|STAPLER(1)||General Commands Manual||STAPLER(1)|
stapler — Attach
and validate tickets for notarized executables
stapler utility attaches tickets for
notarized executables to app bundles, disk images, and packages.
Developer ID requires apps to be notarized before distribution. A
ticket contains a list of the code signatures for executables within a
supported file format. The
stapler utility downloads and attaches (staples) a
ticket to these files, enabling Gatekeeper to verify that executables they
contain have been properly notarized.
Stapling is performed automatically by Xcode as part of the
Developer ID distribution workflow for notarized apps. The
stapler utility must be applied separately to a
supported file format that was built or packaged with
command-line tools, before distributing it. This enables Gatekeeper to
verify the ticket offline.
Stapling does not invalidate the code signature and must be run
after an executable or archive has been code-signed and notarized with
Developer ID. Code-signing a supported file format
invalidates any stapled tickets, so
staple must be run again if this occurs.
stapler requires internet access to
retrieve tickets when stapling or validating.
stapler works only with UDIF disk images,
signed "flat" installer packages, and certain code-signed
executable bundles such as ".app". Passing an unsigned
"flat" installer package or an unsigned executable bundle in
stapler is considered
The options are as follows:
staplerwill only return the exit code.
--verboseoverrides this option.
staplerto include additional diagnostic output. Without the verbose option, no output is produced upon success.
stapler staple Example.app
stapler validate -v SampleInstaller.pkg
stapler returns 0 on successful stapling
or validation. If an error occurs, it returns one of the non-zero codes
defined in sysexits(3).
exits upon encountering the first error. It may exit with codes other than
those listed below in less common scenarios.
stapler command first appeared in
stapler can only act on one
path per invocation. If multiple paths are specified,
stapler will only process the last
The folder containing path must be writable.
If an executable bundle contains a symlink at Contents/CodeResources, it must be manually deleted before staple will function.
|May 15, 2018||Mac OS X 12|