I have tried to manually install binaries using Finder by clicking and dragging from the Desktop into "/usr/local/bin/". The binaries come with a collection of frameworks etc. All the binaries are adhoc signed. macOS asks for Admin credentials which is fine. But then, when I execute the binaries in Terminal, Gatekeeper shows the now expected "'[binary"] Not Opened Apple could not verify ........" etc. It shows that dialog for every component and requires user input 2-3 times to allow each component of which there are perhaps dozens. BUT, none of that happens if I install those binaries using AppleScript. So, it might have a call like this: do shell script "curl -L " & download_URL & " -o " & download_binary_zip with administrator privileges do shell script "unzip -o " & download_binary_zip & " -d " & usr_bin_folder with administrator privileges The resulting installs work perfectly. Is this intended ? Using both install methods requires Admin credentials. Why does using a script work but using Finder does not ?

I'm using PyBind11 to allow use of Python code within my C++ application. The application links successfully, but on the py::module::import below: LOGICAL WebServer:: CheckForPort() { EPython::Prepare(); auto socket = py::module::import("socket"); auto s = socket.attr("socket")(socket.attr("AF_INET"),socket.attr("SOCK_STREAM")); if (s == Py_None) return L_TRUE; auto rc = s.attr("connect_ex")("localhost",8810); // // Returns zero if port in in use // return (rc.cast<int>() == 0); } I get a run-time error libc++abi: terminating due to uncaught exception of type pybind11::error_already_set: ImportError: dlopen(/Library/Frameworks/Python.framework/Versions/3.11/lib/python3.11/lib-dynload/math.cpython-311-darwin.so, 0x0002): tried: '/Users/Shared/Develop/IntelApps/WinTD 5/DerivedData/WinTDOSX/Build/Products/Debug/math.cpython-311-darwin.so' (no such file), '/usr/lib/system/introspection/math.cpython-311-darwin.so' (no such file, not in dyld cache), '/Library/Frameworks/Python.framework/Versions/3.11/lib/python3.11/lib-dynload/math.cpython-311-darwin.so' (code signature in <855730B8-106D-389C-BF65-36A98463EDB5> '/Library/Frameworks/Python.framework/Versions/3.11/lib/python3.11/lib-dynload/math.cpython-311-darwin.so' not valid for use in process: mapping process and mapped file (non-platform) have different Team IDs), I have no idea how to fix the code signature error---this is intended for distribution, so that presumably would be a file on the user's computer. I tried to link in the .so file, but that's a rabbit hole as there are a near endless set of further dependencies.

Hi, I've recently observed a sudden increase in support requests for one of my apps on the Mac App Store, reporting the error " is damaged and can't be opened. Please re-download it from the Mac App Store", all on different systems: macOS 12, macOS 13, and macOS 15 Sequoia. Re-downloading does not resolve the issue most of the time. One user reported that being connected to the internet resolved it - perhaps this is an OCSP issue again? I myself cannot reproduce this issue. Has there been a change in code-signing recently? Have some certificates changed? Anything else I should be aware of? What is the best course of action to have users take who experience this, when re-downloading the app from the Mac App Store does not work? Thank you, – Matthias

Hello, We are using automatic signing for a couple of projects, and we're struggling to get it to work in a CI with Xcode 16. It was working with Xcode 15 but with Xcode 16 we get the following errors : error: The operation couldn’t be completed. Unable to log in with account ''. The login details for account '' were rejected. error: Provisioning profile "iOS Team Provisioning Profile: com.bundleid.my" doesn't include signing certificate "Apple Development: Foobar (TEAMID)". Any ideas ?

When I make ipa by commond tools,Some errors have occurred.Has anyone encountered it before？ Ps:debug mode is ok，release mode is not ok. error: exportArchive: Code signing "FBAEMKit.framework" failed. Error Domain=IDEDistributionPipelineErrorDomain Code=0 "Code signing "FBAEMKit.framework" failed." UserInfo={NSLocalizedDescription=Code signing "FBAEMKit.framework" failed., NSLocalizedRecoverySuggestion=View distribution logs for more information.}

I am developing a mobile application with Delphi 11. I compiled the application using iOS SDK 17.5. I uploaded it to the Apple Store for testing and first tested it on an iPhone 7 (software version 15.7.1). The application worked smoothly. Later, I tested it on an iPhone 14 (software version 17.6.1) and an iPhone 11 (software version 18). On both of these devices, the application crashed before opening. Since the same application is available on the Apple Store, I downloaded it from there and saw that it worked fine on the last two devices. I thought that the SDK needed to be upgraded for newly compiled and submitted applications. However, in that case, it should have thrown an error when submitting the application to the Apple Store. I updated macOS and Xcode and upgraded to SDK 18. I also set SDK 18 in Delphi. When I compiled with these settings, I again saw that it worked normally on my first device, while the application crashed on the next two devices. Considering it could be an issue with a module in the application, I compiled a blank form by removing all permission requests for testing, but the result did not change. What can I do about this? Do you have any suggestions?

I need an OV certificate to code sign an Electron application. I was used to build in Jenkins the application oth for Windows and macOS using Electron-Forge (https://www.electronforge.io/guides/code-signing/code-signing-macos). To be more specific use XCode and Keychain to store the certificate. Sadly, new certificate industry requirements will force me to use Azure Key Vaults (or other cloud HSM alternatives) to store the certificate. I need to find a way to code-sign it for macOS from Azure Key Vaults or equivalent solutions. Thank you

I got this error while compiling to macOS app on flutter, can anyone help this problem ? error : replacing existing signature, resource fork, Finder information, or similar detritus not allowed

I am a developer working on iOS apps. I would like to report an issue occurring in iOS 18 beta and iOS 18.1 beta. Our company has two Enterprise accounts, and we are developing two apps: A app / TeamId: ABCDEFG B app / TeamId: HIJKLMN When we distribute these apps, which have different TeamIds, and install them on a device running iOS 18 beta, both apps install successfully, but only one app will run. (Other app crashed immediately after being launched.) This issue does not occur on versions prior to iOS 18. I would like to know if this is a problem that will be resolved in future updates, or if it is a policy change.

I am signing my app using this command: codesign --verbose=4 --force --options=runtime --deep --timestamp --sign "${APP_IDENTITY}" "${APP_FILE}" --entitlements "./Protect.entitlements I have ensured that the necessary provisioning profiles are embedded in the IPA file. I am also verifying the signing using codesign -dvv ./JumpCloud\ Protect\ Staging.ipa and codesign --verify --deep --verbose ./JumpCloud\ Protect\ Staging.ipa Despite following the above steps, when I attempt to upload the IPA file to Transporter, I receive the following error message: Missing or invalid signature. The bundle 'com.jumpcloud.JumpCloud-Protect.staging' at bundle path 'Payload/JumpCloud Protect Staging.app' is not signed using an Apple submission certificate.

Among the newest crash reports downloaded by Xcode for my App Store app there is one that contains a single thread, crashed at libsecinit_appsandbox.c, without any trace of my app name. What could possibly cause such a crash? Is this something related with app signing? The app has been on the App Store for a long time and this never happened to me. Thread 0 Crashed: 0 libsystem_secinit.dylib 0x00000001941dcfcc _libsecinit_appsandbox.cold.12 + 60 (libsecinit_appsandbox.c:454) 1 libsystem_secinit.dylib 0x00000001941dbf94 _libsecinit_appsandbox + 1764 (libsecinit_appsandbox.c:454) 2 libsystem_trace.dylib 0x00000001872be598 _os_activity_initiate_impl + 64 (activity.c:131) 3 libsystem_secinit.dylib 0x00000001941db85c _libsecinit_initializer + 80 (libsecinit_initializer.c:17) 4 libSystem.B.dylib 0x00000001941f2664 libSystem_initializer + 280 (init.c:338) 5 dyld 0x00000001871fe608 invocation function for block in dyld4::Loader::findAndRunAllInitializers(dyld4::RuntimeState&) const::$_0::operator()() const + 168 (Loader.cpp:2198) 6 dyld 0x000000018723cd6c invocation function for block in dyld3::MachOAnalyzer::forEachInitializer(Diagnostics&, dyld3::MachOAnalyzer::VMAddrConverter const&, void (unsigned int) block_pointer, void const*) const + 340 (MachOAnalyzer.cpp:2481) 7 dyld 0x0000000187230400 invocation function for block in dyld3::MachOFile::forEachSection(void (dyld3::MachOFile::SectionInfo const&, bool, bool&) block_pointer) const + 496 (MachOFile.cpp:1669) 8 dyld 0x00000001871df2fc dyld3::MachOFile::forEachLoadCommand(Diagnostics&, void (load_command const*, bool&) block_pointer) const + 300 (MachOFile.cpp:1185) 9 dyld 0x000000018722f394 dyld3::MachOFile::forEachSection(void (dyld3::MachOFile::SectionInfo const&, bool, bool&) block_pointer) const + 192 (MachOFile.cpp:1628) 10 dyld 0x000000018723c880 dyld3::MachOAnalyzer::forEachInitializer(Diagnostics&, dyld3::MachOAnalyzer::VMAddrConverter const&, void (unsigned int) block_pointer, void const*) const + 516 (MachOAnalyzer.cpp:2448) 11 dyld 0x00000001871fa53c dyld4::Loader::findAndRunAllInitializers(dyld4::RuntimeState&) const + 564 (Loader.cpp:2189) 12 dyld 0x00000001872042d4 dyld4::PrebuiltLoader::runInitializers(dyld4::RuntimeState&) const + 44 (PrebuiltLoader.cpp:818) 13 dyld 0x000000018721dcc0 dyld4::APIs::runAllInitializersForMain() + 84 (DyldAPIs.cpp:3889) 14 dyld 0x00000001871e4010 dyld4::prepare(dyld4::APIs&, dyld3::MachOAnalyzer const*) + 3156 (dyldMain.cpp:891) 15 dyld 0x00000001871e2ef4 start + 1868 (dyldMain.cpp:1265) Crash report

We have developed an electron app which we want to extend with an action extension. The action extension is written in swift in Xcode. Our plan was to build the .appex file and insert it into the PlugIns folder in our electron app, but I don't think this is the right way to do it? If we insert the .appex file before notarization then we get an error that we are "replacing existing signature". If we manually insert it after the notarization then we get an error with the app is damaged and can’t be opened. Can anybody provide a procedure for this kind of merge I would imagine that it goes something like: Sign app Sign extension Add extension to App Notarize app For signing the app we use electron-builder.

I'm working on an app that contains a USB Driver Kit extension for iPad (NOT MAC). The app contains two targets, the core app and the DriverKit extension target. I can run the app just fine using a dev cert and provisioning profile. ** What is the step-by-step process for signing the release build?** There seems to be no way to create a release profile for the Driver Kit target. I've tried multiple avenues, but come to a dead end on each. I have requested and received the correct entitlements. Also, on a separate note, has anyone achieved this process using Fastlane? It seems particularly resistant to building the app with the driverkit extension, even for dev builds. It complains about the driverkit dev profile not being an iOS profile. Thanks!

Hi, I've developed an application which reside under /Applications. Inside the main application bundle (/Applications/mainApp.app) there are sub-app that contain security extension. Here's the relevant path /Applications/mainApp.app/Contents/Helpers/subApp.app/Contents/Library/SystemExtensions/com.myComp.type.systemextension/ So far I could load the extension by running the subApp and make sure it calls the extension activation API. but seems like starting from Sonoma (i'm using version 14.6.1 )it stopped working, and I get crash dump on signature failure which trying to open the subApp.app. in the crash log I get reason of invalid code sign. I also get the following hints Binary Images: 0x1050a0000 - 0x10512bfff dyld_path_missing (*) <f635824e-318b-3f0c-842c-c369737f2b68> /dyld_path_missing 0x104d9c000 - 0x104d9ffff main_executable_path_missing (*) <1df5f408-cb16-304f-8b38-226e29361161> /main_executable_path_missing Is it possible that new OS version have new validation rule that enforce something about the location of the app that can start extensions ?

PLATFORM AND VERSION macOS Development environment: Other: Python Run-time configuration: macOS 14.6.1 DESCRIPTION OF PROBLEM We have created application using python and created .app using pyInstaller. We want to get the location access using python based application which we are trying to run on MacOS 14.6.1. Without including NSLocationUsageDescription in our info.plist, it is working fine but not getting location permission pop up. After including NSLocationUsageDescription in info.plist application got corrupted. STEPS TO REPRODUCE We are using below commands to sign the application codesign --force -s "Developer ID Application: Pitney Bowes (72NX38Y9GF)" -v DeviceHub.app --deep --strict --options=runtime --entitlements ../info.plist DeviceHub.app ditto -c -k --keepParent --rsrc --sequesterRsrc --arch 'x86_64' DeviceHub.app DeviceHub.zip xcrun notarytool submit DeviceHub.zip --keychain-profile "DHAgentProfile" --wait xcrun stapler staple DeviceHub.app

I first built WordPuzzleAids over 2 years ago. I built it on my MacBook Pro, using Xcode and Swift. The destination for the build was my iPhone. Two weeks ago, the app stopped working on the iPhone: I thought I might need to rebuild it on the on the MacBook and "re-deliver" it to the iPhone. The build failed with: CodeSign /Users/paddy/Library/Developer/Xcode/DerivedData/WordPuzzleAids-dnwilitxxdvpzablseyseujsllag/Build/Products/Debug-iphoneos/WordPuzzleAids.app (in target 'WordPuzzleAids' from project 'WordPuzzleAids') cd /Users/paddy/Projects/ThirdParty/WordPuzzleAids Signing Identity: "Apple Development: John Patterson (G9M8AH9CTD)" Provisioning Profile: "iOS Team Provisioning Profile: *" (650d11d4-ecd2-4458-a146-3cb55438e9dc) /usr/bin/codesign --force --sign 1FC4588FA2EAD7DCF9AAC9CDC823B567D76BCBE8 --entitlements /Users/paddy/Library/Developer/Xcode/DerivedData/WordPuzzleAids-dnwilitxxdvpzablseyseujsllag/Build/Intermediates.noindex/WordPuzzleAids.build/Debug-iphoneos/WordPuzzleAids.build/WordPuzzleAids.app.xcent --timestamp\=none --generate-entitlement-der /Users/paddy/Library/Developer/Xcode/DerivedData/WordPuzzleAids-dnwilitxxdvpzablseyseujsllag/Build/Products/Debug-iphoneos/WordPuzzleAids.app /Users/paddy/Library/Developer/Xcode/DerivedData/WordPuzzleAids-dnwilitxxdvpzablseyseujsllag/Build/Products/Debug-iphoneos/WordPuzzleAids.app: errSecInternalComp I have attached the build documentation file Build WordPuzzleAids_2024-08-29T21-17-09.txt

I'm trying to sign an app to run locally because development provisioning does not work for unspecified reasons. I'm adding NSAllowsLocalNetworking to the app transport security section of the entitlements and the result is that the selection to sign the app locally vanishes from the signing section in Xcode. I need to access a local web application which does not provide HTTPS. I'm not only very confused about this but actually pretty ******. Is this once again Apple playing games for absolutely no reason? Why can't I build and run an application on my system that does not have to do anything with Apple, the app store, customers or anything? This is just for me and I cannot make it work.

I have an app that runs on macOS Monterey. For various reasons, I have to externally add a sandbox entitlement (externally, as in using codesign, rather than rebuilding it) After adding the sandbox entitlement, and resigning appropriately, the app crashes on launch with the following error : ERROR:process_singleton_posix.cc(1186)] Failed to bind() /var/folders/s2/j0z79krx321qg318das1r95_zc0000gn/T/com.funkyapp/S/SingletonSocket So I assumed I needed to give access to this file. So I added the following entitlements to the app, via codesign : &lt;key&gt;com.apple.security.temporary-exception.files.absolute-path.read-write&lt;/key&gt; &lt;array&gt; &lt;string&gt;/var&lt;/string&gt; &lt;string&gt;/var/folders/s2/j0z79krx321qg318das1r95_zc0000gn/T/com.funkyapp/S/SingletonSocket&lt;/string&gt; &lt;/array&gt; and also &lt;key&gt;com.apple.security.network.client&lt;/key&gt; &lt;true/&gt; &lt;key&gt;com.apple.security.network.server&lt;/key&gt; &lt;true/&gt; Unfortunately, it still crashes on load, with the same error. Does anyone know why that is? From my perspective, I gave the appropriate entitlements to bind a socket at that path, what am I missing? Thanks !

I have been working with a framework to add multiplayer support to my app. The app runs on test devices, simulators, and archives perfectly fine and the app is fine without the framework. But when I go to distribute the app, I see get this error related to the multiplayer framework I have added. I have tried updating the minimumOSVersion to 9.0, 10.0, 12.0, and 13.0 everywhere (info.plist, deployment info, build settings, etc) and they all match with each build/archive but no matter what I can't get fix this error. This error only shows up when I go to distribute the app to the store. Any ideas on what to try or how to fix this issue? I've attached a screenshot of the issue below.

I am having a peculiar issue with an app I am developing. I am trying to upload it onto App Store Connect but I am getting one error, and a very odd behavior. The error message I am getting is: /Users/user/Documents/GitHub/MyApp/MyApp/DerivedData/MyApp.pub/Build/Intermediates.noindex/ArchiveIntermediates/MyApp.pub/InstallationBuildProductsLocation/Applications/MyApp.pub.app: resource fork, Finder information, or similar detritus not allowed Command CodeSign failed with a nonzero exit code I have cleaned built the directory, I have removed the Derived Data, but this always gets thrown. It was working fine a few months ago, I have only just got back to working on it. The other issue I am havving, when I set to archive the app, I set the target as Any iOS Arm Device (arm64), but when it is archiving it switches to my iPhone as the target. I don't prompt it to do this, it just does it. This is very frustrating. I'm using a MacBook Air M1, with a macOS Sonoma. I updated my Xcode the other day, that's Version 15.4 (15F31d). My App has a minimum target of iOS 15 and a project target of Xcode 13. Any help is appreciated.