Code sign embedded binaries

[raphaelmenges]

Hello 👋,

I am using the "resources" field in the tauri.confg.json to embed an dynamic library into my bundle. This works fine. However, when I try to notarize my application for macOS, I get an error that the dynamic library is not signed and thus the bundle cannot be notarized. I have found a pull request which mentions "deep"-signing by Tauri, but I am not sure whether this has been implemented yet. I could use another action like Code Sign Action to sign the dynamic library specifically, however, I prefer to expose the certification-related secrets to the least actions as possible. Perhaps I am missing something in my configuration to let Tauri at npm run tauri build also sign the dynamic libraries?

PS: I also tried to bundle the dynamic library using the "externalBin" in tauri.confg.json, following the sidecar tutorial. However, at npm run tauri build, it cannot find the .dylib, even though the path should be correct. Perhaps this way is not designed for dynamic libraries?