From 5bdd3c495b7d55e695423a579c2919ecf95d7ed2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ulises=20Gasc=C3=B3n?= <ulisesgascongonzalez@gmail.com>
Date: Tue, 21 Nov 2023 08:30:52 +0100
Subject: [PATCH] tools: add macOS notarization verification step

---
 tools/osx-notarize.sh | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/tools/osx-notarize.sh b/tools/osx-notarize.sh
index bd7ae48a8b15c0..d161d00615ad63 100755
--- a/tools/osx-notarize.sh
+++ b/tools/osx-notarize.sh
@@ -53,5 +53,12 @@ else
   exit 1
 fi
 
+if ! xcrun spctl --assess --type install --context context:primary-signature --ignore-cache --verbose=2 "node-$pkgid.pkg"; then
+  echo "error: Signature will not be accepted by Gatekeeper!" 1>&2
+  exit 1
+else
+  echo "Verification was successful."
+fi
+
 xcrun stapler staple "node-$pkgid.pkg"
 echo "Stapler was successful."
\ No newline at end of file