Post

Replies

Boosts

Views

Activity

Notarization seems to succeed but installer has issues
It seems like something changed in the notarization in the last few days. I'm running the same build script that creates and notarize a DMG that contains a PKG with 4 plugins. Everything is signed correctly. No error anywhere in the notarization process. Checking the status of the notarization, I get this: Status: success Status Code: 0 Status Message: Package Approved Stapling returns this: The staple and validate action worked! Yet, if I check the PKG inside with this command: spctl -a -vvv -t install I get this output: .pkg: rejected source=Unnotarized Developer ID origin=Developer ID Installer: My Company This project was perfectly working a few weeks ago, and we have not changed a thing. Checking the notarization log, the only issue I see is this: "issues": [ { "severity": "warning", "code": null, "path": "Archive.dmg/Installer.pkg", "message": "This archive is corrupt, and cannot be unpacked for analysis.", "docUrl": null, "architecture": null } ] But this warning is also present in past DMG/PKG thatare notarized and work as they should. Another difference from previous logs is that I can only see one item in ticketContents, which is the DMG, while previously I could see two, both the DMG and the PKG.
1
0
962
Jan ’22