I’d suggest that someone else (I’ll volunteer) run the 4.1.2 build.
12/16/2019, 8:08 PM
This sounds like a great idea! Are there private keys or something that would prevent this?
12/16/2019, 8:09 PM
Yes and no. The current osquery mac packaging is signed with Teddy’s personal key. Obviously I can’t sign it with that, but I can sign it with mine. But even knowing that we can get that far is progress.
Pretty suire we have some notes about other things. (like the s3 bucket credentials for releases)
12/16/2019, 8:10 PM
Signing with another key will mean that admins may need to Deploy a new TCC profile for FDA , worth mentioning in the release notes this is for Mojave / Catalina
12/16/2019, 8:11 PM
My gut sense is that it’d be better to wait, but have the option.
12/16/2019, 8:13 PM
Worth chipping in some cash for an OSquery specific dev account and eating the pain once for the move to an organisation shared Cert ?