I recently changed the architecture of my app by moving some of the logic into a helper app, which is embedded together with the main app.
The main app's bundle looks like this:
Main.app
- Contents
- MacOS
- Main
- Helper.app
It all works fine during development, and I could successfully archive and notarize it. However, when I try to launch the notarized version of the helper app, it fails with the signing issues.
failed to fetch
Main.app/Contents/MacOS/Helper.app/Contents/_CodeSignature/CodeRequirements-1 error=-10
I have tried a few things, but could not find any working solution. Any help is appreciated!
Notarization
RSS for tagNotarization is the process of scanning Developer ID-signed software for malicious components before distribution outside of the Mac App Store.
Post
Replies
Boosts
Views
Activity
Hi,
we have .pkg install package consisting of various sub packages. One of them contains presets and needs to be installed the the default preset location /Library/Audio/Presets. If this non-binary preset package is the only one in a .pkg choice notarization fails with:
"logFormatVersion": 1,
"jobId": "*",
"status": "Invalid",
"statusSummary": "Archive contains critical validation errors",
"statusCode": 4000,
"archiveFilename": "mypackage.pkg.zip",
"uploadDate": "2024-08-22T21:24:03.251Z",
"sha256": "*",
"ticketContents": null,
"issues": [
{
"severity": "error",
"code": null,
"path": "mypackage.pkg.zip",
"message": "Package mypackage.pkg.zip has no signed executables or bundles. No tickets can be generated.",
"docUrl": null,
"architecture": null
},
{
"severity": "warning",
"code": null,
"path": "mypackage.pkg.zip/mypackage.pkg",
"message": "b\"Invalid component package: mypackage_vstpreset Distribution file's value: #com.mycompany.mypackage.vstpreset.pkg\\n\"",
"docUrl": null,
"architecture": null
}
]
}
Not sure, but maybe its worth noting that the causing sub packge only generates a warning, but the parent package seems to escalate this into an error.
How can a non-binary sub package be included in a notarized parent package?
Any hints or thoughts are highly appreciated, Thanks!
I have a project that notarizes and runs successfully, but then I went to change one of the .a static libraries that it links against, and despite a successful signing and notarization, when it is launched, it pops up a dialog saying that the app "cannot be opened because the developer cannot be verified."
The notarization report looks like this:
{
"logFormatVersion": 1,
"jobId": "24ca9c37-77c6-41fd-a5be-d743aa195b5a",
"status": "Accepted",
"statusSummary": "Ready for distribution",
"statusCode": 0,
"archiveFilename": "MyApp.dmg",
"uploadDate": "2024-08-27T15:19:36.381Z",
"sha256": "88f510690da80f0b682774d4240afef05cfe6123ba8427db6afb6006f401ed42",
"ticketContents": [
...
],
"issues": null
}
How can I get more information about how to diagnose this?
Hi everyone,
Been working with Apple's notarization process for a while, and we've recently noticed some unexpected behavior.
It seems like the notarization service might be looking inside ZIP archives contained within my app's distribution package.
In the past, we don't recall the notarization process digging into ZIP files like this—only the main app bundle and its contents were scanned for signatures.
Has there been a recent change or update to the notarization service that now includes inspecting files within ZIP archives?
If so, are there specific guidelines or documentation updates regarding this change? Can anyone point me to what to expect and how to adjust my workflow accordingly. While "signing all the files" is the default answer, is there a more cohesive answer to this question?
Thanks
I've the common "Team is not yet configured for notarization" issue and
I've had it since the beginning of last year, where I contacted Apple about the issue, after going through some generalized useless advice that the support agent gave me I was finally able to escalate the issue and they supposedly had their "engineers" working on it.
About every month I would send 1-2 emails asking for status update and everytime the response was "the engineers are working on it", and about the 8th-9th month they stopped responding. Now I've paid for developer program again, I have the same issue, it has not been fixed.
I am in fact being scammed at this point and I've opened an issue via the provided link in the related thread below, it's been a week, Apple has not responded and the fact is, this is the worst platform to develop for. I really am starting to hate this company.
I'm trying to submit my application to the notarization service for the 100th time, but I keep encountering the same error message. I'm feeling frustrated and unsure of what steps to take next...
I submitted my macOS app for notarization. Here's what I see:
Successfully received submission info createdDate: 2024-08-21T11:25:46.063Z id: 9e787992-5737-4ca8-b8b5-23d267f6476c name: MacOSapp.zip status: Accepted
What does it mean? Are there more stages in this process?
The reason I am asking is because trying to staple a ticket gives me 'error 65' which means there is no ticket.
Hi all —
Hoping you all have insights on notarization.
We are a small startup using Apple Business Essentials as our company MDM, managing our fleet of Macs. ABE has the capability (as with every MDM) to deploy custom software to those Macs via .pkg files.
We create the package files with no problem, and also codesign them with no problem. We discovered that the Macs will fail to install the packages if the package is not notarized (which makes sense from the perspective of Gatekeeper).
Notarizing the package was easy. Submitting them is easy. But the processing time has been crazy! I've read from posts here that the first submissions can take a long time, and indeed ours did — iirc, about 48 hours. But the pattern has continued. Our most recent submission (submission id 2a714bbf-83e7-4a25-b936-e002c94e1704 if someone from Apple is reading) has now taken almost 4 days and is still In Progress.
I have no idea how to resolve this, or even to understand what's holding up the submission. Anyone have any ideas?
We are not intending to deploy any of these packages to the public (only to our corporate Macs). I'd love to avoid the notarization but it doesn't seem possible.
Any ideas?
I am runnning persistent notarization issues with my macOS Electron application.
Despite multiple attempts to resolve these issues, the notarization status remains "Invalid," and the errors in the report are consistent.
What I'm doing
Sign the code like this
codesign --sign "Apple Distribution: Name Lastname (123456)" --deep --force --timestamp=auto path/to/Application.app
I then get: Application.app: replacing existing signature
I then verify the signing with:
codesign --verify --deep --strict --verbose=4 path/to/Application.app
I then get: --prepared:/path/to/Application.app/Contents/Frameworks/SomeFramework.framework
--validated:/path/to/Application.app/Contents/Frameworks/SomeFramework.framework
--prepared:/path/to/Application.app/Contents/Frameworks/AnotherFramework.framework
--validated:/path/to/Application.app/Contents/Frameworks/AnotherFramework.framework
Application.app: valid on disk
Application.app: satisfies its Designated Requirement
I then build:
npm build
I then package:
zip -r Application.zip Application.app
I then upload:
xcrun notarytool submit Application.zip --apple-id your-apple-id --team-id your-team-id --password your-app-specific-password
Then I check for status and I get:
Successfully received submission info
createdDate: 2024-08-15T18:21:31.520Z
id: 55daf39a-4be9-4dd6-a490-1890d33f9e75
name: Application.zip
status: Invalid
In the report generated I get issues like:
"path": "path/to/Application.app/Contents/Frameworks/SomeFramework.framework/SomeFramework",
"message": "The signature of the binary is invalid.",
"docUrl": "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087735",
"architecture": "arm64"
and
"path": "path/to/Application.app/Contents/Frameworks/SomeFramework.framework/Versions/Current/Helpers/chrome_crashpad_handler",
"message": "The signature does not include a secure timestamp.",
"docUrl": "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087733",
"architecture": "arm64"
What am I doing wrong? I tried signing each issue separately and rerun the entire process, it's not working.
Hi there-
Like the title says, I'm trying to get an .app bundle code-signed and notarised that runs java internally, without using XCode. I've mostly based my workflow off the advice and notes given here and here, but I'm running into problems with using notarytool at the final step, rather than altool.
My basic workflow from the same directory with the .app is as follows...
codesign --deep --force --options=runtime --entitlements ../resources/entitlements.plist --sign "DEVELOPER_ID_ETC" --timestamp MyApp.app/Contents/MacOS/launcher.command
codesign --deep --force --options=runtime --entitlements ../resources/entitlements.plist --sign "DEVELOPER_ID_ETC" --timestamp MyApp.app/Contents/Java/code_jar.jar
codesign --deep --force --options=runtime --entitlements ../resources/entitlements.plist --sign "DEVELOPER_ID_ETC" --timestamp MyApp.app/Contents/PlugIns/OSX_JRE
codesign --deep --force --options=runtime --sign "DEVELOPER_ID_ETC" --timestamp MyApp.app/Contents/Resources/app_icon.icns
codesign --deep --force --options=runtime --entitlements ../resources/entitlements.plist --sign "DEVELOPER_ID_ETC" --timestamp MyApp.app
codesign -vv MyApp.app
zip -r MyApp_APP.zip MyApp.app
../notarytool submit MyApp_APP.zip --keychain-profile "Developer-notarytool" --wait
...at which point I receive an 'invalid' response from the server that notarytool uploads to. The "codesign -vv" step passes without complaint, so is there any way to get more information about what's causing the notarisation failure?
I am in the process of notarizing a dmg file. We are getting some errors in the process. These errors can be retrieved from the notarytool -log option. However, I would like to get the error in a link form like we used to get with altool so that I could share it with my team. Does anyone know how to get a link for the failure log?
Hi everyone,
I'm hearing online that the macOS App Notarization service won't work for some Chinese app developers. They say that personal Apple Developer accounts in China (supposedly having membership subscription) are restricted from using this service or their macOS apps won't pass notarization process probably due to some "strict legal regulations". I want to ask if this is true? Or is it just they failed to follow some of the technical requirements of this process?
Hi there, I've been working on a JUCE audio plugin project and have created an installer for the demo to release to the public outside of the App Store.
I have built the various forms of the plugin in Xcode (standalone, AU, vst3) and have the automatic signing set up with a Developer ID Application certificate. I have been using WhiteBox Packages to create the installer to install the AU component and the vst3 on a user's computer. I can successfully sign the installer with a Developer ID Installer certificate but when I submit it for notarization, the status returns as "invalid". When looking at the Notarytool log, it says that the binary is not signed with a valid Developer ID certificate for all versions of the plugin (for AU & vst3, and both architectures, arm64 & x86_64, as well).
I can use codesign and pkgutil to confirm that the files and installer are both signed including the contents within both the AU and vst3 bundles, but the notarization still fails. I have tried to notarize just a zipped version of the plugin but that fails too. In the Customizing The Notarization Workflow documentation, it is mentioned that custom third-party installers need two rounds of notarization. I'm assuming Packages is a custom third-party installer but I don't see how two rounds of notarization is possible when I can't even notarize a zipped version of the plugin.
I am still new to Xcode and Apple Developer so there is a possibility that it's something I missed or didn't do. I've read through quite a few other posts on both this forum and the JUCE forum about similar problems but I haven't found a solution that has worked so if anyone has any ideas on how to potentially get my installer notarized, I'd greatly appreciate the advice. Thanks.
I have been trying to notarize an app since yesterday tried about 20 times at various times of the day.
Most times it stops during the upload and produces an error message
"Couldn't communicate with a helper application" which occurs at various places while downloading.
Three times the upload appeared to complete but then produced an error
"This operation could not be completed (SotoS3.S3ErrorType.Multipart.error.1
I then looked in the status log which had several entries:
Prepared archive for uploading (green check to left)
Upload failed (red x to left)
Notary error (red x to left)
The operation couldn't be completed (SotoS3.S3ErrorType...)
In Progress (grey timer icon to left)
macOS application Mulligan's Eagle (403115926)
macOS deployment - macOS 10.14 (Mojave) through Sonoma 14.5
macOS targets - Mac App Store, ad hoc direct drag-to-install image
Xcode version 15.4, various development Macs (Intel, M1, M2)
Eagle delivered since pre-Mac App Store days - derived from System 7 MacApp development. App most recently delivered with min system Mac OS 10.12 through current Sonoma 14.5, dual target for Mac App Store automatically signed with Apple Development credentials and for outside release automatically signed with Developer ID credentials.
Recent revisions to the software to bump min system to 10.14 (Mojave) with typical continuing development for tech, reqm'ts, etc. Updates (a couple since previous release) to Xcode - now using version 15.4, which recommended some config changes that made sense, except min system. Popular application with lots of older (uh... elder) users running Macs servicing golfers.
The application is ready to distribute with automatic signing, but wasn't able to do so with Developer ID credentials, but Xcode note (and reading of tips in this forum and my poor understanding) managed to submit for notarization - failed.
Tried to manually sign...
and reviewed signing info in Xcode...
So I reviewed Certificate(s) etc. that should have been used when previously signing Dev ID for notarization and release. I have (I think) six Developer ID Application certs and six Developer ID Installer certs and I can't find any combination of those certificates - some with duplicate dates or expirations - that allows me to use one to automatically sign code to notarization or delivery. What do I do? I've lived a peaceful solo developer life for 25 years delivering and signing code for the Mac and as long as iOS has existed. I'm terrified about this issue however...
My early Mac OS using customers (since Lion - pre sandbox) still have serial numbers for this software and have bought a Mac every 6 - 10 years so they could get my latest release. We've never required that they re-purchase from the App Store... they have a perpetual license. Sandboxing was a shock they never felt - we kept delivering updates to them and if they decided sandboxing mattered, they purchased from Apple and we included the container-migration entitlement in the App Store version to move their data to the new sandbox. Pretty slick. Until we built an install disk to test it on an unsandboxed version of Eagle in our office. It "lost" its data - vanished by remaining in the old Application Support directory while the new hardened runtime version looked for it in the sandbox - finding nothing. Just imagine encountering that if you're 80 years old running a golf league.
How can I "reset" the futzed-up certificate Developer ID mess? I have multiple machines, all with varying subsets of what seem to be good certificates. And Xcode builds new provisioning profiles just for the heck of it, it seems. I'm afraid to revoke or throw out any certificates because I can't tell which ones are good, bad or duplicates - they're all valid. And I can't create any more Developer ID certs because there's a max to control certificate-miscreants like me (yes, I've read Quinn's protection of your Dev ID note - I screwed it up with only 1 employee). I depend on automatic signing because I'm still, after 58 years of coding, just a novice.
Is it true that I should still specify in my build settings that I'm using Developer ID credentials for my ad hoc development and distribution schemes? And that the proper settings for those should NOT enable hardened runtime or app sandboxing?
Sorry for my intensity here.... It's been 2 weeks since App Review bonked an initial submission with just an "it's broken" reject message, and DTS decided this is not such an emergency that the Developer Forum shouldn't be able to handle it. I'm truly hoping it's so.
Hi,
We are running xcrun staple on our pkg file. It gives the following message
We do not know how to deal with trailer version 9262. Exepected 1
Terminator Trailer size must be 0, not 1737
{magic: t8lr, version: 1, type: 2, length: 1737}
Found expected ticket at 8164385 with length of 1737
Sig Type is RSA. Length is 3
Sig Type is CMS. Length is 3
Package mypkg.pkg uses a checksum of size 20
*The staple and validate action worked!*
However, the command returns with -1 error code.
So, the questions I have are:
What does this return response mean?
Do we consider this as a success of failure scenario (specially because the message "...action worked"
I am getting rejected while notarizing.
{
"logFormatVersion": 1,
"jobId": "123456-123456-123456-123456",
"status": "Rejected",
"statusSummary": "Team is not yet configured for notarization. Please contact Developer Programs Support at developer.apple.com under the topic Development and Technical / Other Development or Technical Questions.",
"statusCode": 7000,
"archiveFilename": "AppName.dmg",
"uploadDate": "2024-07-26T18:51:25.866Z",
"sha256": "a37cd79",
"ticketContents": null,
"issues": null
}
Do let me know how I can configure my team for notarization.
File size is 103 MB. Made in Electron + Vue.
I am using Github Actions for signing and notarizing, but it's been stuck on notarizing for hours. I cancelled and retried but same thing happens. I am using Tauri which is running the notarize scripts.
Here is my main.yml:
name: macOS Build Script
on:
push:
branches:
- 'main'
permissions:
contents: write
issues: write
pull-requests: write
jobs:
build:
runs-on: macos-latest
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Install Rust
uses: actions-rs/toolchain@v1
with:
toolchain: stable
profile: minimal
override: true
- name: Install Node.js
uses: actions/setup-node@v2
with:
node-version: '20'
- name: Install Node.js Dependencies
run: npm install
- name: Build the App
run: npm run tauri build
- name: List build artifacts
run: |
echo "Build artifacts:"
ls -R src-tauri/target/release/bundle/
- name: Create Release
uses: tauri-apps/tauri-action@v0
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
APPLE_CERTIFICATE: ${{ secrets.APPLE_CERTIFICATE }}
APPLE_CERTIFICATE_PASSWORD: ${{ secrets.APPLE_CERTIFICATE_PASSWORD }}
APPLE_SIGNING_IDENTITY: ${{ secrets.APPLE_SIGNING_IDENTITY }}
APPLE_ID: ${{ secrets.APPLE_ID }}
APPLE_PASSWORD: ${{ secrets.APPLE_PASSWORD }}
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }}
with:
tagName: app-v__VERSION__
releaseName: 'App v__VERSION__'
releaseBody: 'macOS build. See the assets to download this version and install.'
releaseDraft: true
prerelease: false
- name: Create Release Manually
if: failure()
uses: actions/create-release@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: app-v0.0.0
release_name: App v0.0.0 (macOS)
draft: true
prerelease: false
id: create_release
- name: Upload Release Asset
if: failure()
uses: actions/upload-release-asset@v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
upload_url: ${{ steps.create_release.outputs.upload_url }}
asset_path: ./src-tauri/target/release/bundle/dmg/mac-app_0.0.0_x64.dmg
asset_name: mac-app_0.0.0_x64.dmg
asset_content_type: application/x-apple-diskimage
Hi,
I am totally unaware of the new notarize mechanism and generally starting to sign my application after having ported it to M2.
I want to distribute the app without App Store - yet.
My application is an open source tool or better a more complex tool for the software development that contains dylibs and frameworks all within an app bundle.
I am using wxWidgets and stumbled upon the build process using install_name_tool temporary for each bundle and probably all libraries that I place into the application bundle to have an @executable_path and not an absolute path.
That works so far, but the notarize tool or better checking it with spctl rejects it.
A further test with spctl --assess or the like, I have the command lost, shows that are resources missing and I have a hint to use @rpath entries to be added.
I am using makefiles and a custom make system where I build up the make commands for each target. I won't modify the rules for each target type, if I could do this in a post build step for all the contents of the app bundle.
I have therefore a shell script that handles that additional task yet until code signing and it looks like as follows:
#!/bin/sh
# Copies together files for the Mac OS X application bundle and created a disk image
export prefix=$1
export VERSION=1.3.4
cp ../../../Database/*.sql wxWrapper.app/Contents/Resources
cp splash.png wxWrapper.app/Contents/Resources
mkdir wxWrapper.app/Contents/Resources/XSLT
cp -R ../../../AppDevelopmentDemo/DynamicApp/XSLT_Templates/include wxWrapper.app/Contents/Resources/XSLT/include
cp -R ../../../AppDevelopmentDemo/DynamicApp/XSLT_Templates/DMFToXMI wxWrapper.app/Contents/Resources/XSLT/DMFToXMI
cp -R ../../../AppDevelopmentDemo/DynamicApp/XSLT_Templates/XMIToDMF wxWrapper.app/Contents/Resources/XSLT/XMIToDMF
cp -R ../../../AppDevelopmentDemo/DynamicApp/XSLT_Templates/lbDMFDataViewModel wxWrapper.app/Contents/Resources/XSLT/lbDMFDataViewModel
cp -R ../../../AppDevelopmentDemo/DynamicApp/XSLT_Templates/lbDMFFixedFormular wxWrapper.app/Contents/Resources/XSLT/lbDMFFixedFormular
cp -R ../../../AppDevelopmentDemo/DynamicApp/XSLT_Templates/TurboVision wxWrapper.app/Contents/Resources/XSLT/TurboVision
cp -R ../../../AppDevelopmentDemo/DynamicApp/XSLT_Templates/wxActiveRecords wxWrapper.app/Contents/Resources/XSLT/wxActiveRecords
cp -R ../../../AppDevelopmentDemo/DynamicApp/XSLT_Templates/wxLua wxWrapper.app/Contents/Resources/XSLT/wxLua
cp ../../../AppDevelopmentDemo/DynamicApp/XSLT_Templates/include/XMISettingsTemplate.xsl wxWrapper.app/Contents/Resources/XSLT/XMIToDMF/XMISettings.xsl
cp -R ../../../AppDevelopmentDemo/DynamicApp/UMLSamples wxWrapper.app/Contents/Resources
mkdir wxWrapper.app/Contents/Resources/toolbarimages
# UGLY! Using environment that also is properly defined while jenkins build is better
cp -R $prefix/lib wxWrapper.app/Contents
cp -R $prefix/plugins wxWrapper.app/Contents/Resources
# How to access them?
cp toolbarimages/*.xpm wxWrapper.app/Contents/Resources/toolbarimages
cp toolbarimages/*.png wxWrapper.app/Contents/Resources/toolbarimages
#cp -R `wx-config --prefix`/lib/lib`wx-config --basename`-`wx-config --release`.0.6.0.dylib wxWrapper.app/Contents/lib
#cp -R `wx-config --prefix`/lib/lib`wx-config --basename`-`wx-config --release`.0.dylib wxWrapper.app/Contents/lib
cp -R `wx-config --prefix`/lib/lib`wx-config --basename`-`wx-config --release`.*.dylib wxWrapper.app/Contents/lib
cp -R `wx-config --prefix`/lib/lib`wx-config --basename`-`wx-config --release`.dylib wxWrapper.app/Contents/lib
cp Info.plist wxWrapper.app/Contents
codesign -f -v -s "Lothar Behrens" wxWrapper.app/Contents/Frameworks/lbHook.framework/Versions/A/lbHook
codesign -f -v -s "Lothar Behrens" wxWrapper.app/Contents/Frameworks/wxJson.framework/Versions/A/wxJson
codesign -f -v -s "Lothar Behrens" wxWrapper.app/Contents/Frameworks/wxWrapperDLL.framework/Versions/A/wxWrapperDLL
codesign -f -v -s "Lothar Behrens" wxWrapper.app/Contents/lib/*
codesign -f -v -s "Lothar Behrens" wxWrapper.app/Contents/Resources/plugins/*
xattr -cr wxWrapper.app
codesign -f -v -s "Lothar Behrens" wxWrapper.app/Contents/MacOS/wxWrapper
#codesign -dvv wxWrapper.app
codesign -f -v -s "Lothar Behrens" wxWrapper.app
#spctl -a -t exec -vvvv wxWrapper.app
#codesign -dvv wxWrapper.app
#codesign -vv --deep-verify wxWrapper.app
# Creating a new diskimage
hdiutil create -ov -size 200m -volname lbDMF-$VERSION lbDMF-$VERSION-`uname -p`.dmg -fs HFS+
sleep 5
hdiutil attach lbDMF-$VERSION-`uname -p`.dmg
# Copy stuff
#mkdir /Volumes/lbDMF-$VERSION/`uname -p`
#cp -R wxWrapper.app /Volumes/lbDMF-$VERSION/`uname -p`
cp -R wxWrapper.app /Volumes/lbDMF-$VERSION
mkdir /Volumes/lbDMF-$VERSION/toolbarimages
cp toolbarimages/*.xpm /Volumes/lbDMF-$VERSION/toolbarimages
cp toolbarimages/*.png /Volumes/lbDMF-$VERSION/toolbarimages
cp ../../../COPYING /Volumes/lbDMF-$VERSION
cp ../../../license-bindist.txt /Volumes/lbDMF-$VERSION
cp ../../../AppDevelopmentDemo/DynamicApp/Doc/ApplicationprototypingDokumentation.pdf /Volumes/lbDMF-$VERSION/
# Copying templates to an accessable place
cp -R wxWrapper.app/Contents/Resources/XSLT /Volumes/lbDMF-$VERSION/
cp -R wxWrapper.app/Contents/Resources/UMLSamples /Volumes/lbDMF-$VERSION/
mkdir /Volumes/lbDMF-$VERSION/.lbDMF
cp -R wxWrapper.app/Contents/Resources/*.sql /Volumes/lbDMF-$VERSION/.lbDMF
cat <<EOF >> /Volumes/lbDMF-$VERSION/Readme.txt
Dear Mac user!
...
Thanks
Lothar Behrens
EOF
rm -rf `find /Volumes/lbDMF-$VERSION -name CVS -print`
hdiutil detach /Volumes/lbDMF-$VERSION
rm lbDMF-$VERSION lbDMF-$VERSION-`uname -p`.dmg.zip
zip lbDMF.dmg.zip lbDMF-$VERSION lbDMF-$VERSION-`uname -p`.dmg
mv lbDMF.dmg.zip lbDMF-$VERSION-`uname -p`.dmg.zip
code-block
Testing the app bundle shows this:
spctl --assess -vvvvv --type execute wxWrapper.app
wxWrapper.app: rejected
origin=Apple Development: Lothar Behrens (********)
I need some help where to insert a proper notary tool command and a proper check before uploading that I can see, if I could do so.
Despite that I haven't had an active developer ID, I have that now and need to setup the Developer ID Distribution certificate into the keychain.
So I plan to add the @rpath values per framework/dylib/so as additional commands into the shell script above.
But how can I best verify for successful usage of notary tool?
Any help?
Thanks,
Lothar
Hello,
For my macOS app,
on Xcode version 15.4 (15F31d)
on macOS 14.5 (23F79)
I follow
Organizer > Distribute App > Direct Distribution, and I get a Notary Error "The operation couldn't be completed. (SotoS3.S3ErrorType.multipart error 1.)"
It's been happening since 3 days.
In the IDEDistribution.verbose.log file I see:
https://gist.github.com/atacan/5dec7a5e26dde0ec06a5bc4eb3607461