Because our app has a Plugin system, I am trying to release a version that has both
com.apple.security.cs.disable-library-validation entitements enabled (along with further entitlements).
The disable library validation entitlement has been added to my entitlements file, and I have set CODE_SIGN_INJECT_BASE_ENTITLEMENTS = YES in my xcconfig file for both Release and Debug configurations.
My codesigning settings are as follows:
CODE_SIGN_IDENTITY = Developer ID Application
DEVELOPMENT_TEAM = WUxxxxx46
CODE_SIGN_STYLE = Manual
I'm creating the archive as follows:
xcodebuild -workspace S.xcworkspace -scheme S -sdk macosx -configuration Release archive -archivePath S.xcarchive -derivedDataPath ddd -xcconfig S/Configs/Final.xcconfig
However when I run codesign on the resulting app, the get-task-allow entitlement is not present.
codesign -d --entitlements :- S.xcarchive/Products/Applications/S.app/
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
If I add -showBuildSettings to the end of my xcarchive line, the output there does confirm that CODE_SIGN_INJECT_BASE_ENTITLEMENTS is set to YES.
I've also had a look at the xcent file in the Intermediate build phase directory and get-task-allow isn't there either.
Can anyone provide any insight as to what I'm doing wrong please?