I code signed having gotten rid of the --deep argument, just removed it and proceeded with the same commands. It made it through the code signing and uploaded OK but was not notarized. The feedback is code 2 package invalid.. not much feedback. I don't know what it means. The program I'm trying to code sign is an app written in Omnis Studio, a programming language that is interpreted. So you notarize the Omnis application with your stuff inside it in a certain folder in the bundle structure. Note again that I notarize with --deep on Catalina in Xcode 11.4 no problem. I have not been able to do it in Mojave or Big Sur with other versions of Xcode... only that one specific grouping. "Invalid package" is so generic I don't know if that can give me any real direction to work on. I will just keep my Catalina VM and do it that way for now. It is sad that I need to keep it just for this and for how long.. will that go on.. there are many others who need to notarize Omnis applications.. they are doing it for the most part, but we all have the same bundle structure and in most cases it is working. I don't know what my problem is. -Das Goravani, small developer solo, thanking you for your input.
Das Goravani
Users receive reputation points by contributing quality content to the forums.
Posts include post and replies published on the forums.
Post authors can mark replies as Accepted to indicate successful solutions.
Apple Developer Forums admins can mark replies as Apple Recommended to indicate an approved solution
Last seen
User for
Post
Replies
Boosts
Views
Activity
Omnis Inc. controls the bundle structure. I have no idea if it's standard or compliant. I just notarized my app on Catalina and Xcode 11.4 command line tools etc. So I am still able to notarize on Catalina VM with 11.4. I tried again on BigSur and 12.5.1 Xcode and got the "detritus" error again on the code signing attempts. Because of Catalina, I feel that the commands I have down on my cheat sheet are correct (I posted some of them above). I was having trouble notarizing a pkg that simply has four fonts in it.. it's part of my final dmg package, I figured I needed to notarize it separately first as it sits as a pkg at root level in my final dmg.. so it won't notarize when I notarize the dmg.. and I was able to notarize this pkg by itself once I found input from Apple about the command "product sign".. I didn't know about that command.. it worked to sign that pkg and it notarized (on Catalina with 11.4) So it seems I am stuck with my Catalina VM for now.. must keep it so that I can notarize. On BigSur with 12.5.1 I use the same commands as from Catalina.. I have them typed out on a text file, I copied that over to BigSur and am using the exact same commands that work on Catalina, and on Big Sur, it seems that the code signing commands are themselves inserting detritus.. because I do the stripping of xattrib -cr, and then I check and indeed all detritus is stripped.. then I code sign the bundle deep.. I know you said not to, but my original working on Catalina commands go deep.. after doing that code signing I try signing again just at the top of the bundle itself, with a command that works on Catalina, and on Big Sur it says "Detritus..." and the only thing I did since stripping the detritus is run that deep code signing.. then there's detritus again.. and I can't go on.. get stuck in a loop.. I wish I could code sign on BigSur so that I could dump that VM but alas, so far it's not in the cards. Thank you Matt for your help.. it was helpful.. I will refer back to it if I approach this again..