Notarization

[cannonsmith]

Hi Miyako, Could you update this plugin so that it works with notarization, as you've done with other ones? It is causing my app to not notarize. Thank you!

[miyako]

is this one not working for you?

https://github.com/miyako/4d-plugin-file-information/releases/tag/2.0.0

[cannonsmith]

Yeah, that is the one I've been using. I noticed you updated it just a couple days ago so I was surprised it didn't work. I just re-downloaded it in case I made a mistake and tried again. Here is the response from Apple: { "logFormatVersion": 1, "jobId": "5546059e-2751-4ff8-b2b6-faf5e604df6c", "status": "Invalid", "statusSummary": "Archive contains critical validation errors", "statusCode": 4000, "archiveFilename": "616394B22C0F4912850B8D039FA042BA.zip", "uploadDate": "2020-03-12T02:25:36Z", "sha256": "33e5d25dfbbd15e2d3890fbf65a072d7f8e90ce4fbd5a6cd71e7051f9236ade4", "ticketContents": null, "issues": [ { "severity": "error", "code": null, "path": "616394B22C0F4912850B8D039FA042BA.zip/Fusion Installer.app/Contents/Plugins/File Information.bundle/Contents/MacOS/File Information", "message": "The signature of the binary is invalid.", "docUrl": null, "architecture": "x86_64" } ] }

[cannonsmith]

Ugh, sorry about the formatting. Let me try again:

{
  "logFormatVersion": 1,
  "jobId": "5546059e-2751-4ff8-b2b6-faf5e604df6c",
  "status": "Invalid",
  "statusSummary": "Archive contains critical validation errors",
  "statusCode": 4000,
  "archiveFilename": "616394B22C0F4912850B8D039FA042BA.zip",
  "uploadDate": "2020-03-12T02:25:36Z",
  "sha256": "33e5d25dfbbd15e2d3890fbf65a072d7f8e90ce4fbd5a6cd71e7051f9236ade4",
  "ticketContents": null,
  "issues": [
    {
      "severity": "error",
      "code": null,
      "path": "616394B22C0F4912850B8D039FA042BA.zip/Fusion Installer.app/Contents/Plugins/File Information.bundle/Contents/MacOS/File Information",
      "message": "The signature of the binary is invalid.",
      "docUrl": null,
      "architecture": "x86_64"
    }
  ]
}

[miyako]

how do you sign and notarise your app?

does it make a difference if you use

https://github.com/miyako/4d-utility-build-application

it is possible, that the code signing process is invalidating the otherwise notarised plugin.

I can post a plugin with manifest.json moved to resources, if it helps.

[miyako]

only difference is the manifest location

https://github.com/miyako/4d-plugin-file-information/releases/tag/2.0.1

[cannonsmith]

Hi Miyako,

I just tried the 2.0.1 with the manifest location changed and it properly notarizes.

Thank you!

[miyako]

that, and your earlier posts on the mailing list about a file under /Contents, seems to confirm that your way of notarisation (I am guessing, one shot, outside-in) is not as comprehensive as my way (multiple shots, inside-out).

[miyako]

it also means that you could have solved it locally, by

1. moving the file manifest.json to Resources

2. wiping out the plugin's signature with xattr -rc

3. signing the entire app

this would not work for 4D before v18.

[cannonsmith]

I've done the signing multiple ways as things have changed. A couple years ago I was doing the one shot, outside in way. At the end of last year I changed that for notarization purposes and started signing from the inside out. I actually used your code from https://github.com/miyako/4d-utility-build-application, although it was changed significantly so it would fit into my automated build process. It's possible I messed something up. In the past month, since Apple's changes, I've revamped the signing process again. This time I'm basically calling 4D's v18 signing shell script, although there are a few files it doesn't know about and I sign them (again, basically using your code) first and then call 4D's script. This seems to work, even though I'm in v17.3. Perhaps using 4D's script is the reason? In any case, I now have it working in all my apps again. Hopefully it won't break before I can move to v18. Thanks for you help.