-
-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Notarization and staple succeeds but app is not able to be verified by Apple #7755
Comments
When I run |
@davidmurdoch Where you ever able to resolve this issue? We are seeing the same behavior over on With the binaries being produced reporting You can view our a run we are looking at here for GitHub Actions, but otherwise the logs of specifically the signing step show:
Then just like the OP in this thread reported:
Additionally, if it helps heres the output to Would love to hear back if there's any ideas for troubleshooting this issue, or any way the OP has found to resolve it. Or if there's more information we could provide please ask! Thanks a ton to anyone that has the time to take a look at this one |
I didn't. 😞 |
Unfortunate, but maybe we can still help each other. Pulsar was signing just fine for months, but what seems to have triggered this failure is when we switched from Cirrus CI to GitHub Actions, we thought things we identical, but obviously something has changed. I looked at the repo you linked, and it looks like you also were switching CI providers around that time maybe? Is it possible there's some Apple specific dependency that's missing somewhere? |
I do want to add, just to make it clear. We have been signing our binaries with no issue for several months, and within the last month, with zero changes to our That is of course unless there's some dep missing that came preinstalled on Cirrus and not GHAs, which from what I've read of the docs for And while I don't want to be annoying, seeing this issue open for three weeks, and having this issue effect 500+ of our users (According to our last successful signing of Pulsar Intel macOS versions) I hope it's not bad manners to ping @mmaietta and ask if there's any advice, or good places to start troubleshooting. Or anywhere better to ask for assistance. Would really appreciate any insight into this problem. |
I think Apple changed something. It's happened before to me. |
Interesting, sounds like we have to explore that possibility. Ideally it's something that can be changed on our end. Otherwise, if Apple changed something big I would've assumed this functionality would break for everyone, and we wouldn't be the only two citing an issue. |
Definitely not bad manners, I just have very limited time and also am not too sure how I can help here. I'm not familiar enough with how notarizing/stapling works to immediately know where to troubleshoot. My best recommendation would be to ping in @electron/notarize project with the logs. electron-builder is just using their notarize project under-the-hood. An alternative way to test various versions of
|
@mmaietta I really do appreciate your support here, even if not your primary area of focus. I'll go ahead and give a try to what you've suggested, but I really appreciate your time! |
@davidmurdoch I want to let you know, we just had a successful build on GitHub Actions with We skipped the So I hope our workflow may prove to be useful to you as well! |
@davidmurdoch Alright, I take this back slightly. One of our awesome developers was able to find the exact cause, and fix our issues with a single commit diff. Turns out the solution wasn't removing Seems that our version of So I hope this helps you, feel free to take a look at their PR that fixes this here: pulsar-edit/pulsar#743 |
Hey - We're running into this same issue. For us, the problem is that You can run We're trying to delete this bad symlink to see if that fixes the issue. Not sure if it will work yet, but it sounds similar to what you found! |
@mfranzs, looks like you're running into nodejs/node-gyp#2713. This symlinking behavior was introduced with only good intentions .......... (by me, sorry!) in node-gyp 9.1.0, and a fix has landed on node-gyp The solution is to use older node-gyp [UPDATE: or node-gyp 10 or newer], or use the revision of node-gyp straight from its Most people get node-gyp bundled with npm, so your easiest point of control over this is to use a copy of npm that bundles node-gyp older than 9.1.0... So, based on the changes in npm's [UPDATE: Or upgrade to npm 10.2.2 or newer.]
EDIT: I see you commented on the pending release PR over at node-gyp repo. I guess this info isn't news to you, then. And once again, sorry for not foreseeing the breakage the symlinking would cause. |
@DeeDeeG. Downgrading to |
This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 30 days. |
Is upgrading to npm 10.2.2 working for someone? I still can't get it work |
@vitto32 there were two vaguely related issues discussed in this thread.
|
This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 30 days. |
This issue was closed because it has been stalled for 30 days with no activity. |
24.6.3
trying to open on macOS Montery 12.6.3 (21G419)
Using the built-in "notarize" option in `electron-builder it notarize and stapled successfully, according to the logs (see below), but the app is unable to be opened on Mac.
I can launch the .dmg, which Mac briefly says "Verifying" before successfully opening the installer screen (drag to "Applications"). It then installs, but when I try to open the app it again says "Verifying [...]", but this time for a minute or two, and then fails to open with the message
"Ganache" cannot be opened because the developer cannot be verified. macOS cannot verify that this app is free from malware. [...]
. (Ganache is the app name).Logs:
full logs here: https://github.com/trufflesuite/ganache-ui/actions/runs/6058926364/job/16441511002#step:11:4295
The text was updated successfully, but these errors were encountered: