Closed mattia closed 3 years ago
google-oss-bot
commented
4 years ago I found a few problems with this issue:
mattia
commented
4 years ago Forgot to mention: the upload-symbols used is from the master branch as of today
adamvduke
commented
4 years ago Hi @mattia,
Can you provide the output of codesign -dv --verbose=4 ./MyProject/Firebase/upload-symbols?
mattia
commented
4 years ago Executable=/Users/mattia/MyProject/Firebase/upload-symbols
Identifier=$(PRODUCT_BUNDLE_IDENTIFIER)
Format=Mach-O thin (x86_64)
CodeDirectory v=20200 size=2364 flags=0x0(none) hashes=66+5 location=embedded
VersionPlatform=1
VersionMin=657920
VersionSDK=658944
Hash type=sha256 size=32
CandidateCDHash sha1=f8676d7245e0e8b17f384593adbc98a9b3bc89a1
CandidateCDHashFull sha1=f8676d7245e0e8b17f384593adbc98a9b3bc89a1
CandidateCDHash sha256=6b411fadc47682444c2d4468cb49968a2f055964
CandidateCDHashFull sha256=6b411fadc47682444c2d4468cb49968a2f0559641a91d80158aae3aa4294a02f
Hash choices=sha1,sha256
CMSDigest=66d8c4b5d01277dfca312a330a3a427c062fccea69b12d4fe7489e67e7dcd42b
CMSDigestType=2
Page size=4096
CDHash=6b411fadc47682444c2d4468cb49968a2f055964
Signature size=4707
Authority=Developer ID Application: Crashlytics, Inc. (L8VKXC2S77)
Authority=Developer ID Certification Authority
Authority=Apple Root CA
Signed Time=31 Mar 2020 at 20:36:45
Info.plist entries=8
TeamIdentifier=L8VKXC2S77
Sealed Resources=none
Internal requirements count=1 size=220Can I provide additional information to help the process?
Thanks! Have a nice day
adamvduke
commented
4 years ago Do you mind sharing your installation method, e.g. CocoaPods, Swift Package Manager, manual zip download, etc...?
Edit, I see from the initial report that it is through Carthage.
samedson
commented
4 years ago Hey @mattia, based on that output, upload-symbols is codesigned (which is expected). I think ultimately we need to take the next step and Notarize the tool for macOS to accept it via Carthage / zip downloads. With Cocoapods it seems to be ok with just a signed binary.
I'll let you know when we pull the work to get it Notarized.
mattia
commented
4 years ago Thank you!
elenadoty
commented
3 years ago Just a quick update on this: we've pulled this work and should have an update on the expected timeline within the next few weeks.
mattia
commented
3 years ago Just a quick update on this: we've pulled this work and should have an update on the expected timeline within the next few weeks.
Looking forward to the update!
Thanks! Have a nice day
TofPlay
commented
3 years ago “upload-symbols” can’t be opened because Apple cannot check it for malicious software.
Same issue for me I need to upload symbols from an xcarchive bundle (generated with Xcode build archive) Any update about this ticket?
Kondamon
commented
3 years ago “upload-symbols” can’t be opened because Apple cannot check it for malicious software.
Same issue for me I need to upload symbols from an xcarchive bundle (generated with Xcode build archive) Any update about this ticket?
Same issue for me! Any progress on this ticket?
adamvduke
commented
3 years ago I created https://github.com/firebase/firebase-ios-sdk/pull/7323 which updates the upload-symbols binary to hopefully avoid the security alert. The binary is signed with Google's developer certificate and has been notarized via Apple's notary service.
I will leave this ticket open until the PR is merged and folks have a chance to verify that this solves the issue.
adamvduke
commented
3 years ago Seems like this is resolved for the folks that were participating in the conversation.
Carthage[REQUIRED] Step 2: Describe the problem
Running the
upload-symbolsscript trigger a Gatekeep alert and does not allow to continue. Alert shows:This problem can be avoided by allowing the
upload-symbolsscript in the security pane of System Preferences, but I don't think this is a good approach/solution. I think that signing/notarizing the script should get rid of the problem.Steps to reproduce:
Run