Entitlements and debug vs non-debug builds

  1. 7 weeks ago

    Michael D

    Aug 7 Pre-Release Testers, Xojo Pro

    I have code-signing Build step scripts which code-sign my .debug app and my non-debug app.

    Under 10.14.5, when the code-signed debug app runs, it does not behave like the signed and fully built app.

    Specifically, both my app and debug app are signed with the following entitlements:

    	<key>com.apple.security.assets.pictures.read-write</key>
    	<true/>
    	<key>com.apple.security.personal-information.photos-library</key>
    	<true/>

    And yet I consistently see that the debug app will fail to load photos, while the non-debug app works.

    Looking inside System Preference / Security & Privacy / Photos, under "Allow the apps below to access your photos" I see only the non-debug app. The debug app never shows up.

    Theories:

    • there is just something about running the debug app which doesn't work
    • the debug app and the non-debug app share the same bundleID, and this is confusing the OS
    • ???

    Any ideas?

  2. Michael D

    Aug 7 Pre-Release Testers, Xojo Pro

    FYI, this is a non-sandbox Developer ID app, built using Xojo 2019R1.1. I am code-signing with the hardened runtime but am NOT notarizing (basically, I'm using the steps shown here https://forum.xojo.com/55310-how-to-add-entitlements-to-a-xojo-app-using-codesign )

    I would love it if there was some way to have my Debug app and non-debug app behave the same for testing purposes.

or Sign Up to reply!