I have a Mac app that was accepted to the App Store when I built it using Xcode 13 (with code signing set to automatic, just like I do now), but with Xcode 14.2 I keep getting mails with ITMS-90288: Invalid Code Signing Entitlements and TMS-90286: Invalid Code Signing Entitlements, two very similar errors for each embedded dynamic library.
The exact wording is this:
TMS-90288: Invalid Code Signing Entitlements - The entitlements in your app bundle signature do not match the ones that are contained in the provisioning profile. According to the provisioning profile, the bundle contains a key value that is not allowed: '(My team id).' for the key 'com.apple.application-identifier' in 'Spatterlight.app/Contents/Frameworks/libc64diskimage.dylib'
ITMS-90286: Invalid Code Signing Entitlements - Your application bundle's signature contains code signing entitlements that are not supported on macOS. Specifically, value '(My team id).' for key 'com.apple.application-identifier' in 'Spatterlight.app/Contents/Frameworks/libc64diskimage.dylib' is not supported. This value should be a string starting with your TEAMID, followed by a dot '.', followed by the bundle identifier .
The post https://developer.apple.com/forums/thread/710598 seems to indicate that dylibs shouldn't have entitlements at all, but apparently Xcode is adding them anyway, making the app unacceptable to the App Store.
How do I fix this?
This was solved in a reply on Stackoverflow (https://stackoverflow.com/questions/75422505/how-to-prevent-xcode-from-adding-malformed-entitlements-to-my-dylibs/75422519#75422519), which seems to be written by ChatGPT of all things. The problems seems to have been that my dylibs didn't have any .entitlements files. I created new ones, and in the review shown by Xcode before submitting the app, it seems as if the entitlements in them were stripped, which makes sense if dylibs are not supposed to have entitlements. What makes less sense is that they need entitlements files.
