Skip to content

fix(signingscript): Bug 2034166 reduce notarization requests#1426

Open
hneiva wants to merge 1 commit intomasterfrom
hneiva/smart-notarize
Open

fix(signingscript): Bug 2034166 reduce notarization requests#1426
hneiva wants to merge 1 commit intomasterfrom
hneiva/smart-notarize

Conversation

@hneiva
Copy link
Copy Markdown
Contributor

@hneiva hneiva commented Apr 22, 2026

Restructure apple_notarize_stacked to notarize and staple .pkgs before touching .apps, then probe each .app with a staple attempt to see if it was transitively validated by its parent .pkg. Only .apps that fail the probe go through a full notarize/wait/staple fallback. When no .pkg is in the batch, the probe runs a single attempt (no retry) before falling through.

@hneiva
fix(signingscript): Bug 2034166 reduce notarization requests
c2ca693 
Restructure apple_notarize_stacked to notarize and staple .pkgs before
touching .apps, then probe each .app with a staple attempt to see if it
was transitively validated by its parent .pkg. Only .apps that fail the
probe go through a full notarize/wait/staple fallback. When no .pkg is
in the batch, the probe runs a single attempt (no retry) before falling
through.
@hneiva hneiva force-pushed the hneiva/smart-notarize branch from 4c1bf58 to c2ca693 Compare April 22, 2026 17:31
@hneiva hneiva changed the title fix(signingscript): Bug 2034166 save notarization requests by stapling pkgs first fix(signingscript): Bug 2034166 reduce notarization requests Apr 22, 2026
@hneiva
Copy link
Copy Markdown
Contributor Author

hneiva commented Apr 23, 2026

I was able to test this locally with a build from maple:

  1. scheduled only the build-mac-signing task on maple
  2. downloaded the artifacts and crafted a task.json for the notarization
  3. run signingscript locally on a signed, but not notarized build
  4. tested the resulting .app on a mac - it runs without issue
(temp-3.11.9)  ~/dev/temp/signingscript-local [12:04:06]
10090$ signingscript config_hneiva.json
Could not import widevine
Traceback (most recent call last):
  File "/Users/hneiva/dev/scriptworker-scripts/signingscript/src/signingscript/sign.py", line 42, in <module>
    import widevine
ModuleNotFoundError: No module named 'widevine'
2026-04-23 12:04:14,690 - scriptworker.client - DEBUG - Task is validated against this schema: {'title': 'Taskcluster signing task minimal schema', 'type': 'object', 'properties': {'dependencies': {'type': 'array', 'minItems': 1, 'uniqueItems': True, 'items': {'type': 'string'}}, 'scopes': {'type': 'array', 'minItems': 1, 'uniqueItems': True, 'items': {'type': 'string'}}, 'payload': {'type': 'object', 'properties': {'upstreamArtifacts': {'type': 'array', 'items': {'type': 'object', 'properties': {'taskType': {'type': 'string'}, 'taskId': {'type': 'string'}, 'formats': {'type': 'array', 'uniqueItems': True, 'items': {'type': 'string'}}, 'paths': {'type': 'array', 'minItems': 1, 'uniqueItems': True, 'items': {'type': 'string'}}, 'authenticode_comment': {'type': 'string'}}, 'required': ['taskId', 'taskType', 'paths', 'formats']}, 'minItems': 1, 'uniqueItems': True}}, 'required': ['upstreamArtifacts']}}, 'required': ['scopes', 'payload']}
2026-04-23 12:04:14,693 - asyncio - DEBUG - Using selector: KqueueSelector
2026-04-23 12:04:14,693 - signingscript.utils - INFO - Loading Apple Notarization config from /Users/hneiva/dev/temp/signingscript-local/apple_notarization_creds.json
2026-04-23 12:04:14,694 - signingscript.utils - INFO - Apple Notarization config loaded from /Users/hneiva/dev/temp/signingscript-local/apple_notarization_creds.json
2026-04-23 12:04:14,694 - signingscript.utils - INFO - Loading Autograph config from /Users/hneiva/dev/temp/signingscript-local/autograph_config.json
2026-04-23 12:04:14,694 - signingscript.utils - INFO - Autograph config loaded from /Users/hneiva/dev/temp/signingscript-local/autograph_config.json
2026-04-23 12:04:14,694 - signingscript.utils - INFO - mkdir /Users/hneiva/dev/temp/signingscript-local/work/apple_notarize-1
2026-04-23 12:04:14,694 - signingscript.utils - INFO - mkdir /Users/hneiva/dev/temp/signingscript-local/work/apple_notarize-1
2026-04-23 12:04:16,496 - signingscript.sign - DEBUG - _extract_tarfile took 1.80s; RSS:66961408 (+212992)
2026-04-23 12:04:16,496 - signingscript.utils - INFO - mkdir /Users/hneiva/dev/temp/signingscript-local/work/apple_notarize-2
2026-04-23 12:04:16,496 - signingscript.utils - INFO - mkdir /Users/hneiva/dev/temp/signingscript-local/work/apple_notarize-2/public/build
2026-04-23 12:04:16,496 - signingscript.utils - INFO - Copying /Users/hneiva/dev/temp/signingscript-local/work/cot/KlyOxSxRQl-OREuLG2t40w/public/build/target.pkg to /Users/hneiva/dev/temp/signingscript-local/work/apple_notarize-2/public/build/target.pkg
2026-04-23 12:04:16,577 - signingscript.rcodesign - INFO - Running command: rcodesign notary-submit --api-key-path /Users/hneiva/dev/temp/signingscript-local/apple_api_key.json /Users/hneiva/dev/temp/signingscript-local/work/apple_notarize-2/public/build/target.pkg
2026-04-23 12:04:16,648 - signingscript.rcodesign - INFO - COMMAND OUTPUT: 
2026-04-23 12:04:22,337 - signingscript.rcodesign - WARNING - creating Notary API submission for target.pkg (sha256: fd2960874ec5e7cfeb0aae8ae28a1ffba2d8262d802980d26701fec619c9426f)
2026-04-23 12:04:22,337 - signingscript.rcodesign - WARNING - created submission ID: 62282d95-96bb-45b0-8fb3-5514d49565d1
2026-04-23 12:04:22,337 - signingscript.rcodesign - WARNING - resolving AWS S3 configuration from Apple-provided credentials
2026-04-23 12:04:22,337 - signingscript.rcodesign - WARNING - uploading asset to s3://notary-submissions-prod/prod/AROARQRX7CZS3PRF6ZA5L:62282d95-96bb-45b0-8fb3-5514d49565d1
2026-04-23 12:04:22,337 - signingscript.rcodesign - WARNING - (you may see additional log output from S3 client)
2026-04-23 12:04:22,337 - signingscript.rcodesign - WARNING - S3 upload completed successfully
2026-04-23 12:04:22,337 - signingscript.rcodesign - INFO - exitcode 0
2026-04-23 12:04:22,338 - signingscript.rcodesign - INFO - Polling Apple Notary service for notarization status. Submission ID 62282d95-96bb-45b0-8fb3-5514d49565d1
2026-04-23 12:04:22,338 - signingscript.rcodesign - INFO - Running command: rcodesign notary-wait --api-key-path /Users/hneiva/dev/temp/signingscript-local/apple_api_key.json 62282d95-96bb-45b0-8fb3-5514d49565d1
2026-04-23 12:04:22,343 - signingscript.rcodesign - INFO - COMMAND OUTPUT: 
2026-04-23 12:07:56,878 - signingscript.rcodesign - WARNING - waiting up to 600s for package upload 62282d95-96bb-45b0-8fb3-5514d49565d1 to finish processing
2026-04-23 12:07:56,878 - signingscript.rcodesign - WARNING - poll state after 0s: InProgress
2026-04-23 12:07:56,878 - signingscript.rcodesign - WARNING - poll state after 3s: InProgress
2026-04-23 12:07:56,878 - signingscript.rcodesign - WARNING - poll state after 7s: InProgress
2026-04-23 12:07:56,878 - signingscript.rcodesign - WARNING - poll state after 10s: InProgress
2026-04-23 12:07:56,878 - signingscript.rcodesign - WARNING - poll state after 13s: InProgress
2026-04-23 12:07:56,878 - signingscript.rcodesign - WARNING - poll state after 17s: InProgress
2026-04-23 12:07:56,878 - signingscript.rcodesign - WARNING - poll state after 20s: InProgress
2026-04-23 12:07:56,878 - signingscript.rcodesign - WARNING - poll state after 24s: InProgress
2026-04-23 12:07:56,878 - signingscript.rcodesign - WARNING - poll state after 27s: InProgress
2026-04-23 12:07:56,878 - signingscript.rcodesign - WARNING - poll state after 30s: InProgress
2026-04-23 12:07:56,878 - signingscript.rcodesign - WARNING - poll state after 34s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 37s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 41s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 44s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 47s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 51s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 54s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 58s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 61s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 64s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 68s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 71s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 74s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 78s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 81s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 85s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 88s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 92s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 95s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 98s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 102s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 105s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 108s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 112s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 115s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 118s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 122s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 125s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 129s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 132s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 135s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 139s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 142s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 145s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 149s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 152s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 156s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 159s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 162s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 166s: InProgress
2026-04-23 12:07:56,879 - signingscript.rcodesign - WARNING - poll state after 169s: InProgress
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - poll state after 173s: InProgress
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - poll state after 176s: InProgress
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - poll state after 179s: InProgress
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - poll state after 183s: InProgress
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - poll state after 186s: InProgress
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - poll state after 190s: InProgress
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - poll state after 193s: InProgress
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - poll state after 196s: InProgress
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - poll state after 200s: InProgress
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - poll state after 203s: InProgress
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - poll state after 207s: InProgress
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - poll state after 210s: InProgress
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - poll state after 213s: Accepted
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - Notary API Server has finished processing the uploaded asset
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - fetching notarization log for 62282d95-96bb-45b0-8fb3-5514d49565d1
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log> {
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>   "archiveFilename": "target.pkg",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>   "issues": null,
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>   "jobId": "62282d95-96bb-45b0-8fb3-5514d49565d1",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>   "logFormatVersion": 1,
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>   "sha256": "fd2960874ec5e7cfeb0aae8ae28a1ffba2d8262d802980d26701fec619c9426f",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>   "status": "Accepted",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>   "statusCode": 0,
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>   "statusSummary": "Ready for distribution",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>   "ticketContents": [
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "cb00b76b7b9dd31d1641b209224b90e75831565c",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/plugin-container.app"
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "495c450b5fdf73c836d7d9bca14347e93cff1dc9",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/plugin-container.app"
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "cb00b76b7b9dd31d1641b209224b90e75831565c",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/plugin-container.app/Contents/MacOS/plugin-container"
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "495c450b5fdf73c836d7d9bca14347e93cff1dc9",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/plugin-container.app/Contents/MacOS/plugin-container"
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "a9266aa0fb76552ca46935ecf7511c0c3104fa02",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/crashreporter.app"
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "e902b4598c9b23e6c41ffd104bd7fdeaf6b298a9",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/crashreporter.app"
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "a9266aa0fb76552ca46935ecf7511c0c3104fa02",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/crashreporter.app/Contents/MacOS/crashreporter"
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "e902b4598c9b23e6c41ffd104bd7fdeaf6b298a9",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/crashreporter.app/Contents/MacOS/crashreporter"
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "ec59440195a212dc7a5535566158ff2e4dc21ea5",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/security-module-helper.app"
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "88c1aad4332157d0ba0f4220e9378fa75385bea2",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/security-module-helper.app"
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "ec59440195a212dc7a5535566158ff2e4dc21ea5",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,880 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/security-module-helper.app/Contents/MacOS/Firefox Nightly Security Module Helper"
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "88c1aad4332157d0ba0f4220e9378fa75385bea2",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/security-module-helper.app/Contents/MacOS/Firefox Nightly Security Module Helper"
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "4399ec90ae1bb9ea0e9d6819c658d47af28a4da8",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/gpu-helper.app"
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "5a6fe7b451d40e7823342c1dc967b1f7639160eb",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/gpu-helper.app"
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "4399ec90ae1bb9ea0e9d6819c658d47af28a4da8",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/gpu-helper.app/Contents/MacOS/Firefox Nightly GPU Helper"
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "5a6fe7b451d40e7823342c1dc967b1f7639160eb",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/gpu-helper.app/Contents/MacOS/Firefox Nightly GPU Helper"
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "c42a91a69ee165ff776dafe97ed0420b86a1307a",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/updater.app/Contents/Frameworks/UpdateSettings.framework"
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "2f1e2f9076d0cc507bfdef360b8fd5975bc9933d",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/updater.app/Contents/Frameworks/UpdateSettings.framework"
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "3936fab46c40b95e475f4f1b541a90b2d562006d",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/updater.app"
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "9a56ed3b0d2fb72a24fa380a269ae8eab1649f22",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/updater.app"
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "3936fab46c40b95e475f4f1b541a90b2d562006d",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/updater.app/Contents/MacOS/org.mozilla.updater"
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "9a56ed3b0d2fb72a24fa380a269ae8eab1649f22",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/updater.app/Contents/MacOS/org.mozilla.updater"
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "c42a91a69ee165ff776dafe97ed0420b86a1307a",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/updater.app/Contents/Frameworks/UpdateSettings.framework/UpdateSettings"
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "2f1e2f9076d0cc507bfdef360b8fd5975bc9933d",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/updater.app/Contents/Frameworks/UpdateSettings.framework/UpdateSettings"
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "aaa37acdc93d1728183870b6bfcc96ede95b5876",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/media-plugin-helper.app"
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "fb708054167ba74a4ae0d0d053e0d51fc68e8fcc",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/media-plugin-helper.app"
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,881 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "aaa37acdc93d1728183870b6bfcc96ede95b5876",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/media-plugin-helper.app/Contents/MacOS/Firefox Nightly Media Plugin Helper"
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "fb708054167ba74a4ae0d0d053e0d51fc68e8fcc",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/media-plugin-helper.app/Contents/MacOS/Firefox Nightly Media Plugin Helper"
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "4399ec90ae1bb9ea0e9d6819c658d47af28a4da8",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/gpu-helper.app"
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "5a6fe7b451d40e7823342c1dc967b1f7639160eb",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/gpu-helper.app"
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "af6b10d8c387cc8bab8505485cd7e1b775ed361a",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libmozavcodec.dylib"
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "42e37b5690c8e1fcba584304b7467e9e2f19c0e2",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libmozavcodec.dylib"
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "2a226fe0fa84fdfc87282bfe21e77317b7da7ac1",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/pingsender"
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "a57dc406e7a4193d8e589d4e9c4ee597571e5aa1",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/pingsender"
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "7b3420c5a9b18b1aa0fb2d1bc358b3982a561cc0",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libnss3.dylib"
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "dece362177cbb5fad0aca11e8b6f6d1f0d03576e",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libnss3.dylib"
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "ee345330178f7a68ae0be96d86a2bc119ae96d04",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libfreebl3.dylib"
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "2b445ad9459399f8e366bfec8ea5d0d3bcf420f4",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libfreebl3.dylib"
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "d1445703d4d92d2b33a20d70a934a3c53cb8de83",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libsoftokn3.dylib"
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "829a3e6ae8d05f6d97df65fd04a297b79d6156c1",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libsoftokn3.dylib"
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "ec59440195a212dc7a5535566158ff2e4dc21ea5",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/security-module-helper.app"
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "88c1aad4332157d0ba0f4220e9378fa75385bea2",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/security-module-helper.app"
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,882 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "7fdde634e2d7cf2a4a0ee81af81b50dfa87337e9",
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libmozinference.dylib"
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "2f3cf9cd75128fa6d304c52b8de1cf9219118e68",
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libmozinference.dylib"
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "d32a536d99f2c05b9b71e788d788665698f5d904",
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libmozglue.dylib"
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "cdd159e8ee33671583c4f38212d02710e38d0e99",
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libmozglue.dylib"
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "c9f02b960c1d5538b7f6f053ba605b55440f3f41",
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/liblgpllibs.dylib"
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "18d766fdef9c2fdd3b2dca9e2942bea306e95c07",
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/liblgpllibs.dylib"
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "4957c1cecdec7228746ea252e76bedd93e38d877",
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app"
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "606eca746d5815aa3dafcae4f92ab0aacefb8e3d",
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app"
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "266b13ccc0e1519b88c1c208b1dc23aa46d73138",
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libonnxruntime.dylib"
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "b9eaeaef60b4828cb94eab7f0049edac6553192c",
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libonnxruntime.dylib"
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,883 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,885 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,885 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "3936fab46c40b95e475f4f1b541a90b2d562006d",
2026-04-23 12:07:56,885 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,885 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/updater.app"
2026-04-23 12:07:56,885 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,885 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,885 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,885 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "9a56ed3b0d2fb72a24fa380a269ae8eab1649f22",
2026-04-23 12:07:56,886 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,893 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/updater.app"
2026-04-23 12:07:56,893 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,893 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,893 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,893 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "b77046564a7a4200f1e737120fa8c7207d7c7d59",
2026-04-23 12:07:56,893 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,893 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/XUL"
2026-04-23 12:07:56,893 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,893 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,893 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,893 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "2ec4cfa009be855adba718c282e05b4c72a4c313",
2026-04-23 12:07:56,893 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,893 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/XUL"
2026-04-23 12:07:56,893 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,893 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,893 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,894 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "c42a91a69ee165ff776dafe97ed0420b86a1307a",
2026-04-23 12:07:56,894 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,894 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/updater.app/Contents/Frameworks/UpdateSettings.framework"
2026-04-23 12:07:56,894 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,894 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,894 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,894 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "2f1e2f9076d0cc507bfdef360b8fd5975bc9933d",
2026-04-23 12:07:56,894 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,894 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/updater.app/Contents/Frameworks/UpdateSettings.framework"
2026-04-23 12:07:56,894 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,894 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,894 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,894 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "a9266aa0fb76552ca46935ecf7511c0c3104fa02",
2026-04-23 12:07:56,894 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,894 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/crashreporter.app"
2026-04-23 12:07:56,894 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,894 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,894 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,894 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "e902b4598c9b23e6c41ffd104bd7fdeaf6b298a9",
2026-04-23 12:07:56,894 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,895 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/crashreporter.app"
2026-04-23 12:07:56,895 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,895 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,895 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,895 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "ec69d6b4a86fb0c0a1de98ce78c56e70adc1927b",
2026-04-23 12:07:56,895 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,895 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/crashhelper"
2026-04-23 12:07:56,895 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,895 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,895 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,895 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "5e779ae9867f98598828d53c9cbf36babcdbd7d4",
2026-04-23 12:07:56,895 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,895 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/crashhelper"
2026-04-23 12:07:56,895 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,895 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,895 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,895 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "3ec7159421b6a484a05a03d02373189d139bed5b",
2026-04-23 12:07:56,895 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,895 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/nmhproxy"
2026-04-23 12:07:56,895 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,895 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "88deb5b53d123d6ec8a185a4497dacd4695ca53b",
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/nmhproxy"
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "fec7128411944b9c11e48e1574255238dbdd4c0f",
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libmozavutil.dylib"
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "09f0d12126e376477ed1b83227121dbc5dad3ba0",
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libmozavutil.dylib"
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "54e16b92841f6f9ac0704d0b00f38c2d4424f043",
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/Frameworks/ChannelPrefs.framework"
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "72d6c770e83d86a82a9674a62f9759c778aaba94",
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/Frameworks/ChannelPrefs.framework"
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "e1863fee078f9682d68dcc28ec7d9890cea6a618",
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libgkcodecs.dylib"
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "e2a4f07338c2e2b5084619bf64e63b06145834ef",
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libgkcodecs.dylib"
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "aaa37acdc93d1728183870b6bfcc96ede95b5876",
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/media-plugin-helper.app"
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,896 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "fb708054167ba74a4ae0d0d053e0d51fc68e8fcc",
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/media-plugin-helper.app"
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "cb00b76b7b9dd31d1641b209224b90e75831565c",
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/plugin-container.app"
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "495c450b5fdf73c836d7d9bca14347e93cff1dc9",
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/plugin-container.app"
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "4957c1cecdec7228746ea252e76bedd93e38d877",
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/firefox"
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "606eca746d5815aa3dafcae4f92ab0aacefb8e3d",
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/firefox"
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,897 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "ec69d6b4a86fb0c0a1de98ce78c56e70adc1927b",
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/crashhelper"
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "5e779ae9867f98598828d53c9cbf36babcdbd7d4",
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/crashhelper"
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "2a226fe0fa84fdfc87282bfe21e77317b7da7ac1",
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/pingsender"
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "a57dc406e7a4193d8e589d4e9c4ee597571e5aa1",
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/pingsender"
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "ee345330178f7a68ae0be96d86a2bc119ae96d04",
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libfreebl3.dylib"
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "2b445ad9459399f8e366bfec8ea5d0d3bcf420f4",
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libfreebl3.dylib"
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "c9f02b960c1d5538b7f6f053ba605b55440f3f41",
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/liblgpllibs.dylib"
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "18d766fdef9c2fdd3b2dca9e2942bea306e95c07",
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/liblgpllibs.dylib"
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "7fdde634e2d7cf2a4a0ee81af81b50dfa87337e9",
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,898 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libmozinference.dylib"
2026-04-23 12:07:56,900 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,900 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,900 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,900 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "2f3cf9cd75128fa6d304c52b8de1cf9219118e68",
2026-04-23 12:07:56,900 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,900 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libmozinference.dylib"
2026-04-23 12:07:56,900 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,900 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,900 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,900 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "3ec7159421b6a484a05a03d02373189d139bed5b",
2026-04-23 12:07:56,901 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,901 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/nmhproxy"
2026-04-23 12:07:56,901 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,901 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,901 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,901 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "88deb5b53d123d6ec8a185a4497dacd4695ca53b",
2026-04-23 12:07:56,901 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,901 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/nmhproxy"
2026-04-23 12:07:56,901 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,901 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,901 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,901 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "d1445703d4d92d2b33a20d70a934a3c53cb8de83",
2026-04-23 12:07:56,901 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,901 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libsoftokn3.dylib"
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "829a3e6ae8d05f6d97df65fd04a297b79d6156c1",
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libsoftokn3.dylib"
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "b77046564a7a4200f1e737120fa8c7207d7c7d59",
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/XUL"
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "2ec4cfa009be855adba718c282e05b4c72a4c313",
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/XUL"
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "fec7128411944b9c11e48e1574255238dbdd4c0f",
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libmozavutil.dylib"
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "09f0d12126e376477ed1b83227121dbc5dad3ba0",
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libmozavutil.dylib"
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "d32a536d99f2c05b9b71e788d788665698f5d904",
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libmozglue.dylib"
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "cdd159e8ee33671583c4f38212d02710e38d0e99",
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libmozglue.dylib"
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "e1863fee078f9682d68dcc28ec7d9890cea6a618",
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libgkcodecs.dylib"
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "e2a4f07338c2e2b5084619bf64e63b06145834ef",
2026-04-23 12:07:56,902 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libgkcodecs.dylib"
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "af6b10d8c387cc8bab8505485cd7e1b775ed361a",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libmozavcodec.dylib"
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "42e37b5690c8e1fcba584304b7467e9e2f19c0e2",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libmozavcodec.dylib"
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "266b13ccc0e1519b88c1c208b1dc23aa46d73138",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libonnxruntime.dylib"
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "b9eaeaef60b4828cb94eab7f0049edac6553192c",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libonnxruntime.dylib"
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "7b3420c5a9b18b1aa0fb2d1bc358b3982a561cc0",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libnss3.dylib"
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "dece362177cbb5fad0aca11e8b6f6d1f0d03576e",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/MacOS/libnss3.dylib"
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "9a99c5d58792f2d0d7540dfa990b4e435bb9d95f",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/Resources/gmp-clearkey/0.1/libclearkey.dylib"
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "20ef9b7d67703a0d8b438a91936a7c6a315700cb",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/Resources/gmp-clearkey/0.1/libclearkey.dylib"
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "84a48ac750e86a94e57342bccf2527785d3495b9",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/Library/LaunchServices/org.mozilla.updater"
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "a3eed096ce683bcd8d163fa6cf71c9ec5eb027ff",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/Library/LaunchServices/org.mozilla.updater"
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "arch": "x86_64",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "54e16b92841f6f9ac0704d0b00f38c2d4424f043",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/Frameworks/ChannelPrefs.framework/ChannelPrefs"
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "arch": "arm64",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "72d6c770e83d86a82a9674a62f9759c778aaba94",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-256",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg/Firefox%20Nightly.tmp1.pkg Contents/Payload/Applications/Firefox Nightly.app/Contents/Frameworks/ChannelPrefs.framework/ChannelPrefs"
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>     },
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>     {
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "cdhash": "152b8b81313c8435d8608e49c581569fe97b930b",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "digestAlgorithm": "SHA-1",
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>       "path": "target.pkg"
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>     }
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>   ],
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log>   "uploadDate": "2026-04-23T19:04:22.320Z"
2026-04-23 12:07:56,903 - signingscript.rcodesign - WARNING - notary log> }
2026-04-23 12:07:56,904 - signingscript.rcodesign - INFO - exitcode 0
2026-04-23 12:07:56,907 - signingscript.rcodesign - INFO - Stapling binary at path /Users/hneiva/dev/temp/signingscript-local/work/apple_notarize-2/public/build/target.pkg
2026-04-23 12:07:56,907 - signingscript.rcodesign - INFO - Running command: rcodesign staple /Users/hneiva/dev/temp/signingscript-local/work/apple_notarize-2/public/build/target.pkg
2026-04-23 12:07:56,923 - signingscript.rcodesign - INFO - COMMAND OUTPUT: 
2026-04-23 12:07:57,226 - signingscript.rcodesign - WARNING - attempting to staple /Users/hneiva/dev/temp/signingscript-local/work/apple_notarize-2/public/build/target.pkg
2026-04-23 12:07:57,226 - signingscript.rcodesign - WARNING - activating XAR stapling mode
2026-04-23 12:07:57,226 - signingscript.rcodesign - WARNING - looking up notarization ticket for 2/1/152b8b81313c8435d8608e49c581569fe97b930b
2026-04-23 12:07:57,226 - signingscript.rcodesign - WARNING - found notarization ticket; proceeding with stapling
2026-04-23 12:07:57,226 - signingscript.rcodesign - WARNING - stapling notarization ticket trailer (2735 bytes) to end of XAR
2026-04-23 12:07:57,226 - signingscript.rcodesign - INFO - exitcode 0
2026-04-23 12:07:57,226 - signingscript.rcodesign - INFO - Stapling binary at path /Users/hneiva/dev/temp/signingscript-local/work/apple_notarize-1/Firefox Nightly.app
2026-04-23 12:07:57,226 - signingscript.rcodesign - INFO - Running command: rcodesign staple /Users/hneiva/dev/temp/signingscript-local/work/apple_notarize-1/Firefox Nightly.app
2026-04-23 12:07:57,230 - signingscript.rcodesign - INFO - COMMAND OUTPUT: 
2026-04-23 12:07:57,529 - signingscript.rcodesign - WARNING - attempting to staple /Users/hneiva/dev/temp/signingscript-local/work/apple_notarize-1/Firefox Nightly.app
2026-04-23 12:07:57,529 - signingscript.rcodesign - WARNING - activating bundle stapling mode
2026-04-23 12:07:57,529 - signingscript.rcodesign - WARNING - attempting to find notarization ticket for bundle at /Users/hneiva/dev/temp/signingscript-local/work/apple_notarize-1/Firefox Nightly.app
2026-04-23 12:07:57,529 - signingscript.rcodesign - WARNING - looking up notarization ticket for 2/2/4957c1cecdec7228746ea252e76bedd93e38d877
2026-04-23 12:07:57,529 - signingscript.rcodesign - WARNING - writing notarization ticket to /Users/hneiva/dev/temp/signingscript-local/work/apple_notarize-1/Firefox Nightly.app/Contents/CodeResources
2026-04-23 12:07:57,529 - signingscript.rcodesign - INFO - exitcode 0
2026-04-23 12:07:57,530 - signingscript.utils - INFO - mkdir /Users/hneiva/dev/temp/signingscript-local/work/public/build
2026-04-23 12:07:57,532 - signingscript.sign - INFO - Creating tarfile /Users/hneiva/dev/temp/signingscript-local/work/public/build/target.tar.gz...
2026-04-23 12:08:33,499 - signingscript.sign - DEBUG - _create_tarfile took 35.97s; RSS:66961408 (+0)
2026-04-23 12:08:33,502 - signingscript.utils - INFO - Copying /Users/hneiva/dev/temp/signingscript-local/work/apple_notarize-2/public/build/target.pkg to /Users/hneiva/dev/temp/signingscript-local/work/public/build/target.pkg
2026-04-23 12:08:33,619 - signingscript.sign - DEBUG - apple_notarize_stacked took 258.93s; RSS:66961408 (+212992)
2026-04-23 12:08:33,624 - signingscript.utils - INFO - mkdir /Users/hneiva/dev/temp/signingscript-local/artifacts/public/build
2026-04-23 12:08:33,624 - signingscript.utils - INFO - Copying /Users/hneiva/dev/temp/signingscript-local/work/public/build/target.tar.gz to /Users/hneiva/dev/temp/signingscript-local/artifacts/public/build/target.tar.gz
2026-04-23 12:08:33,800 - signingscript.utils - INFO - Copying /Users/hneiva/dev/temp/signingscript-local/work/public/build/target.pkg to /Users/hneiva/dev/temp/signingscript-local/artifacts/public/build/target.pkg
2026-04-23 12:08:33,931 - signingscript.script - INFO - Done!

The important bits:

  • it notarized the pkg as expected
  • once that's completed, it only staples the .app as expected

@hneiva hneiva marked this pull request as ready for review April 23, 2026 19:16
@hneiva hneiva requested a review from a team as a code owner April 23, 2026 19:16
bhearsum
bhearsum reviewed Apr 27, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@bhearsum bhearsum left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Given how things are set-up today, and we notarize .app and .pkg files in the same job, this is OK. In an ideal world I think we'd adjust the CI flow to go "sign .app" -> "notarize .app" -> "create .pkg" -> "sign .pkg" -> "notarize .pkg".

That is clearly out of scope for a short term improvement though.

Comment thread signingscript/src/signingscript/sign.py
# .pkgs can be notarized in separate tasks with an app->pkg dependency
# in CI, so by the time the .app task runs its parent .pkg is already
# stapled and the probe succeeds on the first try.
probe_kwargs = STAPLE_PROBE_RETRY_KWARGS if pkg_paths else {"attempts": 1}
Copy link
Copy Markdown
Contributor

@bhearsum bhearsum Apr 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I understand why this is as it is, but this override based on pkg_paths is a code smell. Even for cases where we have both .pkg and .app inputs to notarize, this breaks down if an .app is not contained within a .pkg.

Rather than relying on retries, can we do something a bit more intelligent here? Perhaps we can keep track of which .app packages are in a .pkg and do the right thing based on that instead?

(This issue also goes away if we rework the order things are done in CI, of course.)

Copy link
Copy Markdown
Contributor Author

@hneiva hneiva Apr 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Mmmmm that's a good point.

Unfortunately I don't know of an easy way of checking what's inside the pkg without having to unpack the whole thing just to find out which locale is it.

I think the best long-term solution is to:

It also begs the question, should we always staple probe before sending for notarization? (even on pkgs) Reruns on chunked tasks are wasteful, since they always submit everything to notarization even if previous attempts have already notarized.
Or maybe this task should be "run-aware"? If it's the first run, don't probe pkgs?

In an ideal world I think we'd adjust the CI flow to go "sign .app" -> "notarize .app" -> "create .pkg" -> "sign .pkg" -> "notarize .pkg"

I think we should avoid 2 notarizations here.
What we can do instead (the patch I liked gets us close to this):
sign .app -> create .pkg -> notarize+staple .pkg -> only staple the .app (which becomes the .dmg)

The .app inside the .pkg doesn't have to be notarized before it's packed inside the pkg.

Copy link
Copy Markdown
Contributor

@bhearsum bhearsum Apr 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unfortunately I don't know of an easy way of checking what's inside the pkg without having to unpack the whole thing just to find out which locale is it.

Fair enough -- and unpacking just for this is probably expensive enough that it may not be worthwhile.

It also begs the question, should we always staple probe before sending for notarization? (even on pkgs) Reruns on chunked tasks are wasteful, since they always submit everything to notarization even if previous attempts have already notarized.

When you say "staple probe", do you mean inspection of local artifacts, or querying the remote server? If it's the latter, I think that's an excellent idea (more on that below).

Or maybe this task should be "run-aware"? If it's the first run, don't probe pkgs?

This is an excellent idea that might be good to take up later/elsewhere. On runs > 0 we could have no, some, or all packages already notarized...and ideally we'd handle that gracefully. We do a similar thing in landoscript where we dump out status when submitting a job, but before polling its status. And when we first start up, we look for status from an earlier run when run_id is > 0.

In the case of notarization, I think there's one or more URLs we'd want to write out and use in a similar fashion?

sign .app -> create .pkg -> notarize+staple .pkg -> only staple the .app (which becomes the .dmg)

The .app inside the .pkg doesn't have to be notarized before it's packed inside the pkg.

Are we sure this doesn't have negative consequences? Presumably the .app still has its notarization status checked (whether through talking to apple, or checking for a stapled ticket)?

Or does it get implicitly notarized when the pkg is submitted? If that's the case, my view is that it's more comprehensible to sign and notarize the .app first, and then use the notarized app to make the pkg. The idea of making the app, then stuffing it into a pkg, then notarizing that, then pulling the app out of it and stapling it afterwards seems awkward to me. It also seems like it risks running into update issues -- if the .app in the pkg and the dmg are not identical, partial mars will fail for one or the other.

I'd be happy to hop on Zoom to hash this out more at some point if that's useful; we might be reaching the limits of what we can hash out here.

In any case, if there's plans to improve and rework this in the near future I'm a little less fussed about what's happening here if it gives us a short term win.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bhearsum bhearsum bhearsum left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@hneiva @bhearsum