Hi again, experts I have a problem :D My app craseh on startup, when creating it in AppStore Mode and I have absolutely no idea, why. The only difference betweed my Developer-ID-Mode and AppStore-Mode is, tha differnet certificates are used and a tool runs, that does something with the info.plist. (and the stapler tool, that runs in devID-Mode, is of course not used in appstore-mode) Here is, what I do, when creating the binary: /usr/bin/plutil -convert binary1 "/Users/me/somewhere/myapp.app/Contents/Info.plist" (the above line is not used in Dev-ID-Mode) /usr/bin/codesign --entitlements "/Users/me/somewhere/myapp.entitlements" --deep -s "DeveloperAppCert" -f "/Users/me/somewhere/hansimaticoffice.app" /usr/bin/productbuild --component "/Users/me/somewhere/hansimaticoffice.app" "/Applications" --sign "MacDeveloperInstallerCert" "/Users/me/somewhere/hansimaticoffice.pkg" Any hint?

Helo, I'm trying to upload my React Native App to test with TestFlight but in the archives when I validate the app I received the following error: Missing signing identifier at "/var/folders/72/pp85df852gxbzn51b2b34blw0000gn/T/XcodeDistPipeline.~~~PCbJ98/Root/Payload/ Failed to cloud sign "/var/folders/72/pp85df852gxbzn51b2b34blw0000gn/T/XcodeDistPipeline.~~~PCbJ98/Root/Payload/Click+". Please file a bug report at https://feedbackassistant.apple.com.

Hi, I'm trying to upload my electron app to the App Store. The app uploads fine to App Store Connect but runs into the following problem while processing: Unable to Sign. This package doesn't meet the current code signing requirements. For more information, see the Code Signing and Application Sandboxing Guide at http://developer.apple.com/library/mac/#documentation/Security/Conceptual/CodeSigningGuide/AboutCS/AboutCS.html and Technical Note 2206 at https://developer.apple.com/library/mac/technotes/tn2206/_index.html Specifically, codesign generated the following errors: [ com.electron.easy-csl-electron.pkg/Payload/easy-csl-electron.app: resource fork, Finder information, or similar detritus not allowed] (90303) Getting to this point was already a real challenge. I'm trying to use electron forge and submit my package to the App Store for which to my knowledge doesn't exist any guide at all. So I'm kinda stuck here: I don't know what "resource fork, Finder information, or similar detritus" is and where it came from and when I search the Internet for this problem I can't find any way to solve it. I tried reading the documentation links provided but I have no idea where to even start :/ Would anybody be able to help me? Thanks, Ludwig

I don't know why we’re up to Xcode 16 and this stuff is still so damn difficult. First of all, I don't know why I can't just send a .app I built for my M1 MacBook Pro to my friend who also has an M1 MacBook Pro. But even after going through the quarantine steps, he gets an alert saying the app can't be opened. So I'm trying to do direct distribution of an archive. But that gives me two errors: There is a problem with the request entity You already have a current Developer ID Application Managed (With Kext) certificate or a pending certificate request. No profiles for 'com.latencyzero.VideoBox' were found Xcode couldn't find any Developer ID provisioning profiles matching 'com.latencyzero.VideoBox'. The signing is managed by Xcode. CloudKit access works.

I facing issue where the system extension i try to install have message: no related kext found for sysex 'com.apple.usbsoundriver' com.apple.usbsoundriver:extension failed to validate! uninstalling... uninstalling invalid extension com.apple.usbsoundriver Is internet access is required for system extension validation? I install the driver without internet access. This work in some others machine, only fresh reformated Mac machine without internet connection have this issue. Why is this so?

Build issue when creating an Apple Watch standalone app archive This is an Apple Watch standalone app. (Without an iPhone app) Even if you create an Apple Watch standalone app as a new project in Xcode, two targets are created: "iPhone target + Apple Watch target". The iPhone target cannot be built or modified. Usually, builds or archives are created with the Apple Watch target. It's been a while since I updated the app, so I tried to fix it, add new features, and update it. When I created an archive, the version kept being created as 1.0 - 1. I entered 1.1 - 8 for the Apple Watch target. In the previous Xcode version, when I clearly modified the version and build version of the Apple Watch target, it was reflected in the archive file. However, in the current Xcode, it is not reflected. Does anyone know how we can fix this issue?

Hi, When postinstall tries to run another binary inside the ./scripts folder I package with pkgbuild, it gets killed by taskgated when the postinstall script tries to run it. └── Contents ├── Helpers ├── Info.plist ├── MacOS │   ├── UI │   └──Worker ├── PkgInfo ├── Resources │   ├── com.ui.plist │   ├── com.worker.plist │   └── icon.icns ├── _CodeSignature │   └── CodeResources └── embedded.provisionprofile scripts: ├── token_installer ├── postinstall ├── token_installer ├── postinstall How I am signing: codesign --entitlements entitlements.plist --timestamp --options=runtime --sign "$DEVELOPER_ID" --force out/myapp.app/Contents/MacOS/UI codesign --entitlements entitlements.plist --timestamp --options=runtime --sign "$DEVELOPER_ID" --force out/myapp.app/Contents/MacOS/Worker codesign --entitlements entitlements.plist --timestamp --options=runtime --sign "$DEVELOPER_ID" --force ./scripts/token_installer codesign --entitlements entitlements.plist --timestamp --options=runtime --sign "$DEVELOPER_ID" --force ./scripts/postinstall codesign --entitlements entitlements.plist --timestamp --options=runtime --sign "$DEVELOPER_ID" --force out/myapp.app echo "pkgbuilding..." pkgbuild --root ./out/myapp.app --sign "$DEVELOPER_ID" --identifier com.myapp.app --version 1.0 --install-location /Applications/myapp.app --scripts ./scripts ./out/myapp.pkg echo "productbuilding..." # productbuild --distribution ./Distribution.xml --package-path ./out/myapp.pkg --resources . ./out/MyAppInstaller.pkg productbuild --product requirements.plist --distribution ./Distribution.xml --package-path ./out/myapp.pkg --resources . ./out/MyAppInstaller.pkg productsign --sign "Developer ID Installer: My Company Inc (***)" --force ./out/MyAppInstaller.pkg ./out/MyAppInstallerSigned.pkg Sidenote: all binaries that are not the main executable, UI, get killed by taskgated, but I figured I will wrap the Worker in its own app Inside Helpers. I just do not see the point in doing that for the token_installer, since it should only be called once ever, during postinstall. Is there a way to make it run without having to include it in the app bundle itself?

I am developing a PCIDriverKit dext, and testing on Sequoia Beta (Version 15.0 Beta, 24A5298h). Both the dext and the "owning" application build on Xcode 16.0 beta 4. I can run the owning application and register the dext. When the OS attempts to load the dext, though, code signing validation errors occur: 2024-07-30 15:54:02.386 Df kernel[0:ae6a] Driver com.company.Dext-Loader.dext has crashed 0 time(s) 2024-07-30 15:54:02.386 Df kernel[0:ae6a] DK: Dext_Loader_Driver-0x100001464 waiting for server com.company.Dext-Loader.dext-100001464 2024-07-30 15:54:02.388 Df kernelmanagerd[112:abb5] Found 1 dexts with bundle identifier com.company.Dext-Loader.dext 2024-07-30 15:54:02.388 Df kernelmanagerd[112:abb5] Using unique id a0cf49ca3ea45f5d54a3e8644e2dde6b0e8666c649c1e9513ca4166919038b53 to pick dext matching bundle identifier com.company.Dext-Loader.dext 2024-07-30 15:54:02.388 Df kernelmanagerd[112:abb5] Picked matching dext for bundle identifier com.company.Dext-Loader.dext: Dext com.company.Dext-Loader.dext v34 in executable dext bundle com.company.Dext-Loader.dext at /Library/SystemExtensions/B1BF8CDC-CB24-4F25-A8CA-D7A60D814861/com.company.Dext-Loader.dext.dext 2024-07-30 15:54:02.389 I kernel[0:ae71] igmp_domifreattach: reattached igmp_ifinfo for ifp XHC 2024-07-30 15:54:02.389 I kernel[0:ae71] mld_domifreattach: reattached mld_ifinfo for ifp XHC2 2024-07-30 15:54:02.389 Df kernelmanagerd[112:abb5] DextRecordTable read from plist: { com.company.Dext-Loader.dext: MRS-> Optional(( path: /Library/SystemExtensions/B1BF8CDC-CB24-4F25-A8CA-D7A60D814861/com.company.Dext-Loader.dext.dext; state: loaded )) history-> [ ( path: /Library/SystemExtensions/B1BF8CDC-CB24-4F25-A8CA-D7A60D814861/com.company.Dext-Loader.dext.dext; state: loaded ) ] } 2024-07-30 15:54:02.389 Df kernelmanagerd[112:abb5] Launching dext com.company.Dext-Loader.dext com.company.Dext-Loader.dext 0x100001464 a0cf49ca3ea45f5d54a3e8644e2dde6b0e8666c649c1e9513ca4166919038b53 2024-07-30 15:54:02.390 I kernelmanagerd[112:abb5] [com.apple.km:DextLaunch] Skipping addBreadcrumbForDextWithIdentifier for <private> 0 2024-07-30 15:54:02.389 Df kernel[0:ae71] ifnet_attach: Waiting for all kernel threads created for interface XHC2 to get scheduled at least once. 2024-07-30 15:54:02.389 Df kernel[0:ae71] ifnet_attach: All kernel threads created for interface XHC2 have been scheduled at least once. Proceeding. 2024-07-30 15:54:02.390 Df kernelmanagerd[112:abb5] Launching driver extension: Dext com.company.Dext-Loader.dext v34 in executable dext bundle com.company.Dext-Loader.dext at /Library/SystemExtensions/B1BF8CDC-CB24-4F25-A8CA-D7A60D814861/com.company.Dext-Loader.dext.dext 2024-07-30 15:54:02.479 E kernel[0:a9fb] (Sandbox) 1 duplicate report for Sandbox: imagent(633) deny(1) mach-lookup com.apple.contactsd.persistence 2024-07-30 15:54:02.479 E kernel[0:a9fb] (Sandbox) Sandbox: taskgated-helper(2985) deny(1) user-preference-read kCFPreferencesAnyApplication 2024-07-30 15:54:02.483 Df kernel[0:ae73] (AppleMobileFileIntegrity) AMFI: code signature validation failed. 2024-07-30 15:54:02.483 Df kernel[0:ae73] (AppleMobileFileIntegrity) AMFI: bailing out because of restricted entitlements. 2024-07-30 15:54:02.483 Df kernel[0:ae73] (AppleMobileFileIntegrity) AMFI: When validating /Library/SystemExtensions/B1BF8CDC-CB24-4F25-A8CA-D7A60D814861/com.company.Dext-Loader.dext.dext/com.company.Dext-Loader.dext: Code has restricted entitlements, but the validation of its code signature failed. Unsatisfied Entitlements: 2024-07-30 15:54:02.483 Df kernel[0:ae73] mac_vnode_check_signature: /Library/SystemExtensions/B1BF8CDC-CB24-4F25-A8CA-D7A60D814861/com.company.Dext-Loader.dext.dext/com.company.Dext-Loader.dext: code signature validation failed fatally: When validating /Library/SystemExtensions/B1BF8CDC-CB24-4F25-A8CA-D7A60D814861/com.company.Dext-Loader.dext.dext/com.company.Dext-Loader.dext: Code has restricted entitlements, but the validation of its code signature failed. Unsatisfied Entitlements: 2024-07-30 15:54:02.483 Df kernel[0:ae73] validation of code signature failed through MACF policy: 1 2024-07-30 15:54:02.483 Df kernel[0:ae73] check_signature[pid: 2984]: error = 1 2024-07-30 15:54:02.483 Df kernel[0:ae73] proc 2984: load code signature error 4 for file "com.company.Dext-Loader.dext" 2024-07-30 15:54:02.485 Df kernelmanagerd[112:abb5] [com.apple.libxpc.OSLaunchdJob:all] <OSLaunchdJob | handle=46B92B57-A90A-4EBD-8EF4-54313C6EE332>: submitAndStart completed, info=spawn failed, error=162: Codesigning issue 2024-07-30 15:54:02.483 Df kernel[0:ae73] (Sandbox) /Library/SystemExtensions/B1BF8CDC-CB24-4F25-A8CA-D7A60D814861/com.company.Dext-Loader.dext.dext/com.company.Dext-Loader.dext[2984] ==> com.apple.dext 2024-07-30 15:54:02.485 E kernelmanagerd[112:abb5] [com.apple.libxpc.OSLaunchdJob:all] <OSLaunchdJob | handle=46B92B57-A90A-4EBD-8EF4-54313C6EE332>: job failed to spawn, plist={ ProcessType => Driver _ManagedBy => com.apple.kernelmanagerd CFBundleIdentifier => com.company.Dext-Loader.dext _JetsamPropertiesIdentifier => com.company.Dext-Loader.dext LimitLoadToSessionType => System _DextCheckInPort => <mach send right: 0xbd486ccc0> { name = 15679, right = send, urefs = 2 } UserName => _driverkit _NullBootstrapPort => true ReslideSharedCache => false LaunchOnlyOnce => true Label => com.company.Dext-Loader.dext-0x100001464 RunAtLoad => true ProgramArguments => [<capacity = 8> 0: /Library/SystemExtensions/B1BF8CDC-CB24-4F25-A8CA-D7A60D814861/com.company.Dext-Loader.dext.dext/com.company.Dext-Loader.dext 1: com.company.Dext-Loader.dext 2: 0x100001464 3: com.company.Dext-Loader.dext ] SandboxProfile => com.apple.dext } The Xcode project uses these signing options: Automatically manage signing Team: Company Provisioning Profile: Xcode Managed Profile Signing Certificate: Apple Development: () The same project, with the same signing options, builds and loads its dext without issues from Xcode 15.3 on Sonoma 14.5. That same dext binary from Xcode 15.3 loads and passes the signature checks on Sequoia, but using Xcode on Sequoia is when the signature validation fails. Can anyone suggest a way to resolve these signature validation errors? (Other than just developing on Sonoma and testing on Sequoia?)

Hi, I am a developer and app manager using a personal account. I am encountering an issue where the automatic signing feature in Xcode is not working, and I receive the error message: "Signing for 'Runner' requires a development team." Additionally, I cannot access the "Certificates, Identifiers & Profiles" section, even though I have already added my account to Xcode. How can I fix this issue? Is it possible to run or upload the app without this signing process?

When checking that a .dmg file is correctly stapled with the command xcrun stapler validate -v file.dmg I intermittently get errors like Properties are { NSURLIsDirectoryKey = 0; NSURLIsPackageKey = 0; NSURLIsSymbolicLinkKey = 0; NSURLLocalizedTypeDescriptionKey = "Disk Image"; NSURLTypeIdentifierKey = "com.apple.disk-image-udif"; "_NSURLIsApplicationKey" = 0; } Codesign offset 0x1eb82c90 length: 15891 Stored Codesign length: 15891 number of blobs: 5 Total Length: 15891 Found blobs: 5 Props are { cdhash = {length = 20, bytes = 0x07d207070853a23966374ae1b36e921148b3a5f3}; digestAlgorithm = 2; flags = 73728; secureTimestamp = "2024-07-26 06:08:31 +0000"; signingId = "SIGNED-file.dmg... [ Message content over the limit has been removed. ] } Headers: { "Content-Type" = "application/json"; } Response is (null) error is Error Domain=NSURLErrorDomain Code=-1001 "The request timed out." UserInfo={_kCFStreamErrorCodeKey=-2102, NSUnderlyingError=0x6000012b4a80 {Error Domain=kCFErrorDomainCFNetwork Code=-1001 "(null)" UserInfo={_kCFStreamErrorCodeKey=-2102, _kCFStreamErrorDomainKey=4}}, _NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <82266119-065E-480C-B012-F30B48DB0F44>.<1>, _NSURLErrorRelatedURLSessionTaskErrorKey=( "LocalDataTask <82266119-065E-480C-B012-F30B48DB0F44>.<1>" ), NSLocalizedDescription=The request timed out., NSErrorFailingURLStringKey=https://api.apple-cloudkit.com/database/1/com.apple.gk.ticket-delivery/production/public/records/lookup, NSErrorFailingURLKey=https://api.apple-cloudkit.com/database/1/com.apple.gk.ticket-delivery/production/public/records/lookup, _kCFStreamErrorDomainKey=4} I am not able to pin down the cause of this, could it be rate limiting on the API? Any other thoughts as to the cause? Thanks.

I have embedded Python in my iOS project in XCODE according to Beewares Usage guide https://github.com/beeware/Python-Apple-support/blob/main/USAGE.md when running, I get the error that pythonKit can't find cv2, imported by ultralytics. When I add OpenCV-python to my app_packages folder (just like ultralytics) I get the following error: Code signing identifier (libtheoraenc.1) does not match bundle identifier (com.iubh-lea.Meye.cv2.) for /var/installd/Library/Caches/com.apple.mobile.installd.staging/temp.s2Bujt/extracted/Meye.app/Frameworks/cv2..framework any way to add cv2 Framework accessible by python kit without signing mismatch?

Can someone help me at my testflight CODE?

We have created a new Key for APN services but when we click the download button we get to following error: è stato fornito un valore non valido 'undefined' per il parametro 'keyId' (An invalid value 'undefined' was provided for the 'keyId' parameter) Already tried we a new one but got the same error. Thanks

I use launch constraints in a project. If I archive the project and save a copy of the app locally, everything works as expected but if I choose "Direct Distribution" and submit the app to Apple for notarization, the notarized app does not contain any launch constraints. What are I am doing wrong? Thanks.

Hi I have an error message from running an iOS emulator, and it seems there's a problem because Xcode wants to sign something. I have noticed that when running my code for testing, that it is being run in ios-release mode. I have thought that maybe Xcode would not want to sign if the code was being run in ios-debug mode - because Xcode didn't have this interest in signing problem before. Confirmed: "Building com.example.appName for device (ios-release)..." Error confirmation: "No valid code signing certificates were found. You can connect to your Apple Developer account by signing in with your Apple ID in Xcode and create an iOS Development Certificate ..." My preference is to test/develop at this point without Apple Developer. This was possible for a long time before. Advice: "Or run on an iOS simulator without code signing" It seems that if Xcode were not interested in code signing that I wouldn't have this error preventing me. How can I configure Xcode so that code signing is skipped and the code testing occurs without a reference to my Apple Developer account please? If you can assist to resolve with these queries, that would be cool and greatly appreciated. With thanks.

Hi, python "import foundation" crushes without error message (but with a macos crush report) if the app is codesigned with Developer ID Application Certificate.(Without codesign, it works fine.) 1-test_simple_foundation.py(already attached): import socket import Foundation print("hallo") 2-Install Nuitka: pip install Nuitka 3-Generate App File via Nuitka: echo *** | sudo -S python3.9 -m nuitka --run --standalone --macos-create-app-bundle --macos-app-mode=ui-element --macos-app-icon=icons/app_icon.png --include-data-dir=icons=icons test_simple_foundation.py 4-Copy app file under /applications 5-Execute test_simple_foundation.app file from terminal ./Applications/test_simple_foundation.app/Contents/MacOS/test_simple_foundation and observer that "hallo" is printed out 6-Codesign with following sh file(already attached): 7-Execute test_simple_foundation.app file from terminal ./Applications/test_simple_foundation.app/Contents/MacOS/test_simple_foundation and observer that code freezes with a macos crush report(already attached), after import Foundation nothing printed out. MacOS_crush_report.txt build-app_no_sand-sh.txt test_simple_foundation-py.txt pip list freeze.txt app.entitlements.txt Requirement: python3.9 -m nuitka --version 1.9rc5 Commercial: None Python: 3.9.12 (v3.9.12:b28265d7e6, Mar 23 2022, 18:22:40) Flavor: CPython Official Executable: /Library/Frameworks/Python.framework/Versions/3.9/bin/python3.9 OS: Darwin Arch: x86_64 Version C compiler: /usr/bin/clang (clang). MacOS: Sonoma 14.2.1 1,6 GHz Dual-Core Intel Core i5 8 GB 2133 MHz LPDDR3

I'm new to iOS development so forgive me if this question sounds naive. I have an iPhone 15 Pro currently registered to a coworker but I would like to test my apps on that iPhone when he is not working on it. In order for me to test on that phone, do I need to wipe that iPhone and re-register under my name? Is there anyway to switch between accounts on the iPhone?

Hi, If anyone can please advise -- If signing a framework inside a XCFramework is recommended/mandatory?

I'm trying to use XPC communicate between a command line tool (launched from Terminal) and a macOS application. My code currently works when the app is launched from Xcode, but not if I launch the built app from the command line (open path-to-foo.app) or if I try and distribute the packaged application (via "Development" distribution). Notably, the XPC works if the command line tool is launched from the terminal as long as the app itself is launched from Xcode. I publish the XPC service using NSXPCListener(machServiceName: <team-identifier>.com.example.my-app.service) and connect to it using NSXPCConnection(machServiceName: machServiceName). Both my command line tool and my main app identical "app group" entitlements for $(TeamIdentifierPrefix)com.example.my-app and I verified the team identifier substitution was correct in both the app and command line tool after doing distributing for "App Store", exporting, unpacking the pkg and running codesign as described here: https://developer.apple.com/documentation/xcode/embedding-a-helper-tool-in-a-sandboxed-app

I have an XPC service that embeds Python. It executes a python script on behalf of the main app. The app and xpc service are sandboxed. All seems to work just fine in the development environment but the script fails in the released version. I disabled writing pycache by setting the PYTHONDONTWRITEBYTECODE environment variable because pycache tries to write inside my app bundle which fails (I believe I can redirect the pycache directory with PYTHONPYCACHEPREFIX and may experiment with that later). Specifically this line fails in the release version only (not from Xcode): PyObject *pModule = PyImport_Import(moduleNameHere); if (pModuleOwnedRef == NULL) { // this is null in release mode only. } Any ideas what can be going wrong? Thanks in advance.