My app was created outside of Xcode but using Python with Pyinstaller. I received no error messages when signing, although the output did mention that
signed app bundle with Mach-O thin
Then I entered the following:
xcrun altool --notarize-app -f /Users/fishbacp/Desktop/Python_May_2021/dist/My_Application_10_7.zip --primary-bundle-id MyID -u fishback.paul@gmail.com -p "@keychain:Python Notarization"
where I've covered up my ID. The file is uploaded correctly but notarization fails. The LogFileURL produces 24 error messages, all indicating a binary was not signed or the signature does not contain a valid timestamp. Here are two examples:
{"severity": "error",
"code": null,
"path": "My_Application.zip/My_Application.app/Contents/Resources/PyQt5/Qt/qml/QtQuick.2/libqtquick2plugin.dylib",
"message": "The binary is not signed.",
"docUrl": null,
"architecture": "x86_64"
},
and
{"severity": "error",
"code": null,
"path": "My_Application_10_7.zip/My_Application_10_7.app/Contents/Resources/PyQt5/Qt/qml/QtQml/WorkerScript.2/libworkerscriptplugin.dylib",
"message": "The signature does not include a secure timestamp.",
"docUrl": null,
"architecture": "x86_64"
}
What's common about all the errors is that the dylib resides in a subdirectory of PyQt5 whose name contains a period. Ben Hagen describes how such a presence of periods can prevent signing and provides a workaround script at https://github.com/pyinstaller/pyinstaller/wiki/Recipe-OSX-Code-Signing-Qt. I used this tool to sign my app. But somehow I need to do something more prior to uploading for notarization.