Set com.apple.security.cs.disable-library-validation=false in developer and production Hardened Runtime entitlements now that the definition has changed to mean allow/disallow unsigned libraries.
Differential Revision: https://phabricator.services.mozilla.com/D40525
--HG--
extra : moz-landing-system : lando
Add entitlement files for Hardened Runtime configuration to be used by Release Engineering for official builds and try builds and developers for local builds. These entitlement files are input to the codesign command.
Hardened Runtime and codesigning is not yet enabled for local builds or try builds so for now these files will only be used by Release Engineering.
production.entitlements.xml is intended to be used for official channel builds that will be codesigned, notarized, and shipped to users.
developer.entitlements.xml is intended to be used for developer and try builds that will be codesigned, but not notarized or shipped to users. The developer file enables debugging which is not compatible with notarization, but is otherwise the same as the production file.
codesign.bash is a stop-gap script to allow developers who setup Apple Developer ID certificates to codesign Nightly themselves and enabled Hardened Runtime.
Differential Revision: https://phabricator.services.mozilla.com/D27396
--HG--
extra : moz-landing-system : lando
Csoregi Natalia
Haik Aftandilian