Add code signing config for Windows (Azure Artifact Signing) and macOS (Apple notarization)

CI workflows now support code signing when secrets are configured: - macOS: Apple Developer certificate + App Store Connect API key for notarization - Windows: Azure Artifact Signing via signtool + dlib - Both are no-ops when secrets aren't set (backwards-compatible) - Add Entitlements.plist (mic, network) and Info.plist (NSMicrophoneUsageDescription) - Add SIGNING.md with full setup guide for both platforms Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-10 18:02:46 -07:00
parent cd325102e2
commit 16f9ac2ab8
7 changed files with 246 additions and 1 deletions
--- a/src-tauri/Entitlements.plist
+++ b/src-tauri/Entitlements.plist
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+    <key>com.apple.security.device.audio-input</key>
+    <true/>
+    <key>com.apple.security.network.client</key>
+    <true/>
+    <key>com.apple.security.network.server</key>
+    <true/>
+    <key>com.apple.security.cs.allow-unsigned-executable-memory</key>
+    <true/>
+</dict>
+</plist>