QA Verification: Validate HDFView GitHub Binaries for Completeness and Code Signing

[byrnHDF]

Description:
We need to validate the deployment artifacts generated by the GitHub Actions release workflow. This test ensures that the downloadable installers/archives for Windows, macOS, and Linux are:

1. Complete: Contain all necessary runtime dependencies (Java runtime, HDF5 libraries, system libs) and do not require the user to manually install external dependencies.
2. Signed: Correctly digitally signed and notarized (where applicable) to prevent OS security warnings (e.g., Windows SmartScreen, macOS Gatekeeper).

Please test the artifacts from the latest build/release candidate and check off the tasks below.

Target Artifacts

• Version: [Insert Version, e.g., 3.3.2-rc1]
• Source: [Insert Link to GitHub Release or Actions Artifacts]

---

Task List

1. Windows (.msi / .zip)

• Verify Digital Signature:
  • Right-click the installer -> Properties -> Digital Signatures.
  • Confirm the signer is "The HDF Group".
  • Confirm the timestamp is valid.
• SmartScreen Test:
  • Run the installer. Ensure Windows SmartScreen does not flag the file as "Unknown Publisher" or "Malicious."
• Installation Completeness:
  • Install the application.
  • Check that the installation directory contains the bundled JRE (if applicable) and hdf5.dll / szip.dll / zlib.dll.
• Runtime Test:
  • Launch HDFView. Ensure no "Missing DLL" errors appear.
  • Open a standard HDF5 file to verify the backend library loaded correctly.

.msi file now installs HDFView on Windows 11 Skylark, but fails to launch JVM when attempting to run HDFView. It can be successfully launched with a .bat file that sets JAVABIN=<installed openjdk 25.0.1 2025-10-21 LTS on Windows 11>. LK 12/29

2. macOS (.dmg / .pkg)

• Verify Notarization (Gatekeeper):
  • Download the image on a machine that has not seen it before.
  • Double-click to mount/install.
  • Pass criteria: The OS should prompt "This app is downloaded from the internet. Are you sure you want to open it?" (Standard) rather than "App cannot be opened because the developer cannot be verified."
• Verify Code Signature (CLI):
  • Run codesign -dv --verbose=4 /Applications/HDFView.app
  • Confirm Authority=Developer ID Application: The HDF Group.
• Runtime Completeness:
  • Launch the app. Ensure it does not crash immediately due to missing @rpath links for the HDF5 libraries.
  • Verify that the internal Java runtime is being used, not the system Java (to ensure portability).

3. Linux (.tar.gz / .rpm / .deb)

• Package Integrity:
  • If testing RPM/DEB: Verify the package metadata contains the correct version and description.
  • If testing AppImage (if applicable): Ensure it is executable.
• Dependency Isolation (Completeness):
  • Critical: Run the binary on a "clean" Linux environment (e.g., a fresh Ubuntu or CentOS Docker container) that does not have HDF5 or Java installed system-wide.
  • Ensure the included shell script sets LD_LIBRARY_PATH correctly to find the bundled shared libraries (libhdf5.so, etc.).
• Functionality:
  • Launch HDFView.
  • Verify the GUI renders correctly (check for GTK/Windowing library issues).

4. General Content Verification

• User Guide: Verify the Help/User Guide is accessible from the menu.
• Legal: Verify COPYING / LICENSE files are present in the installation root.

[mattjala]

• Working DEB package installation
• Works, but does not create a launcher on the system path. Also requires separate installation of several dependencies (in a fresh Docker machine, openjdk-21-jre libx11-6 libxext6 libxrender1 libxtst6 libgtk-3-0)
• Make DEB/RPM installation create a launcher script on the path
• Use maven jpackage-profile based artifact creation to bundle JREs
• Working RPM package installation
• Fix signing of DMG installer
• Working DMG installer
• Working Mac binaries
• Working MSI installer
• Working Windows binaries
• Windows binaries (and installer?) currently fail due to a JVM issue. This can be worked around by using a run-hdfview script, but this script isn't packaged with the installations.
• Package the script with the installations OR make it no longer a prerequisite for running HDFView on Windows (/Mac?)
• Fix release process creating redundant artifacts (130 MB release files) - these seem to be copies of the source code.
• (Low priority - can be done after release) Set up script + workflow to push release artifacts to s3 with proper index.html files

[hyoklee]

MSI installer is missing szip.dll, aec.dll, and zlib1.dll under c:/Program Files/OpenJDK/jdk-20/bin. HDFView worked fine after copying them manually.