Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Missing --deep flag prevents signing of packages that contain other binaries

See original GitHub issue

Adding --deep to the args array in function signApplicationAsync (opts) allows signing of MacOS apps that contain other executables. If this flag is not included the signing fails with the error message “code object is not signed at all”.

Issue Analytics

State:
Created 7 years ago
Comments:10 (5 by maintainers)

Top GitHub Comments

2reactions

eriedl-kibancommented, Jan 19, 2017

Yes, that was indeed the problem. Thank you so much for providing this. It might be helpful to add this link to the general documentation of electron-builder for when build MacOS apps. I moved now my executables to Contents/MacOS as they are indeed helper apps and tools.

0reactions

sethlucommented, Jan 19, 2017

Hi @eriedl-kiban, my understanding from the Apple doc (table 3-1 at https://developer.apple.com/library/content/documentation/Security/Conceptual/CodeSigningGuide/Procedures/Procedures.html, retrieved Jan 19, 2017) is that pretty much all components should be placed at their corresponding locations:

Location	Description
Contents	Top content directory of the bundle
Contents/MacOS	Helper apps and tools
Contents/Frameworks	Frameworks, dylibs
Contents/PlugIns	Plug-ins, both loadable and extensions
Contents/XPCServices	XPC services
Contents/Helpers	Helper apps and tools
Contents/Library/Automator	Automator actions
Contents/Library/Spotlight	Spotlight importers
Contents/Library/LoginItems	Installable login items
Contents/Library/LaunchServices	Privileged helper tools installed by the ServiceManagement framework

And I think placing your files outside the Contents dir’s the reason of causing this issue?

Amend: electron-osx-sign currently starts walking from Contents, but may feature file misplacement detection if that may help?

Top Results From Across the Web

Resolving common notarization issues - Apple Developer

The signature of the binary is invalid. To debug signing issues for anything besides an installer package, use the codesign utility to test...

Cannot manually compile with 'bmake install' due to missing ...

Hi, I am trying to manually compile lang/clang on OS X (because no binary package is provided in Darwin/trunk). This fails with the...

makepkg - ArchWiki

If a needed public key for a package is missing, the PKGBUILD will most likely contain a validpgpkeys entry with the required key...

Xcode Build Settings

A convenient reference of available build settings for Xcode projects.

Chapter 5. Basics - Debian

The Debian packaging workflow to create a Debian binary package involves ... useful to include buildflags.mk in debian/rules to set the build flags...