+ Adds a preinstall script to wipe out whatever the last .pkg
installed. This should avoid systems that have mad many updates
getting into strange states autoloading things that no longer
exist. Fixes#2963
+ Run add-shell with ${DSTVOLUME} prepended to the path - the
installer lets users intall onto any volume, so it's plausible
not installed onto /
+ Use `logger` instead of rando /tmp files for logging - stuff
should show up in Console.
+ make_pkg makes the pkg and also fish.app - the former was being
built with -j12 already, make the latter do so as well.
Previously we used a hacked up 'xar' tool for signing packages,
since productsign produced a package that could not be installed on
macOS 10.11. That was fixed in Xcode 12.5 so we can just use Apple's
tools again.
See #7656.
Also see https://developer.apple.com/forums/thread/664842
As spotted in #7656, macOS installer files built on Big Sur fail signature
verification on macOS 10.11. This is because Big Sur productsign no longer
supplies the SHA-1 hash, and 10.11 does not know how to read the SHA-256
hash.
Replace the productsign flow with a flow based on
http://users.wfu.edu/cottrell/productsign/productsign_linux.html . This
uses the xar tool to digitally sign the installer packages, with both
SHA-1 and SHA-256 hashes.
The xar tool is somewhat tricky to build, so is checked in (as binary!)
compiled for Mac.
To build a Mac package, run make_pkg.sh (which invokes the signing flow)
followed by mac_notarize.sh which adds the notarization.
