User Profile

Thanks so much for this info.I ran into this warning when including a password protected zip of JXA (JavaScript for Automation) source code, which I did becuase there is no way to export JXA as Run-Only like you can with regular AppleScript and I didn't want to release the source of my applet.While I'm glad this only produced a warning and still allowed Notarization, is it true that Notarization doesn't care about zipped and password protected script source files such as bash or python or JXA or any other "scripting" lanugage?This seems a bit odd when any scripting language could call native code or any powerful bash commands and theoretically do any malicious thing it wants without Apple being able to review the source files during Notarization.But are you saying that Notarization doesn't even analyze the source of scripts anyways because "scripts are not considered code in the context of code signing"?If scripts are in fact analyzed (and even if not) it seems like there should be way to be able to provide Apple with zip passwords so all included app files can be analyzed during Notarization while also not forcing developers to expose the source to the end-users.