I’d suggest that someone else (I’ll volunteer) run the 4.1.2 build.
z
zwass
12/16/2019, 8:08 PM
This sounds like a great idea! Are there private keys or something that would prevent this?
s
seph
12/16/2019, 8:09 PM
Yes and no. The current osquery mac packaging is signed with Teddy’s personal key. Obviously I can’t sign it with that, but I can sign it with mine. But even knowing that we can get that far is progress.
Pretty suire we have some notes about other things. (like the s3 bucket credentials for releases)
g
Gavin
12/16/2019, 8:10 PM
Signing with another key will mean that admins may need to Deploy a new TCC profile for FDA , worth mentioning in the release notes this is for Mojave / Catalina
s
seph
12/16/2019, 8:11 PM
My gut sense is that it’d be better to wait, but have the option.
g
Gavin
12/16/2019, 8:13 PM
Worth chipping in some cash for an OSquery specific dev account and eating the pain once for the move to an organisation shared Cert ?