mas app crashing after signing #897
Comments
|
Please attach full build log (better to set env |
|
Attached is the log file with DEBUG=electron-builder and when gatekeeper-assess set to false |
|
Attached is the log file when gatekeeper-assess not set |
|
I am having app crash issue from 7.24.1 |
|
I see that you not only build mas, but for mac as well. And no valid |
develar
changed the title
|
Ok. Thanks for the feedback. Will try including "Developer ID Application" or just build MAC apps. (I was not having this issue before when building both apps together) |
|
Still having same issue while generating only for mas. |
develar
changed the title
develar
changed the title
|
May be below information is helpful. I narrowed down issue to "electron-osx-sign-tf". (with electron-builder v 7.24.1) |
|
I have having this issue too. But I managed to sign the app manually without issues. |
|
Please provide debug log — set env @sethlu If you have time, could you please help? electron-builder uses latest version of electron-osx-sign (+ electron/osx-sign#80) As @workswithweb discovered, "I use electron-osx-sign-tf version 1.0.1, it works fine", probably your latest changes is the reason of issue. |
|
Reproduced. |
|
Nov 12 17:50:35 develar-home-imac com.apple.xpc.launchd1: Binary is improperly signed. https://gist.github.com/develar/265039c3ba26b52b38792283c74c2719 |
|
@develar I've already review the changes; sorry for it taking this long. And @chunkiat82 I've just posted a PR addressing the unexpected team identifier in entitlements file, on which I will test and merge later. |
|
All changes after electron/osx-sign@0fd220e were reverted. Sorry for inconvenience. Our test suite will be improved to avoid such issues in the future. |
|
@develar would you check if your npm module published I think @chunkiat82 may have utilized some previous version of the codesigning tool. Also, it is normal to have |
|
@develar @chunkiat82 I would recommend generating a provisioning profile (wildcard is fine) for development first and then test signing with it first with |
|
I am not expert here and trust @sethlu. Issue reopened — docs will be added about it. |
|
@develar I'll soon update guides to sign with the latest standard electron/osx-sign#106. |
|
I'm not sure this issue is fixed, I was unable to submit my app, had to use the callback |
|
electron/osx-sign#105 (comment)
|
|
@sethlu Could you please confirm that electron-builder behaviour is correct? We use latest version of electron-osx-sign without any extra and changed defaults. Exactly as if user will use electron-osx-sign directly. Maybe electron-builder should warn that mas build cannot be run directly and provide special target to test mas build locally? update: I see, probably electron-builder should introduce new target: |
|
I'm also having this issue, anyone found some solution? |
|
@pie6k Please note that app bundles codesigned via
🎯 The above procedure corresponds to the following code signing script electron-osx-sign path/to.app --no-pre-auto-entitlements --entitlements=mas.entitlements
# include "--type=development" for development 😅 The <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.application-groups</key>
<array>
<string>XXXXXXXXXX.app-bundle-id</string>
</array>
<key>com.apple.application-identifier</key>
<string>XXXXXXXXXX.app-bundle-id</string>
</dict>
</plist>The With this setup, the app should launch with either signing certificate for development or distribution. Some additional information from: https://github.com/electron-userland/electron-osx-sign/blob/b6fcaa570cf306771b3af9a8394ccd7037a74b25/README.md
Here's what Therefore, 🤔 I think the this entitlements automation behavior will likely change in a next major release of To answer the question, the part marked 🎯 should be a workable code signing setup. Alternatively, you can generate the provisioning profiles for development & for distribution on the MAS, place them in the current working directory, and trust electron-osx-sign path/to.app
# include "--type=development" for development 😅 More info: https://mintkit.net/electron-userland/electron-osx-sign/guide/ |
|
One thing that was contributing to this for me was that a certain entitlement is inexplicably required and commonly cited as being a string when it's an array of strings. |
I was able to sign mas apps successfully with electron-builder 7.14.2 and publish on mac store. however after updating to 7.24.1, I started getting errors "Error: Exit code: 3. Command failed: spctl --assess --type execute --verbose --ignore-cache " which was fixed with issue#890 in 8.2.0 branch.
I updated electron-builder to pre-release branch 8.2.0 and when I build my app with gatekeeper-assess set to false, app is generated successfully however app crashes when we try to open. (attached is error screenshot) .
Exception Type: EXC_CRASH (Code Signature Invalid)
Exception Codes: 0x0000000000000000, 0x0000000000000000
Exception Note: EXC_CORPSE_NOTIFY
If I generate app without specifying gatekeeper-assess flag, I get "Error: Exit code: 3. Command failed: spctl --assess" back mentioned in issue#890
The text was updated successfully, but these errors were encountered: