From ac0b81f081b0e2126acb2fe97bb5c9d0a2b31274 Mon Sep 17 00:00:00 2001 From: Trevor Elkins Date: Tue, 11 Nov 2025 15:50:06 -0500 Subject: [PATCH 1/9] code signature --- .../apple/guides/ios/size-analysis/index.mdx | 4 ++++ .../size-analysis/binary-code-signature.mdx | 17 +++++++++++++++++ 2 files changed, 21 insertions(+) create mode 100644 includes/size-analysis/binary-code-signature.mdx diff --git a/docs/platforms/apple/guides/ios/size-analysis/index.mdx b/docs/platforms/apple/guides/ios/size-analysis/index.mdx index 728cd35e45b03..2f9d9cf1f4f5a 100644 --- a/docs/platforms/apple/guides/ios/size-analysis/index.mdx +++ b/docs/platforms/apple/guides/ios/size-analysis/index.mdx @@ -36,6 +36,10 @@ description: Upload iOS builds to Sentry for size analysis. +### Binary Code Signature + + + ### App Store Connect File Sizes diff --git a/includes/size-analysis/binary-code-signature.mdx b/includes/size-analysis/binary-code-signature.mdx new file mode 100644 index 0000000000000..fa1f6b6162152 --- /dev/null +++ b/includes/size-analysis/binary-code-signature.mdx @@ -0,0 +1,17 @@ +Mach-O binaries contain code signature data within the `LC_CODE_SIGNATURE` load command which itself contains `SHA1` and/or `SHA256` hashes of every page block. This means the size of this data will scale linearly with the size of your binary. + +By default Sentry calculates the size of this data as-is. You may notice differences when comparing against your app downloaded from the App Store. For example, Xcode 26 archives only codesign with `SHA256` hashes, but the App Store codesigns with both `SHA1` and `SHA256` hashes. In other words, App Store downloads of your app may be slightly larger than what's produced by Xcode. This App Store behavior is subject to change at any time. + +If you'd like to compare the impact of this with your app, you can re-sign each binary before uploading to Sentry: + +```bash +codesign --force \ + --sign 'Apple Distribution: Your Team (team_id)' \ + --digest-algorithm sha1 \ + --digest-algorithm sha256 \ + --timestamp \ + --options runtime \ + '/path/to/your/binary' +``` + +This will force both `SHA1` and `SHA256` hashes to be used. From 708536f388feadf5983f6d5c0645a0d6f1600680 Mon Sep 17 00:00:00 2001 From: Trevor Elkins Date: Tue, 11 Nov 2025 15:54:55 -0500 Subject: [PATCH 2/9] shorten --- includes/size-analysis/binary-code-signature.mdx | 2 -- 1 file changed, 2 deletions(-) diff --git a/includes/size-analysis/binary-code-signature.mdx b/includes/size-analysis/binary-code-signature.mdx index fa1f6b6162152..957b568d9a173 100644 --- a/includes/size-analysis/binary-code-signature.mdx +++ b/includes/size-analysis/binary-code-signature.mdx @@ -9,8 +9,6 @@ codesign --force \ --sign 'Apple Distribution: Your Team (team_id)' \ --digest-algorithm sha1 \ --digest-algorithm sha256 \ - --timestamp \ - --options runtime \ '/path/to/your/binary' ``` From 4a7410a6c863dcb7f40dbacf21f9e974cd627c37 Mon Sep 17 00:00:00 2001 From: Trevor Elkins Date: Tue, 11 Nov 2025 15:56:55 -0500 Subject: [PATCH 3/9] add command --- includes/size-analysis/binary-code-signature.mdx | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/includes/size-analysis/binary-code-signature.mdx b/includes/size-analysis/binary-code-signature.mdx index 957b568d9a173..15bef6540c4fc 100644 --- a/includes/size-analysis/binary-code-signature.mdx +++ b/includes/size-analysis/binary-code-signature.mdx @@ -5,6 +5,10 @@ By default Sentry calculates the size of this data as-is. You may notice differe If you'd like to compare the impact of this with your app, you can re-sign each binary before uploading to Sentry: ```bash +# Inspect the current code signature +codesign -dvvv '/path/to/your/binary' + +# Re-sign with a new code signature codesign --force \ --sign 'Apple Distribution: Your Team (team_id)' \ --digest-algorithm sha1 \ From 0466e1fb0adc9263e0b07148ac6ff7bb5cebebf5 Mon Sep 17 00:00:00 2001 From: Trevor Elkins Date: Mon, 17 Nov 2025 18:15:38 -0500 Subject: [PATCH 4/9] Update includes/size-analysis/binary-code-signature.mdx Co-authored-by: Alex Krawiec --- includes/size-analysis/binary-code-signature.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/includes/size-analysis/binary-code-signature.mdx b/includes/size-analysis/binary-code-signature.mdx index 15bef6540c4fc..8153274c51102 100644 --- a/includes/size-analysis/binary-code-signature.mdx +++ b/includes/size-analysis/binary-code-signature.mdx @@ -2,7 +2,7 @@ Mach-O binaries contain code signature data within the `LC_CODE_SIGNATURE` load By default Sentry calculates the size of this data as-is. You may notice differences when comparing against your app downloaded from the App Store. For example, Xcode 26 archives only codesign with `SHA256` hashes, but the App Store codesigns with both `SHA1` and `SHA256` hashes. In other words, App Store downloads of your app may be slightly larger than what's produced by Xcode. This App Store behavior is subject to change at any time. -If you'd like to compare the impact of this with your app, you can re-sign each binary before uploading to Sentry: +If you'd like to compare the impact of this on your app, you can re-sign each binary before uploading to Sentry: ```bash # Inspect the current code signature From 15a88bb3ea8f528fe551f65aa19e5548d17af45a Mon Sep 17 00:00:00 2001 From: Trevor Elkins Date: Mon, 17 Nov 2025 18:57:47 -0500 Subject: [PATCH 5/9] watch --- docs/platforms/apple/guides/ios/size-analysis/index.mdx | 4 ++++ includes/size-analysis/watch-architecture-thinning.mdx | 1 + 2 files changed, 5 insertions(+) create mode 100644 includes/size-analysis/watch-architecture-thinning.mdx diff --git a/docs/platforms/apple/guides/ios/size-analysis/index.mdx b/docs/platforms/apple/guides/ios/size-analysis/index.mdx index 2f9d9cf1f4f5a..48eac0c1449b8 100644 --- a/docs/platforms/apple/guides/ios/size-analysis/index.mdx +++ b/docs/platforms/apple/guides/ios/size-analysis/index.mdx @@ -36,6 +36,10 @@ description: Upload iOS builds to Sentry for size analysis. +### WatchOS Architectures + + + ### Binary Code Signature diff --git a/includes/size-analysis/watch-architecture-thinning.mdx b/includes/size-analysis/watch-architecture-thinning.mdx new file mode 100644 index 0000000000000..10f9bed066693 --- /dev/null +++ b/includes/size-analysis/watch-architecture-thinning.mdx @@ -0,0 +1 @@ +WatchOS apps produced by Xcode often contain both `arm64_32` and `arm64` architectures in a single fat binary. By default Sentry calculates the size of this data as-is, however, your end users will only download whatever architecture is necessary for their device. It's recommended to apply [App Thinning](/platforms/apple/guides/ios/size-analysis#app-thinning) before uploading for the best results. From dff77faa71e37ddf8770c4a4cf2a5839679f676f Mon Sep 17 00:00:00 2001 From: Trevor Elkins Date: Mon, 17 Nov 2025 19:32:34 -0500 Subject: [PATCH 6/9] fix --- includes/size-analysis/watch-architecture-thinning.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/includes/size-analysis/watch-architecture-thinning.mdx b/includes/size-analysis/watch-architecture-thinning.mdx index 10f9bed066693..6a6b44d9f7326 100644 --- a/includes/size-analysis/watch-architecture-thinning.mdx +++ b/includes/size-analysis/watch-architecture-thinning.mdx @@ -1 +1 @@ -WatchOS apps produced by Xcode often contain both `arm64_32` and `arm64` architectures in a single fat binary. By default Sentry calculates the size of this data as-is, however, your end users will only download whatever architecture is necessary for their device. It's recommended to apply [App Thinning](/platforms/apple/guides/ios/size-analysis#app-thinning) before uploading for the best results. +WatchOS apps produced by Xcode often contain both `arm64_32` and `arm64` architectures in a single fat binary. By default Sentry calculates the size of this data as-is, however, your end users will only download whatever architecture is necessary for their device. It's recommended to apply [App Thinning](/platforms/apple/guides/ios/size-analysis#app-thinning) before uploading for more representative results. From 507f40c9b4b160f3070575e6711a7d4af431d3d6 Mon Sep 17 00:00:00 2001 From: Trevor Elkins Date: Tue, 18 Nov 2025 10:43:07 -0500 Subject: [PATCH 7/9] fix --- docs/platforms/apple/guides/ios/size-analysis/index.mdx | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/platforms/apple/guides/ios/size-analysis/index.mdx b/docs/platforms/apple/guides/ios/size-analysis/index.mdx index 48eac0c1449b8..7aaee30932b80 100644 --- a/docs/platforms/apple/guides/ios/size-analysis/index.mdx +++ b/docs/platforms/apple/guides/ios/size-analysis/index.mdx @@ -10,9 +10,11 @@ description: Upload iOS builds to Sentry for size analysis. ## Getting Started + + **Accepted Formats**: XCArchive (preferred) | IPA -**Upload Mechanisms**: [Fastlane Plugin](#uploading-with-fastlane) (version 1.34.0 or higher) _or_ [Sentry CLI](#uploading-with-the-sentry-cli) +**Upload Mechanisms**: [Fastlane Plugin](#uploading-with-fastlane) _or_ [Sentry CLI](#uploading-with-the-sentry-cli) ### Uploading With Fastlane From d1d49e2cc88b60f6f621e488b4df5ddf58b0fb67 Mon Sep 17 00:00:00 2001 From: Trevor Elkins Date: Tue, 18 Nov 2025 11:10:33 -0500 Subject: [PATCH 8/9] update --- .../apple/guides/ios/size-analysis/index.mdx | 4 ++-- .../size-analysis/binary-code-signature.mdx | 19 ------------------- includes/size-analysis/code-signature.mdx | 19 +++++++++++++++++++ 3 files changed, 21 insertions(+), 21 deletions(-) delete mode 100644 includes/size-analysis/binary-code-signature.mdx create mode 100644 includes/size-analysis/code-signature.mdx diff --git a/docs/platforms/apple/guides/ios/size-analysis/index.mdx b/docs/platforms/apple/guides/ios/size-analysis/index.mdx index 7aaee30932b80..e0716dab4fa8d 100644 --- a/docs/platforms/apple/guides/ios/size-analysis/index.mdx +++ b/docs/platforms/apple/guides/ios/size-analysis/index.mdx @@ -42,9 +42,9 @@ description: Upload iOS builds to Sentry for size analysis. -### Binary Code Signature +### Code Signature - + ### App Store Connect File Sizes diff --git a/includes/size-analysis/binary-code-signature.mdx b/includes/size-analysis/binary-code-signature.mdx deleted file mode 100644 index 8153274c51102..0000000000000 --- a/includes/size-analysis/binary-code-signature.mdx +++ /dev/null @@ -1,19 +0,0 @@ -Mach-O binaries contain code signature data within the `LC_CODE_SIGNATURE` load command which itself contains `SHA1` and/or `SHA256` hashes of every page block. This means the size of this data will scale linearly with the size of your binary. - -By default Sentry calculates the size of this data as-is. You may notice differences when comparing against your app downloaded from the App Store. For example, Xcode 26 archives only codesign with `SHA256` hashes, but the App Store codesigns with both `SHA1` and `SHA256` hashes. In other words, App Store downloads of your app may be slightly larger than what's produced by Xcode. This App Store behavior is subject to change at any time. - -If you'd like to compare the impact of this on your app, you can re-sign each binary before uploading to Sentry: - -```bash -# Inspect the current code signature -codesign -dvvv '/path/to/your/binary' - -# Re-sign with a new code signature -codesign --force \ - --sign 'Apple Distribution: Your Team (team_id)' \ - --digest-algorithm sha1 \ - --digest-algorithm sha256 \ - '/path/to/your/binary' -``` - -This will force both `SHA1` and `SHA256` hashes to be used. diff --git a/includes/size-analysis/code-signature.mdx b/includes/size-analysis/code-signature.mdx new file mode 100644 index 0000000000000..e6ab5fef5f7c0 --- /dev/null +++ b/includes/size-analysis/code-signature.mdx @@ -0,0 +1,19 @@ +App bundles contain code signature data within `_CodeSignature/` directories which contain plist files with hashes of each file within the bundle. Similarly, Mach-O binaries contain additional hashes of every page block within its `LC_CODE_SIGNATURE` load command. This means the size of code signature data will scale linearly with the amount of files in your bundle and size of your binaries. + +By default Sentry calculates the size of this data as-is. You may notice differences when comparing against your app downloaded from the App Store. For example, Xcode 26 archives only codesign with `SHA256` hashes, but the App Store can use both `SHA1` and `SHA256` hashes. In other words, App Store downloads of your app may be slightly larger than what's produced by Xcode. This App Store behavior is subject to change at any time. + +If you'd like to compare the impact of this on your app, you can re-sign your app before uploading to Sentry: + +```bash +# Inspect the current code signature +codesign -dvvv '/path/to/your/app.app' + +# Re-sign with a new code signature +codesign --force \ + --sign 'Apple Distribution: Your Team (team_id)' \ + --digest-algorithm sha1 \ + --digest-algorithm sha256 \ + '/path/to/your/app.app' +``` + +This will force both `SHA1` and `SHA256` hashes to be used. From 812f33f730dcde0a11c6d7268baabb6d57d8a902 Mon Sep 17 00:00:00 2001 From: Trevor Elkins Date: Tue, 18 Nov 2025 16:05:37 -0500 Subject: [PATCH 9/9] fix --- includes/size-analysis/code-signature.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/includes/size-analysis/code-signature.mdx b/includes/size-analysis/code-signature.mdx index e6ab5fef5f7c0..01c846cc23817 100644 --- a/includes/size-analysis/code-signature.mdx +++ b/includes/size-analysis/code-signature.mdx @@ -1,4 +1,4 @@ -App bundles contain code signature data within `_CodeSignature/` directories which contain plist files with hashes of each file within the bundle. Similarly, Mach-O binaries contain additional hashes of every page block within its `LC_CODE_SIGNATURE` load command. This means the size of code signature data will scale linearly with the amount of files in your bundle and size of your binaries. +App bundles contain code signature data within `_CodeSignature/` directories. In these you'll find a `CodeResources` plist file with hashes of every file within the bundle. Similarly, Mach-O binaries contain additional hashes of every page block within its `LC_CODE_SIGNATURE` load command. This means the size of code signature data will scale linearly with the amount of files in your bundle and size of your binaries. By default Sentry calculates the size of this data as-is. You may notice differences when comparing against your app downloaded from the App Store. For example, Xcode 26 archives only codesign with `SHA256` hashes, but the App Store can use both `SHA1` and `SHA256` hashes. In other words, App Store downloads of your app may be slightly larger than what's produced by Xcode. This App Store behavior is subject to change at any time.