x51\x40\x3c\xa4\x44\xf4\x10\x90\x80\x80\xea\x6f\xf0\x70\xb8\x56\x18\xff\x0a\xfe\x16\xc2\x98\x63\x06\xff\x11\x13\xef\xee\x9a\xd2\x3b\x20\x21\x17\x28\x08\xa4\xa7\x54\x8e\x1e\xc7\x01\x82\x33\xf9\x73\x22\x37\x91\xa0\x46\x42\x19\x15\x04\x01\xf1\x70\xc8\x35\xa3\x12\x0f\x4c\x6a\x8e\x5a\x14\x20\x79\x3b\xe4\x41\x52\x06\xc3\xf1\x95\x3e\x81\x90\xba\x24\x14\x98\x85\x58\xb8\x38\x44\x53\xc5\x17\xf9\xcf\x27\x5c\x7e\x03\x14\x0b\xba\x44\x82\x78\xa0\x14\x17\x3c\x97\xd7\x57\xd3\x32\xa3\x6c\x29\xf5\x8b\xfe\x9d\x1e\x5b\x84\x3d\x32\x5b\x9b\xe3\x92\x06\x25\xe7\xdf\x1a\x90\x9a\xf4\x45\x7e\xdc\x5e\x9e\xff\xf9\xe3\xf6\xfa\x6a\xf0\xe3\xf6\xfa\x66\x50\x87\x9a\x8f\x67\x28\x0e\x94\x47\x28\x27\x68\x0a\xe5\x4e\xf8\x9a\x0b\xbc\xd4\xc7\xab\x3f\x97\xad\x96\x5f\x27\x03\xaa\x49\x2f\xe7\x47\xe7\xc3\xd5\x68\x7b\x05\x39\x7c\x08\x72\x1c\x8c\x87\xca\x61\x89\xbc\xc1\x08\x5a\x47\x8d\xd6\x6f\x92\x4b\x21\x5e\x61\xa6\xa9\xc0\xa1\xc7\xd6\x91\x30\xab\x6a\x4e\x81\x19\x94\xe7\x33\xa3\x4c\xd1\xc0\x30\x8f\x83\x82\x7b\x00\xb5\x4e\x77\xe4\x1e\xbf\x3e\x01\x17\xd6\x34\x4e\xf5\x60\xc4\xe8\x32\x12\xd8\x57\xc0\x11\xe2\x7c\x45\x99\xbf\xb5\x9c\x8b\x30\x97\xfe\xdc\x7f\x7f\xd5\xd6\xf1\xef\xbf\xbe\x2a\xf2\x7d\xc5\x6e\x38\x13\x88\xcd\xb1\x56\xf6\x6f\x35\xdb\xdf\xfe\x38\x4b\xf4\xf8\xb6\x54\x23\xdf\x97\xff\xab\x6b\x8a\x02\x2d\x78\x94\x25\xba\xa6\x26\xcd\xfe\x14\x4b\x39\xf7\x61\x29\x89\x8c\xa4\x60\x92\x25\xe6\x7a\x4d\x49\xb0\xab\x08\x36\xaa\xe4\x21\x7f\xff\x0b\xc7\xaa\x66\x2c\x51\x18\xa3\x20\x58\x4b\xf1\x7e\x80\x9b\x73\xad\x08\xb4\x77\xe5\xde\x63\x36\xa5\x3c\x11\x62\xe3\x41\x24\xfe\x9f\xb4\x0f\x66\x02\x2c\xa5\x83\x93\x87\xfc\x2b\x26\x58\xec\x87\x53\x8f\x33\xa8\x69\x80\x39\x37\xb3\xd5\x67\x45\xaa\xbe\x22\xc9\xd6\x7d\x1c\x31\xec\x21\xe5\x61\x84\x18\xfb\xa9\x7c\x1d\xcb\x88\x49\x32\x49\x4d\xd4\x7c\x90\x8e\x07\x27\xf3\x10\xce\xe4\x4f\x24\x62\x96\x5e\xee\xf4\x51\x81\x1b\xa9\xeb\xa6\x2f\x81\xb4\xa9\x29\xac\xb9\xdc\x02\x31\xc5\x54\x8f\x61\x1f\x87\x82\xa0\x20\xb5\x72\xe9\xc3\x02\xd6\xda\x0a\xc9\x40\x51\x1a\x4d\x2e\x50\x14\x60\x5e\xcf\x56\xba\xc3\x6b\x6f\x21\x15\x09\x17\x94\x61\x1f\x72\x78\xd5\x8a\x1c\x85\xfe\x94\x3e\xb8\x1c\xcd\xf6\x9d\x81\xc2\x65\xe6\xc9\x08\x55\xfa\x63\x53\x12\x10\xb1\x56\x6b\xfa\x54\x52\x66\x78\x5a\x93\x1f\xcd\xed\x34\x12\xab\x2e\x6c\x46\xae\x91\xa2\xd4\xe1\x51\x82\xb3\xa0\x2b\xc8\x79\x4d\xe6\x21\x84\xf1\x72\x8a\x99\x9c\xbf\x38\x94\x07\x8f\x83\x48\x03\x18\x07\x42\x47\xa5\x72\x58\x86\x97\x18\x87\x96\x65\x3c\x27\xe5\xa6\xc3\x91\x74\xb7\x0e\x60\x86\x64\x0c\xcb\x95\x43\xab\xc3\x66\xa5\x41\xb9\x20\x92\x0f\x79\xda\xa4\x84\x4a\x87\x48\x32\x6c\x49\x99\x64\x35\x0a\x01\x81\x8c\x76\x03\x6c\x49\x5f\x94\x09\x6d\xdf\x5c\xc0\x0f\x91\x8e\xd5\x31\x2c\xb4\x14\xe9\xbb\x2d\x9d\x44\xca\x10\xdb\xca\x13\xc8\x98\x78\x81\xbd\x3b\x79\xe5\x67\x94\x59\x07\x3a\x74\x97\x61\xb7\xb1\x94\xda\x81\x39\x54\x9b\x8f\x39\x20\xce\xe3\xa5\x9c\x2d\xcf\x56\xab\x66\xc6\x85\x51\x1c\x50\x43\x5c\xca\x78\xc4\x9a\xad\xd7\xc7\xf5\x46\xe6\x53\xce\x48\xe8\x4f\x94\x54\x4f\x7c\xc2\xb4\x73\x29\x6d\x92\x0c\x63\xee\x95\x7a\x68\xdb\xce\x63\x6b\x63\x5b\x56\xe5\xed\xf3\x63\xd0\x1e\xeb\x08\x23\xe6\x2d\x0c\x6d\xfa\x52\x68\x7f\xaf\x8c\x4b\x3a\xf8\x07\xe7\x31\xc1\xb8\x91\xd1\x80\x2d\x43\x33\x1c\xc6\x4b\xcc\x90\xc0\xa0\xfd\x86\x7f\x64\x0c\xe3\x56\x45\xe2\x26\x92\xec\xc7\x56\xa3\xf1\x8f\xcd\x1b\x50\x51\xc2\x01\x18\xbf\x5a\xe5\x2f\x88\xe1\x68\x0a\x67\x55\x0c\xfd\x33\xe9\xa5\xc9\x4d\x59\x95\x4a\xfa\xb9\xed\xd4\xb2\x2b\x3f\xa3\xf0\x03\xe6\x0c\x47\xe0\x76\xd5\x05\x0d\x28\x6b\x87\xf8\x1e\x33\xb0\x73\xd4\xda\xf0\x03\x16\x18\xf9\xe0\x3a\x8f\x64\x03\x3f\x00\xad\xee\xa0\xfa\x18\x31\x12\x0a\x70\x7e\xdb\x54\x65\xf0\x47\x66\xf0\xe5\x0b\xb8\xa1\x84\x4c\x57\xdb\xd8\xf0\xed\xdb\x1b\x49\x9f\x24\x2b\x09\x37\xb6\x26\xa8\x71\x1d\x6e\xc1\x91\xa4\x94\x98\x70\x42\x49\x62\x87\xcd\x63\x15\x90\x45\x88\xa9\x0c\x8a\xb5\x5a\x48\xf5\xfb\xe5\x8b\x44\xd3\x3a\x3d\x3a\x6d\x6d\x6c\x68\x83\xed\xea\x95\x24\x83\x3c\xc4\x31\x38\x2d\x20\x72\xcd\xd4\xc3\x96\x34\x56\xfe\x35\xb8\xbe\xbd\xe9\x4e\xfa\x9d\x9b\x6e\xdb\x76\x8e\xd5\xe2\x7c\x41\x66\xe2\x0d\xe8\x5f\x6f\x12\x10\xe9\x7f\xe5\x41\x54\xf6\xe1\xaa\x77\xfd\x24\x5c\xe6\x1c\x2b\xd0\xf3\xce\xc5\x1f\xef\x86\x83\xdb\xfe\xe5\x36\x64\x61\x3c\x21\x27\x8b\x4b\x6c\xa7\x30\xc5\xae\x17\x01\x2f\xae\x3b\xb7\xa3\x6e\xdb\x96\x26\x24\xe7\x93\x47\xc4\x93\xba\x51\x5e\x11\x2a\x43\x47\x25\x21\x01\x86\xaf\x76\x23\x9b\x75\x5a\x44\xaf\x28\xf8\x6a\xab\x35\x86\xdd\x0f\x83\x51\x6f\xdc\x1b\xf4\x27\xef\x7b\x97\x97\x5d\xbd\xeb\xd1\xd6\x82\x79\x9f\x55\x4a\xcb\x1a\x88\xf4\x43\x04\x85\x47\xb1\xc0\xe7\x54\x08\xba\x1c\x4a\x37\xfd\x13\xbc\x84\xd6\xd1\xd1\xa1\xfc\xb1\xd9\xc7\xb5\xd4\xc9\x56\x4c\xcb\xd2\x3c\x4f\x30\x3a\x75\xea\x15\x48\x96\x0b\x7a\x02\x24\x0b\x44\x14\x8c\xca\x37\x39\xc7\x6f\x40\x25\x9c\x9c\xdf\x76\xa0\xca\x80\xd3\x15\x55\x76\xca\x40\xbf\xff\x29\x74\x2a\x4b\x29\x67\x13\x66\x3a\x8f\x85\xa1\x4d\x91\xbd\x8a\xb1\x5f\x6d\xe7\xf8\xab\xad\xf8\xeb\xfc\x76\x08\xce\xab\x8d\xc4\xb6\xbb\xd3\xb2\xc5\xb7\xe3\x07\x45\xc6\xfb\xde\x65\xaf\xff\x2e\x47\xc4\xd6\xc0\x26\xf1\x4a\xb2\x78\x62\x41\x7c\x1f\x97\x91\x23\x58\x8c\xcb\x49\x51\x8b\x2f\xe0\x87\xb1\x42\x6a\x5d\x15\xbe\x27\x57\xcc\x04\xf8\x72\xdc\x7c\x7e\xa3\x93\x14\x47\x66\x46\x14\x33\xbc\x35\x2d\x9f\x18\x28\xcc\xcd\x87\x24\x6a\xee\x7f\x5c\x4f\xae\x7b\xfd\x3f\xda\xce\xb1\xf9\xb6\x4f\x7c\xcd\x86\xd2\xf8\x24\x61\xf3\xf1\xa1\xd4\x6c\x4f\xb2\x59\x2f\xbd\x15\x5f\xa9\xb5\x3b\x1f\x3e\x5c\xf7\x2e\x3a\xea\x54\x73\x44\xe4\x87\x7f\x42\x4d\x3e\x06\xfb\xdb\x04\xc9\xc8\x49\xd1\xd1\xbd\xbd\xee\x4c\x86\xa3\xe1\x85\x21\xa0\x64\xee\x6e\x6c\xa4\x20\xfb\x83\x5e\x7f\xdc\x1d\xf6\xbb\xe3\x76\x2b\x83\xd4\x20\x3a\xbe\x51\xd3\x92\xb4\xeb\xfe\x4b\x97\x05\x29\x1a\x20\x97\x99\xdd\x0f\x64\xbc\x7f\xbd\x87\x7e\xe7\xfc\xba\x3b\xe9\xf6\x2f\x86\x9f\x3f\x48\xd6\x69\x82\x3a\xdd\xd1\x79\x6f\x3c\x6a\x1f\xbf\x3e\x29\xd2\xb7\x1d\x57\xfc\x0a\x12\x19\x7e\x14\x90\xa4\x61\xc2\x8f\x24\x66\x30\x7e\xac\x04\x2b\x24\x8e\x5f\xb6\x6b\x72\x33\xdb\xcf\x4c\xa2\x59\x3d\xfb\xcd\xfe\xd5\xcb\xaf\xc8\xf8\x99\x02\x78\x75\x08\xce\xeb\x5f\x52\x00\x5b\x5c\x2d\x44\x21\x8a\xa4\xcb\xde\xe8\x8f\x89\x4a\x7a\xff\x54\x7d\x16\xa2\x0f\xad\x47\x76\x52\xe4\xd5\xe4\x79\xb5\xc8\xd1\xad\x18\x64\x2f\xb4\x7a\xba\x03\x9b\x44\x07\x0a\x2c\x97\x3e\xdf\x4f\x6d\xe2\xf9\x1b\x69\x4e\x72\xec\xfb\x01\xf2\x5e\xbd\x5e\x26\x9f\xe9\xdf\xb9\x04\xca\x77\xd7\x36\x5e\x95\x00\x76\x26\x30\xfc\x5d\x3d\xd6\x0e\xcf\xb0\xfb\xa7\x8c\xc7\x43\xaa\x7d\x64\x5d\x24\x0a\xd6\x2a\x64\x6c\xc0\x67\x1a\x2b\x4f\x9b\xe1\x25\xbd\xd7\xc1\x8a\x42\x00\xc8\x38\x3f\x8d\xbd\x54\xdf\x91\xc8\xfd\x2f\x1c\xde\x91\x50\x53\xb3\x55\x88\x28\x12\xf5\x22\x47\xd1\x6d\x78\x17\xd2\x55\x08\x3a\xf9\x79\x0a\x4e\xab\x01\xc3\x38\x84\x6a\x2e\xa8\xd0\x9a\xbb\xaa\x3c\x5c\xf9\x49\x93\xa1\xf3\xcc\x12\x23\xe6\xc8\x4b\xbc\x2d\xad\x0a\xb4\xcb\xa5\x13\x1b\xd2\x94\xa7\xe5\x14\x2d\x78\x77\x78\x0d\xdf\x03\x32\x75\x03\x7c\x8f\x83\xf6\x3f\x6c\x45\xd7\xed\xe5\xf9\x9f\x7b\xa7\x4f\xbf\x93\xe8\xb8\x30\xff\xfa\x4a\xa3\x37\xdf\x6e\x72\xdf\x72\x5b\x94\xbe\x7a\xba\xcd\x9d\xfc\xcc\x69\x42\x72\xd9\x9e\x94\xfb\x69\x19\x87\xf6\x3b\x48\xb1\xc9\xb9\xb1\x9a\x81\x7d\x2a\x00\x87\x34\x9e\x2f\xd2\x63\xe2\xbf\xc6\x42\xbd\x98\x35\x23\x96\x75\x79\xf3\x6e\xf2\xa1\x33\x7e\xdf\x56\xa5\x92\xd1\xf0\x62\x72\x35\xb8\xbe\xec\x0e\xa5\x33\xe8\xf9\x7a\xe1\xb7\xd0\xf4\xf1\x7d\x33\x8c\x83\xe0\x0d\x44\x2b\xbf\x6e\x6f\xf9\xc5\xf7\x28\x20\xbe\x4e\xa0\xa9\x70\x89\x27\x84\xdb\xce\x63\x82\xfe\x14\xdc\x57\x1b\x1b\x9e\xb5\xc1\x6e\xf8\xcb\xf9\xee\x66\x06\x2a\xf1\xad\x3d\x45\xe5\x80\x2e\x63\x2e\xb7\xe7\xeb\x50\x16\x81\x04\xcb\xfc\x81\xbf\xbd\xcf\x94\xa2\xcc\x00\x18\x7a\x54\x7d\x0e\xbe\x7d\x83\xe7\xcf\xf7\x4d\x91\xe1\xf0\x2e\xc9\x65\x27\x9b\x1a\x9b\x53\xd8\xc2\xf3\x7f\x89\xde\x76\x8e\x18\x43\xaf\xf3\x98\xd7\x13\x1b\x70\xf1\x5f\xd0\xda\xa1\x55\x15\x25\x64\x04\x88\xc2\x62\x70\xaf\x0b\xd7\x84\xa7\xe9\x02\xa9\x80\xb4\xae\xc8\xa5\x05\x0a\xe4\x1d\xc0\x8d\x4a\x50\xe8\xe2\x72\x40\xe7\xc4\xb3\xac\xd1\xc5\xb0\xf7\xc1\xd4\x87\x9d\x1a\x28\xf1\xa9\x49\x55\x63\x22\x8a\xc7\xf3\xce\xe8\xbd\xb1\x4b\x5f\x8e\xbe\x6d\x6c\xa8\xdb\x72\x17\xd1\xca\x87\xba\xad\x44\xf1\xb2\x37\x4c\x42\x91\x0c\x2e\x11\x22\x3b\x9b\x94\x8a\x67\x0e\xa8\x54\x50\xe5\xf3\x92\xe0\xa6\x88\x72\xdc\xbd\xf9\x90\xcc\x33\x28\x9b\x6c\xd5\x70\x9c\x86\x96\x61\xf9\x68\xa3\xc4\xfe\x12\x0b\xec\x09\x58\x2d\x30\xc3\xb0\xc2\x55\x86\x81\xc5\x61\xa8\xe2\x70\x46\x97\x96\xc5\x71\x28\x48\x88\x03\x95\x3a\x6e\xdb\x4e\xc6\x95\x66\x43\x2c\x08\x77\x09\x77\xc5\x02\xbb\x99\x2c\xb8\x0c\x47\xd4\x4e\x6e\xfb\x0c\x6c\x67\x0b\x47\x5e\xf2\x0e\xe0\xe3\xce\x92\x40\x42\x4e\x7c\xdd\xed\x10\x51\xab\xb2\x5b\xac\xcf\xd3\x60\x4e\xd4\xb6\x70\xc0\xf1\x2e\xc2\x04\x57\x98\x64\xc9\xb1\x9f\xe6\xc7\xad\xca\x94\x84\x2a\x82\xcf\x63\xb4\xad\x4a\xc4\xf0\x8c\x3c\x98\xd8\x3e\x3b\x37\x33\x5b\xfa\x1e\x25\x34\x65\x40\x4d\xbe\x40\x0c\x37\x33\x86\x64\x44\x66\x57\x41\x69\xc1\x5c\xf0\x9c\xe7\xca\x76\x4c\x5d\x7a\xce\x4a\x7f\xd4\xf3\x08\x9f\x81\xeb\x27\xf5\xec\x1c\x65\x3b\xf7\x5c\x69\xf1\x0b\x14\xca\xeb\xa0\x52\x1d\x49\xab\x45\xd6\x69\x71\x0a\xf8\x21\xc2\x9e\xc0\x3e\x28\xbd\xbe\x83\xb3\xe4\x6a\xab\x73\xce\xf4\x6d\xb3\x71\x39\x9a\x8c\x04\x65\x78\x57\xd1\x5c\xe2\x00\xab\xcb\x9b\xce\xd1\x89\x15\x90\x37\x50\x55\xff\x4c\x36\xd4\xb6\x2a\x6c\xb9\x0f\xad\xb9\xb7\xa6\x35\x46\x9a\x78\x75\xfd\xad\x82\x82\x28\x14\xdc\x73\xc4\x3e\x6e\x5d\x94\xad\xbc\x0a\x5b\x96\x4f\x31\x6b\xde\x72\x0c\x37\x78\x8e\xa6\x6b\x81\x39\x70\x12\x7a\x59\xa6\x72\x86\x48\x60\x3a\x66\x54\x18\x1f\x20\xa6\x52\x6f\x02\x9b\x54\x22\xcf\x12\x65\xaa\x6e\xcd\x27\x82\x4e\x96\x09\xb6\xa4\xc1\xa0\xe3\xfb\xd0\x92\xf6\x81\x21\xb8\x39\x3f\x34\x8b\x08\x79\x4b\xab\xca\xed\xf1\xb1\x47\x96\x28\x00\x86\x85\xbc\x5c\x32\xa4\xc4\x0c\x5b\x95\x9b\x73\xed\x78\x3a\xb5\x5a\xcd\x69\xc1\x0b\x78\xdd\x3a\x86\x26\xb4\x8e\x8e\x8e\xcc\xaf\x3a\xbc\x84\x56\xbd\x6e\x4e\xc3\x31\x00\x5b\x55\xe1\x39\xd6\x55\xbd\x84\x9a\x77\x58\x98\x22\xbb\x4a\xa6\x13\x6d\x24\x2c\x93\xa1\x72\x8a\x1d\x2e\xe0\xce\x31\xb4\x8e\xf3\x89\x2a\xb5\x39\x85\x53\x5e\xa9\x18\xdc\x73\x45\x98\xcb\x55\x4f\x83\x24\x46\x5d\xdf\xdd\x79\xe9\x84\x19\xb1\xb6\x9f\x6a\xf2\xb3\xa1\xa4\x4b\x07\x43\x95\x37\x2b\x8d\x17\xcd\xe6\xbc\x9a\xee\xb2\x56\xc2\xeb\x3c\x70\x5d\x27\xc7\x72\xd2\x74\x79\xf3\xae\x3c\x59\xfe\x5d\x95\x2a\x54\xca\xd5\x9c\x39\xe6\x82\x2c\xb5\x4a\xb9\xb8\x1d\x8d\x07\x37\xfa\x08\xaa\x55\x2b\x97\xc2\x2b\x44\x06\x79\x71\xcb\x03\xd9\xba\xa2\xe1\x3c\x16\xe6\x6f\x96\xf9\xcb\xee\xe4\x8d\xa4\xb2\x91\x47\x39\x7c\x89\xb1\xcd\x6c\xed\xb6\xa9\x4d\x4f\x25\x9b\x30\xe9\x0c\xdf\xdd\xde\x74\xfb\xe3\x51\xdb\xb6\xd3\xd3\x28\x7f\xee\x7a\xe0\xb5\x4f\x5e\x1d\xa2\x76\xeb\xe4\x10\xb7\x5b\x27\xb6\x3e\x9d\x84\x1d\x5a\xf1\x81\xf3\xb8\x13\x8f\x6c\xc0\xe5\xcc\x33\xa5\x8e\xfc\xbd\xb6\x21\x2d\xdb\xdb\xce\x63\x4e\xff\x6d\x6c\xf8\x2a\x3d\xed\x19\xdf\x71\x1e\xdc\x19\x47\x6c\x5e\x18\xcf\xe8\x54\x33\x74\xe5\xf0\xf6\x72\xf8\x11\x9c\xc7\x1c\x9b\x37\x65\x97\x5b\x6f\x3a\xd9\xc5\x12\xdd\xe1\xc5\x7a\xca\x88\xbf\x67\x27\xa6\x2c\xe8\xea\xa4\xb9\x5b\x4e\xbc\xbb\x98\x71\x70\x69\x99\xba\xd9\xda\x7f\x8e\x7b\x34\xbc\xc7\x4c\x6c\x13\xef\xd2\xfb\xbd\x58\x76\xf6\x51\x0c\x42\x27\x7a\xe3\xed\xa2\x08\x1a\x6d\xf6\xce\x24\xa7\xf4\xb1\xf9\x4a\xf0\x91\x27\x62\x14\x28\x61\xb7\x8a\x21\xad\x53\x4b\xd4\x43\xc9\xe2\xf5\x44\x3f\x2a\x8c\x31\x17\x74\x69\x74\xc6\x0c\xa6\x64\x3e\xc7\x6c\xaf\x04\xb7\x32\x27\xf0\x99\x36\x8f\xe5\xfb\xc8\x3b\x8b\xe5\x33\xc0\x9d\x8b\x9d\x67\x39\xb9\xdf\xd9\x51\x39\x1a\xc3\x9f\xae\xbe\xdd\x7a\x4b\xb9\xa2\xa5\x36\x55\xba\x49\x21\x7f\xd1\x8b\x19\x8b\xfc\x8d\x4b\xcb\x0f\xb6\xf3\xf8\xac\x38\xf1\xcb\xff\xf8\xb6\xb1\x4d\x45\x42\x0f\x95\x31\x7c\x07\xca\x21\xdf\x36\x2a\x1f\xb2\x7b\x50\xf8\x21\x62\xbb\x8c\x78\x09\x4e\x0e\x7d\xd2\x6b\xa4\x37\x2b\xed\x8e\xb6\x3a\xaa\x99\x51\xb9\xf3\xb9\x3d\x33\x6c\x76\x5d\x22\x15\xfb\x16\x3b\x3e\xaa\x6b\x07\xfb\x0e\x03\x8f\x19\x06\x5d\x27\xce\x57\x67\x89\xb6\x98\x24\x84\x80\x2c\x89\xe0\xd6\x4d\xaf\x3f\xd9\x5d\x21\xb9\x22\x0c\x2b\x28\x57\x4f\x2e\xbb\x15\xa6\xa0\xd2\x1f\xb6\x5b\xa6\xa8\x42\x42\x51\x73\x5a\xcd\xe3\xa3\x57\xbf\xbf\x6c\xd5\x37\xd5\xba\x3a\x32\x70\x4a\x56\xda\x23\x3e\xe6\x0c\x4d\x2b\xdd\x0e\x75\x25\x88\x0c\x4f\x87\x9a\xdc\xd4\x45\x49\xab\x74\x86\xd1\x22\x9e\xcd\xac\xc2\xde\xf6\x28\xcf\x3d\xa6\xa1\x4c\x0b\x48\x96\xab\xca\xb2\x5c\x29\xc4\x2b\x79\xaf\x2d\xe3\x1d\xdd\xec\x69\x47\xb4\x54\x2b\xdc\x64\xd8\xe9\x5f\x0e\x6e\x4c\x1c\xdd\xfc\x97\xd2\x6f\xdc\x7e\xf2\xe2\x26\x02\x5e\x86\x40\x2c\x23\x65\xbb\x2e\xbb\xff\xd2\x3e\x6d\x76\x92\xa6\x05\xc5\x55\xe5\x3e\x86\x42\x9f\x2e\xc1\x79\xdc\x41\xb2\x01\x97\x61\xe4\xaf\x18\x11\x18\xdc\x90\xde\x63\x46\x66\x6b\xf9\x09\xc5\x82\xd2\x08\x87\xf2\xf3\x94\xd1\x15\x2f\x53\x4a\x7b\x4b\x72\xd5\xff\x54\x01\x56\xd5\xb8\x0e\xad\xbf\x8a\x95\xb8\x96\x14\x94\xc4\x6b\xbd\x27\x9e\x0e\xe6\x4f\x95\x04\x38\xc9\x7e\x6c\xc3\x36\x19\x07\x38\xb5\xed\xea\xa7\xa2\xc6\xcc\xdb\x70\xa9\x1e\x73\xee\xff\x63\x0a\x97\xf7\x3e\x01\xb2\xa2\x68\x77\x38\x1c\x0c\x4f\x21\xd6\x4d\x1c\x82\x42\xc4\xa8\x87\xb1\xc9\x22\xec\x74\xca\x28\x15\xae\x3c\x4b\x9c\xf5\x66\xef\x2b\xa1\xae\x90\x8e\x89\x95\xef\xdd\xb0\xb7\xd6\x1d\x3f\x05\x47\x82\x00\x02\x72\x87\x83\x35\x4c\x71\x5a\xa9\xd5\x0d\x73\x41\xa0\xba\x16\x4c\x33\xa6\x17\x60\x14\x62\x1f\xe2\x28\x6d\xc0\x50\x0b\xe5\xa2\x87\x9c\x40\xca\x00\xe4\xd4\x5c\x2f\x27\x65\x8d\x6d\xe5\x95\x6b\xb1\x8a\xb7\x9b\x19\xa0\xd1\x5a\x4a\x76\xae\x82\xa7\x92\x30\xd5\x22\x68\x55\x77\x65\x4a\xc4\x32\x6e\x4a\xd7\x6b\xe6\xca\x7a\xca\xd4\xfc\xf8\x01\xcb\x3b\x7d\x94\xe5\x93\xac\x8a\x17\x95\x91\xb6\x67\x7e\xb3\xb4\x56\xb8\x15\x1b\x2a\x33\x52\xa8\x79\xec\x6e\xf5\x06\xa9\x52\x7e\x59\x9b\x99\x64\xa5\xde\x9f\x71\xf2\x13\x42\xac\x4a\x10\x4a\xa7\xba\xb9\x35\x3b\x4f\x69\xfe\xc1\x0e\x51\xa6\x08\xf4\x53\x5a\x4a\x9b\xd3\x9e\x24\xc8\x6e\x5e\x93\x29\x43\x6c\xdd\x4c\x61\xb7\x39\x98\x0d\x17\x89\x2a\xd6\x93\xf7\x0b\x45\xae\x41\x33\x91\x8a\x22\xb0\x11\x0b\x75\xa2\xbb\x88\xb7\x8e\x54\x2b\xc6\x5e\xd2\x09\x6a\x5b\x95\x11\x16\x57\x12\xad\xeb\x01\xf1\xc2\x8b\x9f\x4c\x2f\x1e\xf8\x13\x7e\xc3\xf6\x36\x8c\x5f\xa5\xb2\x73\x9a\xdc\x5f\xf6\x2b\x92\x76\x81\x72\x2f\xc2\xaa\xc8\x8d\xbb\x68\xff\x8c\xad\x2d\xe5\x26\x99\xca\x4d\x82\x26\xf5\x28\xf2\xa9\x8c\x7c\x9b\x70\x8a\x44\xf9\x06\xc3\x38\x54\xe2\x8b\x47\x3a\x01\x27\x28\xf8\x14\xa4\xd8\xe4\x3a\x73\x3d\xca\x97\x58\x10\xcf\x18\x4c\x79\x3f\xba\x26\x6d\xa3\x7a\x01\x9c\xda\xf2\x4e\xe0\x65\x04\xae\x48\x7c\xd9\xe5\xbc\x21\x96\x51\xe3\x53\xfa\xaf\xfe\x4b\x46\xcc\x34\xa4\xdc\x91\x28\x92\xec\xd6\xeb\xbb\x11\xc3\x42\x90\x99\x3a\x81\x3c\xb1\x89\xae\x5d\x61\x40\x4c\x05\xc7\x23\x9d\x79\x54\x47\xa3\x83\x8a\x64\xd5\x5c\x31\x61\x27\x6a\x53\x7d\xd7\xbb\x09\x9c\xa6\xdc\x53\x80\x04\x6e\x20\xb9\xa8\x4e\x51\xea\xa8\xa8\x92\x46\xbc\x36\x6f\x7e\xec\xf5\x3f\x35\x1d\xf5\x73\x6e\x67\x63\x9f\xd5\xd8\xe7\xad\xb1\x8f\x6a\xec\xa3\x1c\x53\x68\x2a\x95\xf4\xd1\x7b\xf5\xe8\x7d\x36\x7d\xa7\x41\x62\x4b\x7d\x99\xa1\x22\xa2\xa7\x3b\x1e\x9a\xce\x4f\x9e\x17\xd1\xa5\x0d\x0c\x4d\x27\xfb\x98\x52\x98\xf6\x2a\x34\x9d\xec\xe3\x3c\xe5\x50\x84\x59\x00\x6e\xa4\xa6\x16\xaa\x83\x4d\xa7\x38\x50\x0e\x96\x16\xbb\x9b\x4e\xf6\xb1\x7c\xea\x6e\x49\xba\xe9\x94\x8c\x95\x03\x6f\x35\x0d\x34\x9d\xed\xaf\x06\xe2\xad\x31\x0d\x79\xd1\xcf\x5e\x2e\x38\x56\xef\x2a\x28\xcb\x4f\x61\x45\xd9\x1d\xd2\x26\x90\x7a\x1e\xe2\xda\x85\xb7\x2f\x50\xf8\xbf\xff\xe7\xff\x12\x20\x7d\x70\x69\xd6\x6d\xa8\xb9\xad\x7f\x3b\xfe\xbd\x0e\x84\xf3\x18\x73\x80\x54\x4f\x0c\x4d\x16\xb5\x70\x37\x55\x4f\x72\xd2\x2f\x2f\x2f\x23\xa8\xbb\xb1\x3e\x85\xf4\xed\x35\xca\x91\x49\xa6\x7f\x95\xba\xa4\x40\xf0\xe6\xab\xad\xc6\xf3\xb1\xb2\x6e\x96\x21\xb3\x32\x1c\x65\x28\xec\x9d\x60\x3b\xeb\x8a\x3a\x80\xc1\x1d\x5a\x1f\x9a\x7c\xb6\x47\x69\x20\x47\x4d\x6b\x85\xc9\x6d\xe4\xb2\xa1\x57\xfa\x45\x14\xb6\xbb\x5b\x55\xcb\x2a\x7b\x11\x68\xcb\xaf\xcb\x2a\x5e\x27\xaf\x4c\xbf\x55\x92\xea\xa4\x61\x96\x8b\x96\xba\x2c\x87\x7b\xeb\xad\x10\x09\xa7\x72\x9d\x25\x67\x3b\x23\x69\x8d\x22\x09\xa1\x88\xa8\x6a\xe7\x6d\x45\x59\xe0\x83\x72\x8c\x55\x1f\xb6\x5e\xf6\x8a\x3c\xc8\x05\x23\xcc\x96\x84\xcb\x73\xd7\x66\xc2\x5b\x2c\xa9\x0f\xee\x70\x06\x73\xea\xae\x8a\x0e\xe8\xf3\x5c\xb9\x41\x3a\x3d\x8a\x5d\xb9\x6d\xcc\x76\x90\xda\x29\x51\xaa\xe7\x90\x46\x49\xf7\xbe\xf2\xc8\x89\xe0\x38\x98\x01\x0d\xb5\x8b\x78\x9a\xa8\x5e\x55\xdf\x35\x3a\xf7\xf9\xf3\x9f\xa4\xb2\xf4\xfa\xe7\x01\xe6\xaa\xe1\x8f\x0b\xc4\x04\x96\x2e\x97\x8e\xde\x6a\xb1\x32\x27\xee\xb2\xae\x12\x5c\x88\x2d\x4f\x5e\xd9\x90\x4b\x3b\xaa\x8e\x50\xd7\x4d\x53\x4e\xf9\x1d\x67\x49\xc7\xa7\x66\x81\xeb\xca\xed\xec\xc1\x20\xcf\xba\x40\xe3\x8c\x84\x84\x2f\x24\x91\x1a\x7d\xc1\x9a\x4c\x93\x79\x34\x4c\x4a\x54\x7f\xcb\xa3\x39\x80\x31\x36\x86\xd1\xb8\x33\xba\xe0\x25\x60\x81\x38\x20\x9d\xaa\x4c\x7a\xaa\x91\x10\x8c\x4c\x63\x81\x73\xbe\x09\x82\x2d\xc7\x24\x49\x6a\xab\xac\x3c\x86\x38\x0c\xb1\x87\x39\x47\x6c\xad\x51\x98\x8e\x78\x7c\xaf\xde\xd0\x09\xe8\x1c\xc8\x0c\x22\xca\x39\xc9\xe4\x2d\xcb\xe8\xcf\xb8\x9e\xe8\xdb\x16\x5b\x82\xcb\x66\xdb\x1c\x6b\xe6\x26\xa4\x32\x66\xfd\xc2\x05\xb3\x0e\xe0\x82\x2e\x23\x26\x0f\x4a\x87\x21\x32\xde\xd0\xb5\x76\xd5\xd7\x9d\xf4\xda\x1b\x21\xdb\x69\x50\xd9\x23\x59\x09\xd2\xb2\x77\xf3\x8a\x19\xb9\xd2\x98\xbc\x24\xda\x4c\x32\x77\xce\xa3\x2e\x88\x6f\xc0\x79\x4c\x2a\xf1\x9b\x5c\x1a\x4f\x31\x64\xab\x1e\x97\x17\x98\x3c\x65\x72\xaf\x49\x07\x7f\x09\xa1\xa6\x7e\x3e\x18\x77\x4f\x73\x1d\xd3\x41\x00\xea\x4d\x61\xdd\xbb\x9f\x76\x10\xab\x3e\x7a\x9d\xd7\x49\x3b\xf9\xc1\x05\x1c\x2a\xc5\x82\x43\xc9\x7b\xc2\xc1\xa3\x8c\x61\x4f\xfc\x3f\xe4\x43\xee\x95\x84\x4e\x77\xe4\x3a\x8f\xa6\x7b\x68\x03\x2e\x17\x3e\x09\x25\x71\x4f\x72\x6b\x46\xac\xbd\x85\x1a\x9d\xca\x92\xcc\xea\xde\x5e\x77\x72\x79\xab\x7c\x53\x6d\xda\xce\xb5\x51\x75\xdb\xc2\xc8\xb3\x36\xd8\xae\x54\x86\xee\xae\x27\x5e\x8a\x5b\x1f\xc6\x81\x7a\x3f\x94\x63\x88\x7d\x32\x63\xf8\xbb\x8a\x80\x30\xf2\x61\x16\x20\x21\x70\xd8\x64\xf8\x7b\x33\x0e\xcd\x37\x39\x79\x21\x44\xc4\x4f\x9b\xcd\x39\x11\x8b\x78\xda\xf0\xe8\x32\x5f\x3b\xcc\x7d\xd4\xf6\xb9\xd9\x3a\xfa\x87\x59\xe6\x1c\x49\xff\x8f\x86\x80\x40\x2c\x98\x5a\x84\xd1\x25\xf8\x68\x15\x1e\xfb\x31\xbf\x83\xe7\x10\x61\x81\xd9\x3c\x5e\xe7\x17\xf2\xf1\x3d\x0e\x68\x84\x99\x76\x29\xd5\x8a\x33\xca\xe2\x25\x6f\x6a\x34\xcd\x93\x93\xdf\x8f\x7e\x7f\xa5\x56\xd1\x2c\xe9\x9a\x28\xe0\xef\xb8\xda\x1a\xd4\xb4\xb4\x39\x35\xa5\x4d\xdc\x29\xe4\xb9\x5c\x4f\x5d\xe3\xc7\xdc\xe4\x8d\x54\xe6\xd5\x21\xf1\x16\x30\xc6\x0f\x02\xae\xb4\x1c\xf9\x48\xa0\xea\x0b\x19\x92\xa7\xfa\x3d\xbf\x42\x75\x38\xbe\x82\x6a\xaa\xd4\xb7\x1e\x49\xc7\xb0\xaa\xb5\xf5\x01\x74\x43\xf5\xc2\xa6\xd4\xa0\xea\x00\x05\x05\x19\x98\x48\xdb\x7d\x00\x43\x1c\x05\xc8\xc3\x50\x95\x4a\x9f\xf3\xc0\x3c\xaa\xea\x8c\x4b\x35\xf9\x46\x66\x70\x83\x3c\x18\x8c\xe0\x13\xb4\x8e\x1a\x27\x49\x15\x35\xdf\x94\x14\x62\xec\x63\x5f\xad\x28\x69\xb9\xec\x8c\x3b\x49\x39\xf7\xe4\x95\xe4\xc4\xeb\xe3\xa2\xcc\x69\x87\x9e\x3b\xd5\xe6\x7f\x7e\xad\x35\x5e\x7c\xad\x3b\xcd\xaf\x42\xfd\xf7\xb5\xd5\xac\xd6\x6d\xc3\xd3\x04\xd5\x36\x8d\xe0\x92\x1d\xb1\x4e\xdf\x4e\xff\x1a\x56\xd3\xe4\xd6\x9c\xc7\xd3\x5a\xb3\xf1\xf8\xfa\x78\xd3\x3c\xb4\x9f\x7f\x0d\xed\xfa\xa6\x55\xfd\x85\xc5\x0f\xe0\x8a\x18\xdb\x93\x44\x25\x59\x8d\xcc\x44\xa5\x8a\xa5\xc9\x1b\x9d\x56\x05\xdf\x4b\x9f\x53\x86\x36\x6f\x95\xcb\x57\x22\x4e\xd2\x1b\x3c\x3b\xeb\x0e\xae\xe0\xff\xfb\x3f\xab\xe2\xd4\xce\x9c\xc7\x62\xcc\xb5\x69\xe2\x38\x40\x6e\x7a\xb3\xdd\x34\x06\x7b\x58\x06\x52\xb0\x07\x57\x56\x45\xf1\x43\xfa\x73\xeb\xe4\x75\x2a\xa3\x62\x52\x85\x99\x68\x00\xf7\x61\x19\xc0\x9e\xbd\xdb\x50\xad\x82\xee\xd2\xdb\xab\xe9\xa4\xa5\x7c\x4c\x7d\x4a\xe3\xad\x0a\xaa\xde\xa2\x4a\xa5\xd8\xbc\xc4\x97\xbc\x1f\x0e\x2d\xab\xb2\x49\x9d\x8f\xd8\x93\x36\x7d\x16\x4b\x4b\x89\x7c\x1f\x97\xc1\x99\x6a\x87\x4e\x35\xda\x49\x13\xab\x7d\x08\xab\x05\x12\x2a\x5d\x6a\x3a\x6b\xb2\x86\x03\x95\xc4\xcc\x5a\x5b\x53\x35\xba\x35\xd4\x6e\x97\x04\xd7\x7d\x2a\x80\xcb\x78\x3a\x9c\x43\xb5\xd0\x30\x5b\x05\xf3\xfe\xaa\xbf\x9c\x1f\x4a\x7f\x13\x3c\x14\x04\x98\x01\xc3\x7f\xc5\x98\xe7\x7a\x3d\x2e\x16\xd8\xbb\x93\x77\x31\xe1\x78\xfa\x52\x5e\xf1\xfd\xc4\xca\x01\x8c\xcc\x0d\x5d\x21\x6e\x1a\x03\x55\xc7\x41\xf6\xfa\xde\xeb\x06\x8c\x30\x2e\x53\xc7\x28\xf4\x19\x5e\xdf\x13\x51\xa2\x8d\xff\xed\x44\xe9\xb0\xec\x15\x90\xad\x85\x41\xb5\x45\xc1\xdb\xcc\xb3\x3e\x7e\x9b\x6b\xea\x31\x6a\x6c\x2f\xf0\x1a\xf3\xfd\xf6\x2f\xd1\x74\x9a\xa3\xe9\x9f\x0a\xa0\x78\xab\xd7\xa9\x88\xb4\x01\x7d\x2a\x64\x04\xf1\x14\x23\xb2\xa8\x23\x6f\x2f\xd3\x46\xd1\xf4\xa0\xf3\x23\x4f\xd9\xcb\x8b\xe4\x6d\xb4\xc4\x81\xaf\x58\x95\xf4\x0d\x35\x55\xe3\xdf\x42\xb5\x7f\xcb\xfe\x72\x9e\xbe\xae\xa6\xba\xf3\x54\xe7\x54\x8a\xc9\x4d\x2a\x03\xae\x2f\xa3\x2a\x37\x69\x9e\x6d\x1f\x83\xeb\x72\xc1\x88\xf7\xc4\x2d\x3b\x7e\xfb\xbc\x95\x3b\xa9\x7a\x1a\x65\xfc\x33\x71\x1e\xd3\x03\xcb\xb2\xe4\xb9\xc4\xb8\x52\xfd\xab\xf4\xcd\x3b\x15\xa6\x6c\x1d\x91\x9c\x9f\x52\x0f\x1c\xe3\xa5\x14\x54\xd5\x6f\xe8\x3c\xf6\x2f\x36\xf9\xbb\x5b\xc2\xfe\xa4\xeb\x36\x77\xcd\xd2\x81\xa7\x98\xdf\xd7\xad\xbb\xba\x32\x90\x3b\x80\x07\x8f\xc5\xa1\x7e\xa5\x6f\x2d\x28\x95\xb7\x67\xba\x24\x4f\x30\xc8\x75\x93\x57\xf9\xdc\x88\x51\x65\xcf\xb7\xa9\x70\xdd\x15\x22\x22\xd5\x3a\x02\x45\x41\x12\xf8\x86\x79\x22\x04\xf1\xee\xb0\x0c\xae\xf5\xcb\x82\xf2\x0c\x35\x31\xfa\x3b\x33\xbf\xf7\x52\xf2\xdf\x3d\x9a\xa4\x89\x79\xe7\x64\x1c\xbd\xa0\xbd\x05\xbf\x45\xb2\xf9\x63\x15\xca\xda\xa9\xbf\x9b\x03\xce\x3f\x4b\xce\xeb\x00\x3a\x41\xa0\xfe\x2c\xc5\xb3\x24\x36\xca\xa8\x90\xc3\xb6\x65\x5e\x0b\xfc\x3f\x01\x00\x00\xff\xff\x60\x0d\x98\xdf\xeb\x47\x00\x00") 162 | 163 | func createDmgBytes() ([]byte, error) { 164 | return bindataRead( 165 | _createDmg, 166 | "create-dmg", 167 | ) 168 | } 169 | 170 | func createDmg() (*asset, error) { 171 | bytes, err := createDmgBytes() 172 | if err != nil { 173 | return nil, err 174 | } 175 | 176 | info := bindataFileInfo{name: "create-dmg", size: 18411, mode: os.FileMode(0755), modTime: time.Unix(1712862222, 0)} 177 | a := &asset{bytes: bytes, info: info, digest: [32]uint8{0x68, 0x28, 0xb9, 0xd, 0x86, 0x9c, 0xb4, 0x5f, 0x76, 0x5f, 0x84, 0x25, 0x34, 0xc3, 0xe1, 0xce, 0x32, 0x6f, 0xb2, 0xb7, 0x3d, 0xd6, 0x81, 0x13, 0x1a, 0xf0, 0xb3, 0xb1, 0x3f, 0xc3, 0x16, 0x23}} 178 | return a, nil 179 | } 180 | 181 | var _docProjectDeveloperNotesMd = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\x8c\x54\xc1\x6e\xe3\x46\x0c\xbd\xeb\x2b\x1e\x9c\x43\x2e\xb1\x37\xdd\x2d\xd0\x05\x72\x08\x16\x68\xd1\xbd\x34\x2d\x9a\xc5\x9e\x43\x49\xb4\x34\x8d\x34\x23\x90\x1c\x3b\xfe\xfb\x82\x23\xc9\x8e\x0b\x14\xd8\xdb\x68\x48\x3e\xf2\xf1\xbd\xd1\x0d\x1a\x61\x32\xde\xb6\x63\x87\x5f\xf9\xc0\x43\x9a\x58\xf0\x94\x8c\xb5\xaa\x6e\x6e\xf0\x37\x4f\x09\x03\x9d\x52\xb6\xaa\xda\xe2\xe5\x92\xfe\x82\x10\x61\x3d\x43\x52\x32\xa4\xfd\x7c\xf6\xf4\xa0\xe5\x3c\x52\x88\x98\x24\x75\x42\xa3\x97\x6a\x9e\xa6\x24\xf6\xe1\x05\x4d\x8a\x46\x21\x2a\x28\xbf\x85\x21\x90\x9c\xa0\x8d\x84\xc9\x14\x59\xb9\x45\x7d\xba\x6a\xf4\x80\x60\x18\xb3\x1a\x6a\x06\x19\xac\x27\x83\xf0\x40\x16\x0e\x8c\x29\x69\xb0\x90\x22\x2c\x5d\x55\x79\xcb\x3a\x87\xa1\x65\x79\xdf\xf2\xf1\xf1\xf1\xd1\x43\xfc\x46\xe3\x34\xb0\xbe\x8f\x65\x65\xd9\xee\xa9\x09\xb1\xc3\x1a\xf7\x5c\x63\xb5\xab\x44\xe1\x4e\x58\xb5\x74\xf5\x18\xf6\x49\xd0\xae\xeb\x2b\x35\x6d\x6a\xb6\x93\xa4\x7f\xb8\xb9\x62\x7c\x4e\x5a\xfb\xb4\xa9\xc9\x23\x47\xa3\xc2\x81\xea\x94\x9d\x60\x50\x2c\xc5\xae\xc2\xcd\xdc\xe5\x43\x55\x7d\xeb\xf9\x32\xce\x3e\x39\xb9\x1f\x9e\x6a\x57\x55\xbf\x51\xd3\x97\x98\x6b\x14\x22\x82\x29\xd2\x31\x42\x73\x3d\x83\xed\xe6\x94\xf3\x37\x22\x8d\x0c\xed\x53\x1e\x5a\xa8\x91\x18\x8e\xc1\x7a\x10\x3e\x6d\xdb\xd0\x05\x43\xcc\x63\xcd\x32\x6b\xb2\x08\xbf\x5c\x2d\x96\x68\x92\x08\xeb\x94\x62\xeb\x74\xeb\xdc\x15\x93\x88\x79\xff\x8b\x5c\xb7\x8a\xdf\x83\x7d\xcd\x35\x82\x6a\x66\x98\x50\xf3\xea\xf3\x14\xca\x33\x1d\x12\x76\x91\x6b\x86\xe4\x88\x91\x62\xa6\x61\x38\xdd\xcd\x13\xcd\xee\xd3\x3c\x98\x16\xed\x42\xe4\xf6\x9c\xb3\x73\x14\xe1\x5b\x45\x4c\xa0\x6c\x69\x24\xe3\x76\x31\x9d\x63\x3a\xa0\xf5\x3c\x82\x14\x04\xcd\xc1\x18\x14\x5b\x34\x3d\x37\xaf\x1e\x09\xb2\xa2\x3b\x16\x19\xc6\xd0\xf5\xc5\x90\x31\x34\x65\xac\x9e\x0e\xbc\x9b\xd5\x3a\x7b\x6b\xd9\xf8\xf2\xfd\xff\x4b\x77\x8e\x97\x9d\x4f\xc2\xfb\xf0\xb6\xae\x31\x38\xf1\x3a\x98\x90\x9c\x1e\x7c\x14\x5d\x37\xac\xab\x30\x92\x72\xd7\x0f\x27\x9f\x26\x44\x24\x69\xe7\xed\x6f\xa8\x3d\x50\x6c\xb8\x8d\xac\xba\xf1\x9b\x75\xb0\x3b\x68\x2a\x8f\x8a\x5e\x59\xa1\x1c\x95\x8b\x59\xfc\x01\xa8\x93\xe9\x12\xac\x2f\xb0\xf3\x5a\x56\xd8\x42\x10\xdf\x59\xdc\x65\x21\x76\x55\xf5\x45\x1d\xf8\x0f\x3a\xe1\xe3\xfd\xc7\xfb\x3b\x1c\xf9\x56\x18\x59\x5d\xec\x67\x1e\xbf\xb3\xe0\x70\x4e\x9f\x99\xa6\xa1\x5d\xef\xce\x4c\x8e\x2c\x8c\x9f\xb7\x13\x89\xb1\xe8\x1d\x86\xf0\xca\xd8\xfc\xb4\xbb\xdf\xdd\xef\x7e\xd9\xec\xaa\xa7\x74\xc4\xd1\x71\x19\x9f\x4a\xd6\x7f\xc0\xaf\x4a\x3e\x6f\xbc\x51\x50\x34\x3d\xc5\x8e\xd1\xd3\x34\xb1\xfb\x81\xf6\x76\x29\xc1\x82\xfe\x50\x0e\x9f\xcf\xee\xe5\xb7\xf2\x77\x61\x52\x5e\x0a\x96\xc4\xc5\x8c\x9a\xf7\x2e\xcf\x66\xfb\xfc\xf4\xe5\xaf\xe7\xaf\x7f\x7e\xdb\x78\x69\xf9\x71\x59\x42\xcb\x31\xb9\x79\xce\x5d\xd6\x97\xa1\x16\x86\x01\x39\xba\x38\xcb\xa3\xf4\x77\xbf\xab\xfe\x0d\x00\x00\xff\xff\xe8\xd2\xf1\xb4\x84\x05\x00\x00") 182 | 183 | func docProjectDeveloperNotesMdBytes() ([]byte, error) { 184 | return bindataRead( 185 | _docProjectDeveloperNotesMd, 186 | "doc-project/Developer Notes.md", 187 | ) 188 | } 189 | 190 | func docProjectDeveloperNotesMd() (*asset, error) { 191 | bytes, err := docProjectDeveloperNotesMdBytes() 192 | if err != nil { 193 | return nil, err 194 | } 195 | 196 | info := bindataFileInfo{name: "doc-project/Developer Notes.md", size: 1412, mode: os.FileMode(0644), modTime: time.Unix(1712862222, 0)} 197 | a := &asset{bytes: bytes, info: info, digest: [32]uint8{0x6b, 0xce, 0x4, 0xaf, 0xe6, 0x3d, 0x60, 0x12, 0x7c, 0x46, 0x19, 0x81, 0x96, 0x2d, 0xa8, 0x25, 0xf3, 0x79, 0x1b, 0x5f, 0xbb, 0x73, 0x1c, 0xa3, 0xda, 0x4b, 0xed, 0x49, 0xcc, 0xfb, 0x8f, 0x9a}} 198 | return a, nil 199 | } 200 | 201 | var _docProjectReleaseChecklistMd = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\x6c\x8f\xcd\x4e\xc3\x30\x10\x84\xef\x7e\x8a\x51\x39\x70\x72\xdf\x01\x72\xa0\x27\x8a\xda\x22\xe5\x86\xb7\xf1\xc6\x31\xc4\x3f\xb2\xd7\x51\x1f\x1f\x11\x5a\x24\xa4\x5e\x77\x67\x3e\x7d\xf3\x80\x03\xcf\x4c\x95\xd1\x4d\x3c\x7c\xcd\xbe\x8a\x52\x1a\xef\xd9\x92\x30\x64\x62\x2c\x5c\xaa\x4f\x11\x3e\xc2\x0c\x85\x49\x58\xdb\xe0\xcc\x63\x85\xc9\xad\xf0\xc7\xf5\x6f\x30\xb6\x38\x88\x4f\x51\x01\x1a\x07\x0e\x69\xf9\x05\x6c\xf4\xf1\xf5\xe9\xed\xb8\xdb\x9f\x36\xa8\x6d\x1c\xfd\x45\x69\x74\x29\x04\x2f\x4a\xe3\x44\x6e\x4d\x95\xab\x06\x55\x98\xa5\xdf\xf6\xdb\xde\x28\x0d\xe3\xbc\x20\xb7\x3a\x41\x6b\x21\x57\x7f\x6e\xdd\x2a\x01\xfa\xab\xa4\xb8\x12\x5e\xbc\xec\xda\x19\xb9\xa4\x4f\x1e\x04\x99\x1c\x2b\x8d\x7d\xe6\x08\xcb\x0b\xcf\x29\x07\x8e\x72\x4b\x47\xbe\xc8\x8d\xb0\x1a\x3f\xb7\x90\xff\x0d\x8e\x2d\x9c\xb9\x80\xa2\x05\x59\x0b\xba\x33\x04\x92\xe0\x45\x7d\x07\x00\x00\xff\xff\x07\xc5\x58\xd6\x45\x01\x00\x00") 202 | 203 | func docProjectReleaseChecklistMdBytes() ([]byte, error) { 204 | return bindataRead( 205 | _docProjectReleaseChecklistMd, 206 | "doc-project/Release Checklist.md", 207 | ) 208 | } 209 | 210 | func docProjectReleaseChecklistMd() (*asset, error) { 211 | bytes, err := docProjectReleaseChecklistMdBytes() 212 | if err != nil { 213 | return nil, err 214 | } 215 | 216 | info := bindataFileInfo{name: "doc-project/Release Checklist.md", size: 325, mode: os.FileMode(0644), modTime: time.Unix(1712862222, 0)} 217 | a := &asset{bytes: bytes, info: info, digest: [32]uint8{0x9c, 0x6a, 0x79, 0x7f, 0xa5, 0x52, 0x70, 0x39, 0xce, 0xeb, 0x4a, 0x97, 0x33, 0x8e, 0xda, 0xd2, 0x9a, 0x3d, 0xd4, 0xf7, 0x99, 0x4e, 0x48, 0x4, 0xd2, 0xb8, 0x4e, 0x99, 0x71, 0x86, 0xa5, 0xd5}} 218 | return a, nil 219 | } 220 | 221 | var _supportEulaResourcesTemplateXml = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xbc\x96\x4f\x73\xa2\x48\x18\xc6\xcf\xfa\x29\x58\x77\xaf\x11\x24\xb1\x2a\xd9\x22\x4e\x35\x08\xd8\x8e\x12\xf9\x27\xd2\x97\x2d\xa0\xa9\x96\x11\xd0\x91\x46\x03\x5b\xf3\xdd\xb7\x1a\x82\x95\xcc\x4c\xcd\x3a\x87\xa4\x4f\x2d\x3e\xcf\xfb\x34\xfd\x6b\x78\x91\x3e\x3d\x67\x29\x77\x8a\x8f\x45\xb2\xcf\x1f\x07\xa3\xa1\x30\xe0\xe2\x3c\xda\xe3\x24\x27\x8f\x03\xd7\xd1\x6e\xee\x07\x9f\x26\x7d\xe9\x8f\xe9\x93\xe2\xf8\x2b\x95\x3b\xa4\x49\x41\xb9\x95\x2b\x2f\xa0\xc2\x0d\x6e\x78\x1e\x1c\x0e\x69\xcc\xf3\x53\x67\xca\xad\x16\xd0\x76\xb8\xd1\x50\xe0\x79\xd5\x18\x70\x83\x2d\xa5\x87\xbf\x79\xfe\x7c\x3e\x0f\x03\xa6\x1a\x46\xfb\x8c\x09\x0b\x7e\x75\xdc\x1f\xe2\x23\xad\x16\x49\x41\x6f\x46\x43\x61\x88\x29\x1e\x4c\xfa\x52\x5b\xfd\xcd\x72\x26\x7d\x09\x27\x11\x9d\xf4\x7b\xd2\x2e\xae\x26\x8b\x55\x12\x49\x3c\x9b\xf5\x7b\x52\x70\x3c\x06\x6c\xd2\xeb\x24\xbd\x56\x04\x28\x3d\x26\x61\x49\xe3\xa2\x93\xf6\x7a\x52\x41\x8f\x49\x4e\x26\xc2\xb3\x20\x08\x82\xc4\xbf\xfc\xbc\x78\xa6\x01\x0d\x5e\xa9\x71\x40\x83\x66\x06\xd8\x20\xe0\xd5\x30\x01\x00\x8f\x8f\x8d\x8a\xbf\xc8\x9a\x1a\x70\xfa\x63\xde\xf8\xa7\x69\x46\x90\xc5\x3f\x6a\x5f\xeb\x24\xbe\xbb\x6d\xbe\xbb\xcd\xc6\x69\x3b\xd6\x9f\x1f\xbc\x01\xbe\x61\x79\xe3\x3c\xd4\xd3\x3a\x50\x64\x01\x6d\x0c\x61\x69\xae\x65\x74\x3b\x4f\x91\xb9\x55\x83\x8d\xb1\x6d\xe7\x6b\x33\xca\xd2\x12\x03\xec\x30\x9f\xbf\x41\xe9\x22\xb9\x2b\xe3\x5d\x9a\xc1\x59\x7a\xc2\xb6\xdc\xea\x6c\xf9\x36\xd8\x58\x7b\x38\xb3\xf6\xc8\x66\xf5\xe6\x34\xaa\xe4\x13\x4a\x64\x81\xf9\x02\x3d\xad\xa1\xfe\x7c\xf0\xc5\x75\x19\x89\x6e\x01\x75\xa3\x08\x3c\xe3\x08\x95\x79\x9b\x69\x43\x82\xf5\x7b\xe2\x7b\xc6\x17\xb4\x31\x6a\x56\x87\xf9\x90\x2d\xd7\xa1\x88\x04\x2c\x6a\x15\xb2\xef\x88\xed\xf9\x24\xf6\x1e\x46\x50\xb7\x4e\x50\x1f\x9f\xb0\xd2\xe5\x9f\x89\x2f\xb2\xfa\x05\x61\x3e\xb8\xb3\x0e\x91\xa8\xe5\x51\xb6\x4e\x61\x72\xf7\x2e\x60\xd5\x9c\xa4\x49\xb1\xe5\xc2\x92\xd2\x7d\x5e\xfc\x94\xf3\x3b\x33\x9c\x5d\x18\x82\x5f\xb3\xeb\xb8\x31\x5f\x2c\x5c\xcf\xae\xe3\xd6\xb0\xef\xd8\xcd\xe4\xaa\x61\xf4\x1d\xbb\xc0\x1b\xd7\x58\xd7\x8a\x50\x61\x3e\x97\x44\xe2\x43\xc6\x7c\x78\x86\xb7\x51\xe6\x96\x50\xbd\xe4\xee\xc2\x4a\x2e\xc3\x5b\x93\xf8\x1e\xae\x90\xf7\xe6\x3c\x34\xeb\x6f\xd8\xb7\xb5\xcb\xdf\x60\x27\xfe\x26\xbb\x6b\x9e\xcd\xbf\xfe\x55\xdd\x05\xf8\x47\x7b\xb2\x96\xc0\xf9\xf6\x71\x4f\xe9\x4b\xee\x14\x38\xe0\xdb\x3b\x1e\xdf\x6b\xb6\xc0\x59\xae\x16\x1f\xfa\x7a\x52\x05\x2b\x45\x99\x36\x0a\x67\x26\x71\x74\xad\x44\xb7\xeb\x2d\x12\x5d\x62\xbb\x96\xba\x1e\xcd\x55\xd9\x35\x4e\xd8\x1b\x0b\x8e\x60\x3c\xad\x81\xf9\xf5\x73\xb2\xff\xca\x7c\x8e\x66\xb8\xe6\x99\xd6\xf1\x66\x49\x42\xe6\xab\xe4\xb9\xa5\x5a\x1b\x77\x67\xc6\xa1\xfe\xf0\xc5\xf7\xce\x24\xca\xd6\x35\x54\x53\x15\x2a\xdb\x13\xca\x50\xdd\x1c\xb5\x8d\x49\x50\x3e\x3f\x85\x36\x18\x2d\xa7\xe0\x6c\x69\xd8\xb6\x64\x50\x2d\xbc\xf9\x18\xeb\x6e\x5b\xab\x5d\x03\xdf\xfc\x07\xcc\x26\x8f\xe5\xb2\x4c\xcb\xbc\xbe\x77\x8c\xc4\xfb\x6b\x11\xb5\x7d\xf1\xff\xf9\x14\xb4\x4a\x3f\xb8\x7d\x2c\x5f\xfa\xe6\x19\x28\x26\x70\xc1\xf7\x43\x89\xc0\x14\x80\x39\x90\x4d\xb9\xbb\x74\xe9\xbb\x00\x80\xcf\x84\x15\xd8\x01\xed\xad\xeb\x3d\x5f\xd3\xbf\xde\xc7\xee\x8a\xc4\x37\x5f\x2b\x93\xfe\x7f\x01\x00\x00\xff\xff\xc9\x75\x99\xb8\x44\x09\x00\x00") 222 | 223 | func supportEulaResourcesTemplateXmlBytes() ([]byte, error) { 224 | return bindataRead( 225 | _supportEulaResourcesTemplateXml, 226 | "support/eula-resources-template.xml", 227 | ) 228 | } 229 | 230 | func supportEulaResourcesTemplateXml() (*asset, error) { 231 | bytes, err := supportEulaResourcesTemplateXmlBytes() 232 | if err != nil { 233 | return nil, err 234 | } 235 | 236 | info := bindataFileInfo{name: "support/eula-resources-template.xml", size: 2372, mode: os.FileMode(0644), modTime: time.Unix(1712862222, 0)} 237 | a := &asset{bytes: bytes, info: info, digest: [32]uint8{0xa8, 0x4, 0xe5, 0x33, 0xe9, 0xc9, 0x94, 0x91, 0xa7, 0x4c, 0xb4, 0x50, 0x2c, 0x43, 0x5b, 0x0, 0xd9, 0x2, 0xdc, 0x7a, 0x45, 0xd3, 0x69, 0x30, 0x57, 0xa2, 0x96, 0x74, 0xe5, 0x84, 0xa7, 0xb}} 238 | return a, nil 239 | } 240 | 241 | var _supportTemplateApplescript = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xc4\x54\x5b\x6f\xda\x4c\x10\x7d\x36\xbf\x62\x64\x7d\x8a\x82\x12\x72\xd1\xf7\x58\x55\x15\x01\x12\xac\x52\x20\x40\x1a\x68\x53\xa1\xc5\x1e\xcc\x34\x66\x17\xed\xae\xa1\x17\xe5\xbf\x57\xb3\xc0\x62\x48\x5a\xe5\xa5\xea\x83\x25\xef\x9c\xb9\x9c\x39\xb3\x3b\x4a\x82\xce\x25\x1c\x2f\x55\x96\xcf\xb1\x2d\xe6\x58\x2e\x05\x16\xb3\x0c\xc4\x62\x91\x51\x2c\x2c\x29\x09\xe1\x35\xc9\x04\x75\x58\x0a\xd6\x58\x42\xe6\xb1\x18\x03\xc2\x80\xb1\x9a\x64\x5a\x2e\x05\x41\xa0\x16\x28\x4b\xfc\x63\xd0\x82\x9d\xe1\xb0\xa3\x29\x25\x09\x56\xc1\x7d\xd4\x1e\x16\x90\xd1\x1e\x32\x2a\x20\xf7\x94\xd8\xd9\xc6\x7e\x5f\xb0\x37\x91\xd2\x99\xdd\x00\xcd\x62\x95\x2b\x65\xad\x9a\xf7\x18\x1e\x32\x7e\x5c\xa8\x7c\xe2\x53\x96\x5f\x8e\x18\x6d\x23\x46\xc5\x88\x75\x31\x1f\x92\x98\xbe\x55\x1a\xd9\x35\x7c\x08\x43\x38\x82\xf0\xfc\xa3\x13\xc1\x9c\xf3\xa9\x20\x08\x43\xce\xe1\xac\xde\x1f\xf7\x07\x9d\x5e\xe3\x21\x0c\x1d\x5b\x27\x60\xac\xa4\x15\x24\x51\xc3\x8a\x64\xa2\x56\x0c\xb8\x12\x71\xae\x35\x4a\x0b\x4b\xc2\x15\xd7\xa1\x58\x49\x77\xf0\x1e\x56\xa9\x6c\x22\x34\x2c\xc9\xd0\x24\x73\x64\xa6\x22\x33\xe8\x1d\x8c\x15\x36\x37\x7f\x74\xb1\x33\x84\x89\xca\x65\x62\x18\xfb\xb9\x13\xea\xb4\x30\x94\xd3\x43\x51\x0f\x0d\xa3\xa7\xd7\xd6\xec\x35\xba\x9d\x7e\x34\x88\x3a\xed\x71\x33\xaa\xd7\x1b\xed\xf1\x75\xd4\x6a\xf4\xc7\xb5\x56\xf5\xae\xdf\x60\x17\x94\x09\xb0\x32\x7e\xa0\x6a\x61\x1d\x39\xa6\xea\x45\x60\x2b\x29\x69\x40\x4d\x5f\x94\xd0\x69\xcb\x91\x9e\x98\x0b\x35\xf4\xc3\x11\x8a\x6a\x9d\xf6\xb8\x1f\x7d\x6a\xec\x84\xc0\x6f\xd6\xc3\x83\xc6\x70\xb0\x0f\x0b\xad\x85\x4c\x71\xce\x13\xb1\x0a\xa4\xf2\xa6\x64\x8f\x74\x10\x04\x57\xd5\xda\xfb\x9b\x5e\xe7\xae\x5d\xdf\x76\xc5\xd6\x4a\x05\xba\xca\x10\x93\x26\x99\xb2\xc5\x0b\xb1\xef\xd5\xa4\x64\xe3\xd0\x8c\xea\x51\xfb\xe6\x00\xae\x16\x1e\xa3\x90\x09\xdc\xb6\xa0\x45\xf2\x11\x6a\x99\xc8\x0d\xba\x76\xab\xdd\x6e\x2b\xaa\x55\x8b\xb9\x83\x20\xb8\x6d\x15\x0e\x71\xa6\xd6\x03\x71\x0f\x74\x9d\xf9\x5a\xe9\x18\xc1\x88\x25\xc9\x94\x65\x65\xbd\x59\x10\x86\x13\xcc\xc4\x77\xb8\x7c\xc5\xb5\xfd\x6b\x77\x0e\x2a\x70\x79\xf1\xec\xe2\x39\xeb\xd3\xc1\x08\x8a\x57\xa8\xc0\xfc\x35\x0b\xeb\x1f\x35\xf7\xf2\x83\xfa\x4d\x4b\x95\x4a\x4a\x4b\x74\x95\xa6\x6e\x1b\x83\x51\x73\x04\x4b\x73\xc7\x67\xa5\xc9\xae\x51\xb7\x71\xdc\x9e\x9a\x52\x86\x5e\x8c\xff\x39\x09\x73\x5d\x09\xb2\x83\x4d\xd4\xc5\xc6\x86\x5f\x31\xb6\x1f\xf6\x1a\xd3\xb8\x40\x61\x61\x35\xa3\x0c\x3d\x4e\x66\xd7\xf8\x56\xe3\xe0\x79\x5a\xff\x7f\xb2\xc6\xf9\xa3\x29\x1c\x27\x0a\xcc\x8c\xb5\x36\xb1\xa6\x85\x85\xf0\x33\x54\xa6\xc0\x7b\x72\xbb\x5a\x8f\x20\x84\x2f\x6f\x00\xe3\x99\x82\xff\xde\x85\x65\x78\x0b\xe1\x45\xc8\x7d\x49\x38\x20\x6a\x75\x8e\x1b\x8d\xd6\x5c\x4b\x41\x90\xa9\x14\x42\xae\x8e\x89\x4b\xeb\x89\x70\x5e\x83\xb1\xe2\x09\x4d\x95\x06\xbf\x96\x39\xd3\x04\x21\xd6\x28\x2c\x26\x67\x61\x69\x27\xba\xcb\x9c\xcb\xd2\xaf\x00\x00\x00\xff\xff\x0f\x5d\x68\x15\x24\x07\x00\x00") 242 | 243 | func supportTemplateApplescriptBytes() ([]byte, error) { 244 | return bindataRead( 245 | _supportTemplateApplescript, 246 | "support/template.applescript", 247 | ) 248 | } 249 | 250 | func supportTemplateApplescript() (*asset, error) { 251 | bytes, err := supportTemplateApplescriptBytes() 252 | if err != nil { 253 | return nil, err 254 | } 255 | 256 | info := bindataFileInfo{name: "support/template.applescript", size: 1828, mode: os.FileMode(0644), modTime: time.Unix(1711436763, 0)} 257 | a := &asset{bytes: bytes, info: info, digest: [32]uint8{0x13, 0x72, 0x7c, 0x79, 0x30, 0xc5, 0xb, 0xe6, 0x39, 0xa1, 0xeb, 0x19, 0x1e, 0x89, 0x3f, 0x1e, 0xbc, 0x72, 0xc2, 0x70, 0x26, 0x8d, 0x46, 0x11, 0x39, 0x1b, 0x41, 0x41, 0xa, 0x3e, 0x86, 0x2a}} 258 | return a, nil 259 | } 260 | 261 | var _ThisIsTheCreateDmgRepo = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\x1c\xc9\xb1\x0d\x02\x31\x0c\x05\xd0\xfe\xa6\xf8\x1d\x15\xac\xc1\x02\x2c\x10\x2e\xff\x2e\x46\x8e\x8d\x6c\x47\x88\xed\x91\xa8\xdf\x63\x48\x42\x12\xaf\x95\x85\x86\xbe\xe6\xfc\xe2\x10\x25\xd2\xb1\x07\x5b\xf1\xda\xe7\x89\xbd\x19\x8a\xaa\xf8\x0c\xd6\x60\x40\xea\x92\x78\x52\xec\x44\x2c\xc3\x11\x3e\x37\xb1\x94\x4e\xd4\x20\xee\x52\x08\xbe\x1d\x1e\x7f\x43\x33\x88\x65\x35\x55\x76\xa8\xef\xad\xc4\xed\xb6\xfd\x02\x00\x00\xff\xff\xeb\x53\x27\x5e\x80\x00\x00\x00") 262 | 263 | func ThisIsTheCreateDmgRepoBytes() ([]byte, error) { 264 | return bindataRead( 265 | _ThisIsTheCreateDmgRepo, 266 | ".this-is-the-create-dmg-repo", 267 | ) 268 | } 269 | 270 | func ThisIsTheCreateDmgRepo() (*asset, error) { 271 | bytes, err := ThisIsTheCreateDmgRepoBytes() 272 | if err != nil { 273 | return nil, err 274 | } 275 | 276 | info := bindataFileInfo{name: ".this-is-the-create-dmg-repo", size: 128, mode: os.FileMode(0644), modTime: time.Unix(1712862222, 0)} 277 | a := &asset{bytes: bytes, info: info, digest: [32]uint8{0xfb, 0x24, 0x94, 0xeb, 0x10, 0x14, 0x6a, 0x84, 0xbb, 0xb2, 0xe, 0xbb, 0x19, 0x8c, 0x2a, 0x9, 0xfb, 0x72, 0xae, 0xd1, 0x19, 0x70, 0x6d, 0xc5, 0x5b, 0x6e, 0xc3, 0x64, 0x40, 0x18, 0x38, 0x3f}} 278 | return a, nil 279 | } 280 | 281 | // Asset loads and returns the asset for the given name. 282 | // It returns an error if the asset could not be found or 283 | // could not be loaded. 284 | func Asset(name string) ([]byte, error) { 285 | canonicalName := strings.Replace(name, "\\", "/", -1) 286 | if f, ok := _bindata[canonicalName]; ok { 287 | a, err := f() 288 | if err != nil { 289 | return nil, fmt.Errorf("Asset %s can't read by error: %v", name, err) 290 | } 291 | return a.bytes, nil 292 | } 293 | return nil, fmt.Errorf("Asset %s not found", name) 294 | } 295 | 296 | // AssetString returns the asset contents as a string (instead of a []byte). 297 | func AssetString(name string) (string, error) { 298 | data, err := Asset(name) 299 | return string(data), err 300 | } 301 | 302 | // MustAsset is like Asset but panics when Asset would return an error. 303 | // It simplifies safe initialization of global variables. 304 | func MustAsset(name string) []byte { 305 | a, err := Asset(name) 306 | if err != nil { 307 | panic("asset: Asset(" + name + "): " + err.Error()) 308 | } 309 | 310 | return a 311 | } 312 | 313 | // MustAssetString is like AssetString but panics when Asset would return an 314 | // error. It simplifies safe initialization of global variables. 315 | func MustAssetString(name string) string { 316 | return string(MustAsset(name)) 317 | } 318 | 319 | // AssetInfo loads and returns the asset info for the given name. 320 | // It returns an error if the asset could not be found or 321 | // could not be loaded. 322 | func AssetInfo(name string) (os.FileInfo, error) { 323 | canonicalName := strings.Replace(name, "\\", "/", -1) 324 | if f, ok := _bindata[canonicalName]; ok { 325 | a, err := f() 326 | if err != nil { 327 | return nil, fmt.Errorf("AssetInfo %s can't read by error: %v", name, err) 328 | } 329 | return a.info, nil 330 | } 331 | return nil, fmt.Errorf("AssetInfo %s not found", name) 332 | } 333 | 334 | // AssetDigest returns the digest of the file with the given name. It returns an 335 | // error if the asset could not be found or the digest could not be loaded. 336 | func AssetDigest(name string) ([sha256.Size]byte, error) { 337 | canonicalName := strings.Replace(name, "\\", "/", -1) 338 | if f, ok := _bindata[canonicalName]; ok { 339 | a, err := f() 340 | if err != nil { 341 | return [sha256.Size]byte{}, fmt.Errorf("AssetDigest %s can't read by error: %v", name, err) 342 | } 343 | return a.digest, nil 344 | } 345 | return [sha256.Size]byte{}, fmt.Errorf("AssetDigest %s not found", name) 346 | } 347 | 348 | // Digests returns a map of all known files and their checksums. 349 | func Digests() (map[string][sha256.Size]byte, error) { 350 | mp := make(map[string][sha256.Size]byte, len(_bindata)) 351 | for name := range _bindata { 352 | a, err := _bindata[name]() 353 | if err != nil { 354 | return nil, err 355 | } 356 | mp[name] = a.digest 357 | } 358 | return mp, nil 359 | } 360 | 361 | // AssetNames returns the names of the assets. 362 | func AssetNames() []string { 363 | names := make([]string, 0, len(_bindata)) 364 | for name := range _bindata { 365 | names = append(names, name) 366 | } 367 | return names 368 | } 369 | 370 | // _bindata is a table, holding each asset generator, mapped to its name. 371 | var _bindata = map[string]func() (*asset, error){ 372 | "LICENSE": license, 373 | 374 | "Makefile": makefile, 375 | 376 | "README.md": readmeMd, 377 | 378 | "builder/create-dmg.builder": builderCreateDmgBuilder, 379 | 380 | "create-dmg": createDmg, 381 | 382 | "doc-project/Developer Notes.md": docProjectDeveloperNotesMd, 383 | 384 | "doc-project/Release Checklist.md": docProjectReleaseChecklistMd, 385 | 386 | "support/eula-resources-template.xml": supportEulaResourcesTemplateXml, 387 | 388 | "support/template.applescript": supportTemplateApplescript, 389 | 390 | ".this-is-the-create-dmg-repo": ThisIsTheCreateDmgRepo, 391 | } 392 | 393 | // AssetDir returns the file names below a certain 394 | // directory embedded in the file by go-bindata. 395 | // For example if you run go-bindata on data/... and data contains the 396 | // following hierarchy: 397 | // data/ 398 | // foo.txt 399 | // img/ 400 | // a.png 401 | // b.png 402 | // then AssetDir("data") would return []string{"foo.txt", "img"}, 403 | // AssetDir("data/img") would return []string{"a.png", "b.png"}, 404 | // AssetDir("foo.txt") and AssetDir("notexist") would return an error, and 405 | // AssetDir("") will return []string{"data"}. 406 | func AssetDir(name string) ([]string, error) { 407 | node := _bintree 408 | if len(name) != 0 { 409 | canonicalName := strings.Replace(name, "\\", "/", -1) 410 | pathList := strings.Split(canonicalName, "/") 411 | for _, p := range pathList { 412 | node = node.Children[p] 413 | if node == nil { 414 | return nil, fmt.Errorf("Asset %s not found", name) 415 | } 416 | } 417 | } 418 | if node.Func != nil { 419 | return nil, fmt.Errorf("Asset %s not found", name) 420 | } 421 | rv := make([]string, 0, len(node.Children)) 422 | for childName := range node.Children { 423 | rv = append(rv, childName) 424 | } 425 | return rv, nil 426 | } 427 | 428 | type bintree struct { 429 | Func func() (*asset, error) 430 | Children map[string]*bintree 431 | } 432 | 433 | var _bintree = &bintree{nil, map[string]*bintree{ 434 | ".this-is-the-create-dmg-repo": &bintree{ThisIsTheCreateDmgRepo, map[string]*bintree{}}, 435 | "LICENSE": &bintree{license, map[string]*bintree{}}, 436 | "Makefile": &bintree{makefile, map[string]*bintree{}}, 437 | "README.md": &bintree{readmeMd, map[string]*bintree{}}, 438 | "builder": &bintree{nil, map[string]*bintree{ 439 | "create-dmg.builder": &bintree{builderCreateDmgBuilder, map[string]*bintree{}}, 440 | }}, 441 | "create-dmg": &bintree{createDmg, map[string]*bintree{}}, 442 | "doc-project": &bintree{nil, map[string]*bintree{ 443 | "Developer Notes.md": &bintree{docProjectDeveloperNotesMd, map[string]*bintree{}}, 444 | "Release Checklist.md": &bintree{docProjectReleaseChecklistMd, map[string]*bintree{}}, 445 | }}, 446 | "support": &bintree{nil, map[string]*bintree{ 447 | "eula-resources-template.xml": &bintree{supportEulaResourcesTemplateXml, map[string]*bintree{}}, 448 | "template.applescript": &bintree{supportTemplateApplescript, map[string]*bintree{}}, 449 | }}, 450 | }} 451 | 452 | // RestoreAsset restores an asset under the given directory. 453 | func RestoreAsset(dir, name string) error { 454 | data, err := Asset(name) 455 | if err != nil { 456 | return err 457 | } 458 | info, err := AssetInfo(name) 459 | if err != nil { 460 | return err 461 | } 462 | err = os.MkdirAll(_filePath(dir, filepath.Dir(name)), os.FileMode(0755)) 463 | if err != nil { 464 | return err 465 | } 466 | err = ioutil.WriteFile(_filePath(dir, name), data, info.Mode()) 467 | if err != nil { 468 | return err 469 | } 470 | return os.Chtimes(_filePath(dir, name), info.ModTime(), info.ModTime()) 471 | } 472 | 473 | // RestoreAssets restores an asset under the given directory recursively. 474 | func RestoreAssets(dir, name string) error { 475 | children, err := AssetDir(name) 476 | // File 477 | if err != nil { 478 | return RestoreAsset(dir, name) 479 | } 480 | // Dir 481 | for _, child := range children { 482 | err = RestoreAssets(dir, filepath.Join(name, child)) 483 | if err != nil { 484 | return err 485 | } 486 | } 487 | return nil 488 | } 489 | 490 | func _filePath(dir, name string) string { 491 | canonicalName := strings.Replace(name, "\\", "/", -1) 492 | return filepath.Join(append([]string{dir}, strings.Split(canonicalName, "/")...)...) 493 | } 494 | --------------------------------------------------------------------------------