Thanks for the reply!!!Seems like I will have to go without Growl.framework but I am not able to understand why the static library "libchilkatCocoa.a" gave error "The binary is not signed." even though it was signed.apples-Mac-mini:a engguser$ codesign --verbose=9 --deep --options=runtime --timestamp -f -s 'Developer ID Application: ***' libchilkatCocoa.a libchilkatCocoa.a: replacing existing signature libchilkatCocoa.a: signed generic [libchilkatCocoa] apples-Mac-mini:a engguser$ codesign --verbose=9 --deep --verify libchilkatCocoa.a libchilkatCocoa.a: valid on disk libchilkatCocoa.a: satisfies its Designated RequirementBTW, I have observed that all the non-executable files including static files lose their signature when zipped and unzipped. Is this expected behavior? any comments on this?apples-Mac-mini:lib engguser$ zip libchilkatCocoa.zip libchilkatCocoa.a adding: libchilkatCocoa.a (deflated 69%) apples-Mac-mini:lib engguser$ rm libchilkatCocoa.a apples-Mac-mini:lib engguser$ unzip libchilkatCocoa.zip libchilkatCocoa.a Archive: libchilkatCocoa.zip inflating: libchilkatCocoa.a apples-Mac-mini:lib engguser$ codesign --verbose=9 --deep --verify libchilkatCocoa.a libchilkatCocoa.a: code object is not signed at all apples-Mac-mini:lib engguser$

Hi,Sorry for the late response. Let me clear my scenarios if it sounded ambiguous in the first place.1. Get A.pkg successfully notarized with a warning "The binary uses a SDK older than the 10.9 SDK.” for a file(say SampleFile).2. Create B.pkg with A.pkg bundled in it (A.pkg treated as a file).3. Notarize B.pkg. The notarization fails with severity error for a file(SampleFile) that was originally reported with a warning in step 1.Anyways, I was able to successfully notarize B.pkg by resolving all the warnings of A.pkg and bundling A.pkg which was notarized without any warnings/errors.A.pkg is our new product and B.pkg is our legacy product. I need to bundle A.pkg in B.pkg until B.pkg is completely deprecated.Regards,Nilesh

I am using a program written in golang to replace the existing file. I tried with mv and cp command and it worked fine as mentioned by you.Perhaps I was wondering if there is a way I could clear codesign cache of the binary before replacing it rather than renaming it and moving the new file or is there any better/correct way to do this.Thanks in advance!!!

Not sure if it would help you but I was facing the same issue and observed that you will get 'rejected' status by 'spctl install' for notarized package if it was not downloaded from Apple app store and “App Store“ option is selected in the “Security & Privacy“ section of “System Preferences…”, 'spctl install' will result in 'accepted' status if you change it to “App Store and identified developers“.