I am making the switch from altool to notarytool and I've run into a brick wall trying to submit our app zip. It is created using ditto -c -k --keepParent "path-to-app" "path-to-zip"
On submission I get:
Error: <app-name>.zip must be a zip archive (.zip), flat installer package (.pkg), or UDIF disk image (.dmg)
Absolutely baffled by this.
Weird. This is working for more. Given a notarisation-ready Test718887, I was able to notarise it like so:
% ditto -c -k --keepParent Test718887.app Test718887.zip
% xcrun notarytool submit CREDENTIALS Test718887.zip
Conducting pre-submission checks for Test718887.zip and initiating connection to the Apple notary service...
Submission ID received
id: 746de7de-4ec9-4bbc-9cac-f982cc3b90ae
Upload progress: 100.00% (28.0 KB of 28.0 KB)
Successfully uploaded file
id: 746de7de-4ec9-4bbc-9cac-f982cc3b90ae
path: /Users/quinn/Desktop/Test718887 2022-10-31 10-01-15/Test718887.zip
% xcrun notarytool info CREDENTIALS 746de7de-4ec9-4bbc-9cac-f982cc3b90ae
Successfully received submission info
createdDate: 2022-10-31T10:01:51.197Z
id: 746de7de-4ec9-4bbc-9cac-f982cc3b90ae
name: Test718887.zip
status: Accepted
where CREDENTIALS is a placeholder for my notarisation credentials.
Please test these specific commands, replacing Test718887 with your app name, and post the results.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
Thanks for replying. Yeah I ran your exact commands and got the same result.
So I decided to try exactly what you did and create a dummy TestApp MacOS app using XCode. This one I could submit using notarytool so there is something specifically different about the zip that I have created for my actual app. Could it be the size of the zip? My app zip is 4.38GB. The app itself is created using Unity (il2cpp compilation)
Could it be the size of the zip?
I think that’s it. Historically there have been 32-bit limits on zip archives. These were fixed with ZIP64 but it’s possible that notarytool didn’t get the memo.
To test this I created a 4.3 GB file full of random numbers:
% dd if=/dev/random of=random.dat bs=1024 count=4199218
I added it to my app and then resigned it.
% mv random.dat Test718887.app/Contents/Resources
% codesign -s "Developer ID Application" -f -o runtime Test718887.app
I then zipped and notarised it as above. This time around, I saw the error you’re seeing:
% notarytool-submit Test718887.zip
Conducting pre-submission checks for Test718887.zip and initiating connection to the Apple notary service...
Error: Test718887.zip must be a zip archive (.zip), flat installer package (.pkg), or UDIF disk image (.dmg)
Note notarytool-submit is an alias that expands to xcrun notarytool submit CREDENTIALS.
That seems kinda wonky to me and I recommend that you file a bug about it. Please post your bug number, just for the record.
As to a workaround, that depends on the final distribution plan for you app. Do you intend to distribute it to your users as a zip archive? Or perhaps on a disk image?
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
I have posted this as a bug to the Feedback Assistant. Bug number is FB11752328
We are having the same problem. Since altool notarization will be removed this fall we need a functional workaround soon. In our case the only reason we zip our .app is to send for notarization because altool and notarytool don't accept .app. We distribute only an installer which pulls/updates the .app from our servers. So what is the solution/workaround now? What's the status of the bug report anyway? The link provided above doesn't work for me (feedback not found).
Ok, just found another thread which actually provides functional workarounds:
https://developer.apple.com/forums/thread/727123
Replacing ditto with zip works for us. For anyone considering doing the same please read the other thread as it contains additional infos which may be important in other cases.