P3
It is recommended to avoid using --deep arg when signing content on the mac.
It is best to sign all libraries and executables separately before signing the main application and/or Framework.
jpackage does sign each item seperately, but still uses the --deep arg when signing the runtime or the app as a whole.
Testing shows that all signing jpackage types can be notarized without using the --deep arg when signing, so it should be removed.
It is best to sign all libraries and executables separately before signing the main application and/or Framework.
jpackage does sign each item seperately, but still uses the --deep arg when signing the runtime or the app as a whole.
Testing shows that all signing jpackage types can be notarized without using the --deep arg when signing, so it should be removed.