User Profile

Hi all,After some trouble, I have managed to get my app signed and notarized. However, when testing the .dmg installer in another computer (running macOS Catalina), it fails to run - the splash screen appears at the beggining and then the app just closes.My app is built on Electron 4.0.6 and uses both Python (backend) and javascript (frontend), which communicate over a websocket (which is initialised in the splashscreen). My app reads and writes files from a folder in Documents (config files) and also reads and saves files through user input. Furthermore, my app performs acquisitions over Bluetooth and USB, and uses the user's location.I have been using the following entitlements (entitlements.mac.plist) for signing entitlements and entitlementsInherit:<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>com.apple.security.cs.allow-jit</key><true/> <key>com.apple.security.cs.allow-unsigned-executable-memory</key><true/> <key>com.apple.security.cs.disable-library-validation</key><true/> <key>com.apple.security.automation.apple-events</key><true/> <key>com.apple.security.temporary-exception.files.absolute-path.read-only</key><true/> <key>com.apple.security.temporary-exception.files.absolute-path.read-write</key><true/> <key>com.apple.security.network.client</key><true/> <key>com.apple.security.network.server</key><true/> <key>com.apple.security.assets.movies.read-write</key><true/> <key>com.apple.security.assets.music.read-write</key><true/> <key>com.apple.security.assets.pictures.read-write</key><true/> <key>com.apple.security.files.downloads.read-write</key><true/> <key>com.apple.security.files.user-selected.read-write</key><true/> <key>com.apple.security.device.usb</key><true/> <key>com.apple.security.device.bluetooth</key><true/> <key>com.apple.security.personal-information.location</key><true/> </dict> </plist>To run the signing I use the following command:./node_modules/.bin/electron-osx-sign dist/MyApp.app --no-gatekeeper-assess --identity="Developer ID Application: COMPANY (#######)" --entitlements=dist/entitlements.mac.plist --entitlementsInherit=dist/entitlements.mac.plistAfterwards, I sign all the files with extension .so, .dylib, .a and .o using XCode command:codesign --sign "Developer ID Application: COMAPNY (########)" \ --entitlements dist/entitlements.mac.plist \ --deep filename \ --force \ --timestamp \ --options runtime;Any clues of what is wrong? Unfortunately I don't know how to gather information on the error that macOS is throwing - I just see my app closing suddenly.Many thanks,Diogo

Hi all,I'm having trouble notarizing my app. It uses python 3.7 for backend and our front-end is supported by the Electron framework. Due to shipping the entire python package with my app (executables, dependencies, etc) , I'm having trouble with the notarization process. I get errors of the type:{ "severity": "error", "code": null, "path": "myApp.zip/myApp.app/Contents/Resources/app/py3/python_osx/lib/libtclstub8.6.a", "message": "The binary is not signed.", "docUrl": null, "architecture": "i386" }, { "severity": "error", "code": null, "path": "myApp.zip/myApp.app/Contents/Resources/app/py3/python_osx/lib/libtclstub8.6.a", "message": "The signature does not include a secure timestamp.", "docUrl": null, "architecture": "x86_64" }, ... { "severity": "error", "code": null, "path": "myApp.zip/myApp.app/Contents/Resources/app/py3/python_osx/lib/python3.7/config-3.7m-darwin/python.o", "message": "The signature does not include a secure timestamp.", "docUrl": null, "architecture": "x86_64" }These errors only appear for all the .o and .a files contained in the shipped python. I have checked and those files are signed with our Developer ID certificate. I verified this using the following command:codesign -dvv path/to/fileI am signing all the executable files (*.dylib, *.so, *.o, *.a and other frameworks) within my .app with the following command:codesign --deep "path/to/file.dylib" --sign "Developer ID Application: Name (Code)" --entitlements entitlements.mac.plist --force --timestamp --options runtimeFurthermore, I am signing my entire app using the same identity, entitlements and with hardenedRuntime.My entitlements file contains the following:<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>com.apple.security.cs.allow-unsigned-executable-memory</key> <true/> </dict> </plist>Any clue on what I am doing wrong?Best wishes,Diogo