Bundle ID Mac AppStore and non Mac AppStore - macos

I'm releasing my Mac app both on the Mac AppStore and from my Online Store. I'm wondering if I should have the same bundle id for both or a different one?

There is nothing bad in the same bundle ids. Sandboxed apps and non-sandboxed are linked to a different paths. If you sign your online store app with Developer ID (which is definitely worth of) and use sandboxing in both distributions - there will be almost no difference.

Related

Distributing Mac app outside App Store. How should I sign it?

I have a Mac app which can't be sandboxed due to using Apple Events and therefore it can't be released through the Mac App Store.
I've made a website, added a payment gateway and everything seems to be ok but I keep getting feedback from testers who can't open the app even with the right mouse button method.
First it was the raw app from Xcode without any kind of signing, after that I tried exporting after archiving using my developer certificate, the I even notarized the app with Apple but still there are people who can't open the app (even though they was able to use it before signing).
Currently I'm using the Mac App Distribution certificate (no provisioning profile). Is this correct? Should I use "Mac Installer", "Mac developer", "Apple developer", "Apple distribution"… why is this so confusing?
You should use the Developer ID Application certificate to distribute a Mac app outside the Mac App Store that does not use an installer. Most Mac apps do not use an installer.
Apple provides a decent explanation of the different certificates when you create a new certificate from Apple's Certificates, Identifiers, and Profiles page. To keep people reading this from having to go there, I'll explain them now.
The Developer ID Installer certificate is for distributing Mac apps outside the App Store that use an installer to install the app.
The Mac Development certificate is for signing development versions of a Mac app.
The Mac App Distribution certificate is for distributing a Mac app on the App Store that does not use an installer. The Mac Installer Distribution certificate is for distributing a Mac app on the App Store that uses an installer.
In Xcode 11, Apple added the Apple Development and Apple Distribution certificates so people could sign their apps for all Apple platforms with one certificate. These certificates are for apps that will end up on the App Store.

Is notarization necessary for Mac App store release?

Is it necessary to notarize app before uploading to Apple App Store? I come across some article says that notarization is needed for non-app store distribution, while apple will run notarization before approving an app store version.
Anyone can confirm?
The reason I ask this question is because I notarized the app for outside Mac App Store distribution and it works fine. For the Mac app store build, I can upload and distribute it and it works fine on Mac, only have issue on Catalina(beta) when user try to open, see attached pic. Wonder if it's related to notarization.
Update: the issue was not due to notarization, but due to code signing. One of the node binary is not signed before uploading to MAS, maybe Catalina has a more strict rule checking it.
No, it's not required. Apps downloaded from the app store are not notarized. You can verify it using spctl command.
spctl -a -v /Applications/Pages.app
/Applications/Pages.app: accepted
source=Mac App Store
Gatekeeper will check notarization only if the app is downloaded from outside the App Store.
From Safely open apps on your Mac
When you install Mac apps, plug-ins, and installer packages from
outside the App Store, macOS checks the Developer ID signature and
notarization status to verify that the software is from an identified
developer and that it has not been altered.
Notarization is only required for distribution outside the Mac App Store. See Distribute outside the Mac App Store (macOS), which says:
In some cases, you may want to distribute an app outside of the Mac App Store [...] Users gain additional assurance if your Developer ID-signed app is also notarized by Apple.
The macOS User Guide has this to say:
App Store: [...] All the developers of apps in the Mac App Store are identified by Apple, and each app is reviewed before it’s accepted
App Store and identified developers: [...] Identified developers are registered with Apple and can optionally upload their apps to Apple for a security check. If problems occur with an app, Apple can revoke its authorization.

Distributing Mac App via Mac App Store and Own Website

I want to distribute my Mac App on both Mac App Store and my own website. The Mac App Store app will be signed via the Mac App Distribution certificate from Apple and the Website version will be signed via the Developer ID Application certificate. The website version will be distributed as a simple MyAppName.zip file that lets the user unpack MyAppName.app to where ever the user wishes. My app is a document based app that creates documents with extension .mydoc
I have two options to implement such a scenario.
First, and my preferred method is to have same bundle identifier for both apps. If a user tries to install from MAS first and then website; Will both apps live on my Mac without any issues? If a user installs the website version first, and then tries to install from MAS, how will MAS behave? How is it decided that which app will open my document by default?
Second, I use different bundle identifier for the apps on MAS and my website. Essentially they are different apps and I don't like this because it is confusing for a user because the apps look and behave exactly the same. In this case, how is it decided which one of the apps will open my document by default?
If a user tries to install from MAS first and then website; Will both apps live on my Mac without any issues? Answer: YES
If a user installs the website version first, and then tries to install from MAS, how will MAS behave? Answer: MAS will ask user that there already exists a version and if it should be kept.
How is it decided that which app will open my document by default? Answer:
Launch Services documentation says the the behavior is not determinate. So either one will open.
Second, I use different bundle identifier for the apps on MAS and my website. Essentially they are different apps and I don't like this because it is confusing for a user because the apps look and behave exactly the same. In this case, how is it decided which one of the apps will open my document by default? Answer:
Launch Services documentation says the the behavior is not determinate. So either one will open.

Best way to distribute sandboxed Mac apps to beta-testers

I would like to send out beta versions of my Mac app (which solon Will be sand boxed) to testers. What's the best way to do that?
I can't use new Mac OS X server for this since I don't have an extra Mac to spare.
Normally for iOS I would use TestFlight. But how about Mac, can I use HockeyApp.com? I don't think I can upload sand boxed versions to HockeyApp, right?
You can use HockeyApp with sandboxed OS X apps. Just upload your .app.zip through the web UI or your .xcarchive with HockeyMac. HockeyApp detects the provisioning profile and asks testers do download it before the .app. You can collect the Mac UUID through HockeyApp too.
If you want to provide in-app updates, please follow this tutorial and make sure to use the Sparkle branch that supports sandboxing:
http://support.hockeyapp.net/kb/client-integration/hockeyapp-for-mac-os-x#beta-distribution

Must I used my developer account when downloading Xcode from the App Store?

Regular distributions of Xcode are now available exclusively from the OS X App Store, but (like many, I expect) my App Store account and developer accounts use different Apple IDs. All my previous installations of Xcode have used my developer account, and I also wonder if there are critical parts of the Xcode configuration (e.g. provisioning profiles, etc.) that rely on Xcode having been installed using the developer Apple ID.
Are there any undesirable consequences to simply installing Xcode from the App Store using my personal account? Or, should I (can I, must I) log in to the App Store using my developer Apple ID instead?
You can use whatever Apple ID you want to download Xcode from the Mac App Store. There's nothing special about what it downloads. You'll need to log in to the developer portal though to download beta versions.
You can download Xcode (and lots of other stuff) from Apple's developer downloads website.
I very much doubt, therefore, that it matters whether you got it from the Mac App Store or not.

Resources