<pre style='margin:0'>
Joshua Root (jmroot) pushed a commit to branch master
in repository macports-base.

</pre>
<p><a href="https://github.com/macports/macports-base/commit/bc008721189ff719dc1ac70a06a476ff6013c63b">https://github.com/macports/macports-base/commit/bc008721189ff719dc1ac70a06a476ff6013c63b</a></p>
<pre style="white-space: pre; background: #F8F8F8">The following commit(s) were added to refs/heads/master by this push:
<span style='display:block; white-space:pre;color:#404040;'>     new bc00872  Add notarization to ReleaseProcess
</span>bc00872 is described below

<span style='display:block; white-space:pre;color:#808000;'>commit bc008721189ff719dc1ac70a06a476ff6013c63b
</span>Author: Joshua Root <jmr@macports.org>
AuthorDate: Tue Apr 23 02:42:38 2019 +1000

<span style='display:block; white-space:pre;color:#404040;'>    Add notarization to ReleaseProcess
</span>---
 portmgr/ReleaseProcess.md | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

<span style='display:block; white-space:pre;color:#808080;'>diff --git a/portmgr/ReleaseProcess.md b/portmgr/ReleaseProcess.md
</span><span style='display:block; white-space:pre;color:#808080;'>index bd62b72..e3cb115 100644
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>--- a/portmgr/ReleaseProcess.md
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/portmgr/ReleaseProcess.md
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -182,8 +182,19 @@ Name each pkg/dmg appropriately, and then sign the pkgs with a Developer ID
</span>     mv MacPorts-2.0.0.pkg unsigned/MacPorts-2.0.0-10.7-Lion.pkg
     productsign --sign "Developer ID Installer: John Doe" unsigned/MacPorts-2.0.0-10.7-Lion.pkg MacPorts-2.0.0-10.7-Lion.pkg
 
<span style='display:block; white-space:pre;background:#ffe0e0;'>-After signing, generate checksums, which will need to be added to the existing
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-checksums file in the downloads directory:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+For macOS 10.14 Mojave and later, the pkg should also be submitted for
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+notarization after signing:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+    xcrun altool --notarize-app --primary-bundle-id org.macports.base \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+        --username <your-apple-id> --password @keychain:altool \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+        --file MacPorts-2.0.0-10.14-Mojave.pkg
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+After notification of successful notarization is received:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+    xcrun stapler staple MacPorts-2.5.4-10.14-Mojave.pkg
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+After signing (and notarizing if applicable), generate checksums, which will
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+need to be added to the existing checksums file in the downloads directory:
</span> 
     for type in -md5 -sha1 -ripemd160 -sha256; do
       openssl dgst $type MacPorts-2.0.0-*.{pkg,dmg} >> MacPorts-2.0.0.chk.txt
</pre><pre style='margin:0'>

</pre>