First off, I’m going to be more or less inactive for the next week, but I’ll be back around the 23rd.
Now, Gatekeeper. I went to 10.9 last night and found that code signing would suddenly fail.
I found some helpful information, courtesy of Craig Otis.
http://stackoverflow.com/questions/17263967/codesign-of-dropbox-api-fails-in-xcode-4-6-3-code-object-is-not-signed-at-all
So I tried setting `OTHER_CODE_SIGN_FLAGS = "--deep"` in my build script. That got the project building again, but validating with Gatekeeper would fail with `Quicksilver.app: nested code is modified or invalid`.
So after some more screwing around, I found something that will work: Build, then sign manually `codesign -s "Developer ID Application" --deep /tmp/QS/build/Release/Quicksilver.app`. Since I have a script that does all this anyway, it’s not that big a deal.
Here’s the problem. The DMG is created as part of the build process, so the application is put into the DMG *before* it’s signed. (And, as previously discussed, we can’t make signing part of the build process because it only works for me.)
What would you think about pulling the DMG step out of the project and I’ll just add it to my script? I hate waiting for it all the time anyway, and it doesn’t do you any good unless you’re actually putting out a release.
--
Rob McBroom
<
http://www.skurfer.com/>