I gather codesign --deep
no longer works.
The --deep
option was never a good idea when signing code. See --deep
Considered Harmful.
Do I have to explicitly codesign every file in my .app
?
Yes and no. Every file in your app must be sealed over by your code signature. That does not mean that you must run codesign
against each file. Rather, identify the code items in your app and sign each code item. If the code item is a bundle, that item’s code signature will seal over all the resources in that bundle.
You mentioned notarisation, which suggests you’re targeting the Mac. If so, see the following docs, which explain in detail how to sign Mac code:
Why is it failing now?
Probably because you’re bundle structure isn’t following the rules described in Placing Content in a Bundle. Quoting that doc:
If you put content in the wrong location, you may encounter hard-to-debug code signing and distribution problems. These problems aren’t always immediately obvious.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"