I'm working on an Electron app, with Finder Sync extension.
When application is code-signed, but not notarized, everything works excelent. When I add the notarization process, no errors or warnings are shown during the process, but the extension does not start at all.
What exaclty are the requirements, when distributing extensions within app, so that the extension works after notarization?
What I have done/tried so far:
- The .appex file is added to the PlugIns folder in build process
- Tried code-signing the .appex before the build, then notarizing, but extexsion still does not start.
- Tried force code-signing it in the build process.
- Even tried not signing it at ll -> Notarization passed with no issues. Still .appex not running.
- Hardened runtime is enabled.
Questions:
- What actually should be the extension AppID? Apple documentation for Finder Sync Extension says "Be sure to use the same identifier for both the Finder Sync extension and the containing app" but in a notarization document it said they should be the same?
- Is it the fact that I'm not adding app group that's breaking it? When not notarized, this does not seem to be a problem.
Thanks in advance.
Related
I am attempting to upload a macOS binary to the Mac App Store via the Xcode Organizer.
I get an "Upload failed" error with the message:
App Store Connect Operation Error
ERROR ITMS-90276: Missing Bundle Identifier. The application bundle contains a tool or framework workflow [com.company.AppName.pkg/Payload/AppName.app/Contents/Resources/Resources/Scripts/workflow.workflow] that is missing the bundle identifier in its Info.plist file.
My app bundle contains AppleScript.scpt, ShellScript.sh, and workflow.workflow scripting files.
What kind of scripts need Info.plist and Bundle Identifiers for signing? How can I get past this error?
Apple requires that all bundled executables be code signed
What to Code Sign
You sign all the individual components of your app, leaving no gaps, including:
Nested code. First, you recursively sign all of the helpers, tools, libraries, frameworks, and other components that your app relies on, and that are bundled with your app.
https://developer.apple.com/library/archive/documentation/Security/Conceptual/CodeSigningGuide/Procedures/Procedures.html#//apple_ref/doc/uid/TP40005929-CH4-SW2
In this case, the workflow.workflow Automator Workflow bundle is failing code signature because it is missing a Bundle Identifier in its existing Info.plist.
I added the lines:
<key>CFBundleIdentifier</key>
<string>com.company.AppName.SampleWorkflow</string>
after adding the BundleID, the Xcode Organizer signs and uploads to the Mac App Store without issue.
I can't figure out why archive/macOS folder archive doesn't get signed by install4j even when it's instructed to "Sign macOS media files" in general settings. Looking into the logs during the build I do see that DMG gets signed.
The signing certificate is good because I've got another app signed without problems, the only difference is that media is installer/macOS folder. So it signs the DMG and doesn't sign the app folder inside? What's the point? I must be missing something.
I am trying to achieve a very simple flow for the user - click on dmg, drag the app archive to the Applications and click to run. No installers needed. It works great until the dmg gets downloaded from the internet, Mac decides that it's dangerous because there is no developer signature and fun begins... How do I make this signature with install4j?
Any help is greatly appreciated.
(install4j version is 6.1.6)
I am trying to achieve a very simple flow for the user - click on dmg, drag the >app archive to the Applications and click to run.
Then use the macOS single bundle archive and not the macOS folder installer.
So it signs the DMG and doesn't sign the app folder inside?
No, both the DMG and all generated launchers are signed by install4j for the macOS folder installer.
Note: For macOS 10.14, you will need install4j 7.0.6+ otherwise the signature is reported as invalid.
Update after discussion in the comments:
In your case, the executable is a shell script. For mach-o binaries, the codesign tool on macOS saves the signature directly inside the binary, for non-mach-o binaries, it saves extended HFS+ attributes of the file Info.plist. These extended attributes would not be picked up by install4j even if you build on macOS, they will be lost at runtime and the signature will be invalid.
I'm afraid that the only way forward is to use a generated launcher.
When I build share extension from Xcode for the real device, Xcode arbitrarily stop debug. But when I launch for simulator, the problem does not occur.
Environment
Xcode 7.1.1
iOS 9.1
Details
When I build share extension, Xcode shows "Finished running MobileSafari.app on iPhone", but Safari does not run. And, The square stop button is arbitrarily gray. So, I launch Safari by myself and choose my extension and post. The debug section does not show anything. Also, URL request is not sent Rails server.
This is the picture when I build the share extension for the real device.
I do not know why the real device can not launch share extension at Xcode.
If anyone know the answer about this problem, please tell me.
Typically you can debug a share extension by going to Debug -> Attach to process or PID and entering the name of your share extension. From there you can open the share extension on your device or simulator and Xcode's debugger should attach and hit breakpoints correctly. However, I've noticed that log messages do not show up when doing this, nor do values populate for variables in the debugger view.
Here's how I got the debugging to work correctly. Run the share extension scheme. When it asks you what app to run, chose 'Photos' (because that's the app your extension will operate in). The Photos app will then launch on your device and you may proceed to use your extension. The debugger in Xcode should then work as expected.
I encountered this issue as well, though unfortunately I don't know the exact solution, maybe I can offer some information that might be helpful.
I (like you, judging by your screenshot) was using Cocoapods, and Cocoapods was copying resources from the pods into the bundle of the app extension after it was code signed. If memory serves, this was interfering with the code signing in some way, and therefore preventing the app from running under the debugger.
I believe that one of the symptoms of this was that logs appeared in the mac's console (or the device's console, can't remember which) saying something about "blasting onto the device using the old skool[sic] method."
You could confirm that this is the case by removing Cocoapods from your project, or any pods that require resources to be copied after compilation. I believe that the solution was to add some kind of special build phase to the extension project to copy the bundle resources, and disabling whatever Cocoapods uses by default.
As a temporary solution, I believe that deleting your app from the device should allow you to attach the debugger once, on the run where the app is installed for the first time. You might also try deleting derived data for your project.
I can't seem to get my Today widget (or any extension for that matter) running in the Widget Simulator. The simulator launches and says "Couldn't Open Widget" along with
Failed to find Widget /Users/SomeUser/Library/Developer/Xcode/DerivedData/Build/Products/Debug/MyApp.app/Contents/PlugIns/MyApp.appex
I looked in Console app and I see this as well:
pkd[299]: ignoring mis-configured plug-in at /Users/SomeUser/Library/Developer/Xcode/DerivedData/Build/Products/Debug/MyApp.app/Contents/PlugIns/MyApp.appex: plug-ins must be sandboxed
But it is sandboxed in xcode! It's codesigned, sandboxed and the lot. Even if I try and deploy it on a new machine (registered as a developer machine with my developer provisioning profile), the widgets don't even show up in System Preferences.
Any idea what I need to do?
Okay finally found the problem. I was codesigning my app by hand (which had never been a problem before) since I had an intricate set of frameworks the app relied upon, and needed to hand copy them using a Copy / Runscript post-build script. Any way, it seems starting Xcode 7 at least, this no longer works as expected. The app works and codesign says the app has been signed correctly, but clearly something is happening behind the scenes that's breaking the codesignature. I ended up removing all my manual codesigning stuff and simply using Xcode's 'Copy Framework' post build step and checked 'Sign on Copy'. It's now finally working as expected.
I couldn't stop building & codesigning by hand, so I looked into Xcode build logs and found the difference :) in my case, I just added -fapplication-extension to compiler & linker flags, now it works!
Based on strangetimes's answer here a little more detailed answer:
First select your project and then your App Target (not the extension)
Then click on Build Phases, then on the top navigation on Editor,
here select first Add Build Phase and lastly click on Add Copy Files Build Phase.
That's it. Build again using the Widget Simulator and it should work now.
I ran into problem with testing my app on iOS and Xcode when I am uploading it to my actual devices (iphone and iPad), and I'm wondering if someone knows the issue and can help me out:
Normally when I build my app on my devices, the app is installed and launched on my devices. But as I am preparing for submitting my first app I was testing around and changing the Bundle Identifier, App ID, and Development Provisions (so the issue may have something to do with it), and now, when I try to build my app on my devices, although it's installed on my devices fine, Xcode will not launch the app anymore. Instead, I got this error message:
Error Starting Executable.
Error launching remote program: No such file
or directory.
Does anyone know what the issue is? And What is this derived data folder about?
Much thanks!
I have also faced that problem. I have closed, restarted Xcode; deleted the application from device and reinstalled it again, then the problem has gone.
Running App from a Clean Slate
For me the problem did not resolve until I did the following in this order:
Delete the app from the device (Do this before trying to debug again)
Quit XCode (Don't just close the project)
Delete the app build folder (example path: /Users/myusername/Library/Developer/Xcode/DerivedData/MyProject-fhkaamuyvqhubaezinqbmxbnaufd/)
Restart XCode
Finally -- Try debugging again on the iOS device
The app build folder of step 3 refers to your app's build folder that is a child of "DerivedData". To find this you can reveal your app in finder, then backtrack until you get to "DerivedData" folder and delete the folder above that like "MyApp-crazylongweirdletters". Without this step (3), I could not debug, so this is a critical step and you must quit XCode before you do this step.
For some it appears simply restarting XCode does the trick, but not for me.
I only post this answer because the earlier answers did NOT work for me. Hopefully others banging their heads will find this and get a sigh of relief. :)
Notes:
The issue started happening for me when I modified the bundle id of the app.
My code signing is and was correct. My provisioning profile was the "Team Provisioning Profile" which should work for any app id (default for "iPhone Developer" automatic profile selector).
I was doing a DEBUG build (not release / distribution).
You cant debug (start from Xcode) an application signed with a distribution profile if I remember well... And then you get such messages, gdb failling to attach to process.
I finally found my error!
I was playing around with my info.plist file, and I changed the Executable Name and Bundle and Bundle Display name! As soon as I changed those back to the Defaults (EXECUTABLE_NAME, PRODUCT_NAME, PRODUCT_NAME respectively) it worked perfectly.
Delete the app from the device (tap-and-hold then delete) and try again.
For me, none of those worked. Same error, but different solution.
My problem was cause by me accidently changing the "Deployment Target" (ios version) to a version higher than what was on the phone I tried to run the code on.
The fix was simple - drop the deployment target to below or equal to the ios software version on my phone :)
I got the same error by not having my code signing correct.
Go to your project > Targets > Build Settings > Check code signing for debug state.
I stumbled upon this as a solution to another issue whch was a warning when trying to build an app on a new 4.3.5 device.
If i set the profile to distribution I do not get a warning message when building the app, but the debugger will attach to the device.
If i set the code signing to the distribution profile, i get no warnings in the build process, but the debugger will not attach. So the answer above about being signing based seems to be correct. This might also only be an issue on newer 4.3.5 devices with xcode
Product -> Clean in the menubar
This error some times happen due to incomplete "Restore" or "Sync" process of your device which keeps the .app files locked up.
What I did I had to jailbreak my device to go find the app under /User/Applications/XXXXX-XXXX-XXX/ and phisically delete the .app
For one of the apps it worked and for other one I realized it just does not run GDB automatically so the error message is totally misleading, so I set the GDB to manual and it worked and did not give me that error, but of course I have to run the app manually for the debug session to start.
It also may have required some other stuff that I did before like checking the provision profile, but this was the last step that made it work.
Before this I tried all the solutions did not work for me, and obviously simply deleting the app by holding down your finger on the screen did not work, as it removed the icon but all the files were still there. ( Since it was a development app not a downloaded App Store app )
had same problem,
quit the XCode...delete app from device...run the program again..
i solved that way..one of my friends had to restart the device.
I have the same problem. I solved it by changing the project's directory name and then launching the app again.
I had this problem on a recently restored device where my in-development apps had not been reinstalled—they were showing up on Springboard as "Waiting" to be downloaded from the App Store. Deleting the app from Springboard fixed the problem.
I've faced this issue since yesterday on two different devices, both iOS 4.x. Deleting the DerivedData folder, deleting the app, restarting the Xcode, and cleaning the code did NOT work. Repeating all the steps, in addition to rebooting the device fixed it for me.
Here I am posting an update to the issue. Might be helpful for someone with the same problem. I have Xcode 4.4 and launched it on a device with iOS 5.0 . If Xcode doesnt have the 5.0 simulators