Notarization Failing With Bundled Helper Apps

I just did my first release of my app since 10.14.5 was released, and some of my OS X 10.14.5 users are reporting issues with some functions of my app. I need help figuring out exactly what I’ve done wrong.

Here are the gory details. Skip ahead for the TL;DR:

My build process looks something like this:
Xojo -> Build app
Drop built .app bundle onto AppWrapper, wrap the app.
Place wrapped .app bundle where it belongs for Packages.
Use Packages -> installer.pkg
Use DMGCanvs -> installer.dmg
Use AppWrapper to notarize the installer.dmg

This works well, and my app runs fine. HOWEVER: There are a few functions that my app relies on helper apps to perform. Most notably, to produce PDF reports out of HTML source files. I use phantomjs to perform this pdf creation… but my users on OS X 10.14.5 can no longer do so… phantomjs crashes as soon as it is launched. Investigating the user’s system logs reveals that Gatekeeper (or one of the other levels of OS X app security) is killing it as soon as it launches… presumably because it is not signed/notarized properly.

Until today, I had been including phantomjs in my /Resources folder with a CopyFiles build step in Xojo. In reading up on notarization though, it seems that Apple really wants helper apps like this to be put into the MacOS folder in the application bundle instead. So, I adjusted the copyFiles step to place the helper apps there instead of into Resources, and now AppWrapper reports that notarization always fails with the error: “The signature of the binary is invalid.”

Further reading indicates that anything that is executable should actually be in a folder named “Helpers” rather than “Resources” or “MacOS”, and everything has to be individually signed.

When I run codesign -vvv --deep --strict on the AppWrapper’d wrapped up version of my application bundle (with the helpers in “MacOS”) it reports that everything IS signed and happy. Similarly, if I run codesign -vvv --deep --strict on the final .dmg I submit for notarization, it also reports everything is hunky dory.

TL; DR: Where should I place helper applications for my Xojo app, and how do I get Apple to accept them in the notarization process so they will run properly when my app needs them?


I think that this may have to do with Hardened Runtime. Make sure you’ve got version 3.9.1 and then go to the “Capabilities” pane of App Wrapper and check the two boxes in the top section that are marked “XojoScript”. Try again. There may be other things that it requires to function; I would suggest talking to the author of this code. But I see that they’ve ceased development. It’s also possible to replicate this using only an HTMLViewer and declares. Albeit I don’t know if it would have to be visible in order to do so.

This document describes the valid places for executable code.

Thanks @Sam Rowlands - I suspect it’s actually to do with the “Disable Memory Protection” checkbox on the capabilities pane, but I can experiment more tomorrow. For now, simply checking all the boxes under capabilities fixes the issue, and phantomJS is working again.