I was able to get it submitted to TestFlight, but am now getting a slightly different error for the dylib than before: “libui.dylib” Not Opened Apple could not verify “libui.dylib” is free of malware that may harm your Mac or compromise your privacy. The dylib is located under Contents/Frameworks, so I'm not sure what else there is to be done. Bundle contents λ xar -xf ~/code/ruby/PATHmanager.pkg /tmp λ lsbom "com.chipcastle.pathmanager.pkg/Bom" . 0 0/0 ./PATHmanager.app 40755 0/0 ./PATHmanager.app/Contents 40755 0/0 ./PATHmanager.app/Contents/Frameworks 40755 0/0 ./PATHmanager.app/Contents/Frameworks/libui.dylib 100644 0/0 925632 2654273729 ./PATHmanager.app/Contents/Info.plist 100644 0/0 1415 196399421 ./PATHmanager.app/Contents/MacOS 40755 0/0 ./PATHmanager.app/Contents/MacOS/PATHmanager 100755 0/0 28765680 1121196294 ./PATHmanager.app/Contents/PkgInfo 100644 0/0 8 742937289 ./PATHmanager.app/Contents/Resources 40755 0/0 ./PATHmanager.app/Contents/Resources/AppIcon.icns 100644 0/0 56310 2265036908 ./PATHmanager.app/Contents/_CodeSignature 40755 0/0 ./PATHmanager.app/Contents/_CodeSignature/CodeResources 100644 0/0 2969 2120637324 ./PATHmanager.app/Contents/embedded.provisionprofile 100644 0/0 12377 748912970 /tmp λ cpio -i < "com.chipcastle.pathmanager.pkg/Payload" 58137 blocks /tmp λ find PATHmanager.app PATHmanager.app PATHmanager.app/Contents PATHmanager.app/Contents/_CodeSignature PATHmanager.app/Contents/_CodeSignature/CodeResources PATHmanager.app/Contents/MacOS PATHmanager.app/Contents/MacOS/PATHmanager PATHmanager.app/Contents/Resources PATHmanager.app/Contents/Resources/AppIcon.icns PATHmanager.app/Contents/embedded.provisionprofile PATHmanager.app/Contents/Frameworks PATHmanager.app/Contents/Frameworks/libui.dylib PATHmanager.app/Contents/Info.plist PATHmanager.app/Contents/PkgInfo /tmp λ codesign --verify -vvv "PATHmanager.app" --prepared:/private/tmp/PATHmanager.app/Contents/Frameworks/libui.dylib --validated:/private/tmp/PATHmanager.app/Contents/Frameworks/libui.dylib PATHmanager.app: valid on disk PATHmanager.app: satisfies its Designated Requirement Codesigning output λ ./appstore.rb codesign --remove-signature '/Users/chip/code/ruby/distribution/PATHmanager.app/Contents/Frameworks/libui.dylib' remove_signature returns: true codesign --remove-signature '/Users/chip/code/ruby/distribution/PATHmanager.app' remove_signature returns: true Signing the .app... codesign --preserve-metadata=entitlements --force --verify --verbose=4 --options runtime --timestamp --sign 'Apple Distribution: Chip Castle Dot Com, Inc. (BXN9N7MNU3)' '/Users/chip/code/ruby/distribution/PATHmanager.app/Contents/Frameworks/libui.dylib' /Users/chip/code/ruby/distribution/PATHmanager.app/Contents/Frameworks/libui.dylib: signed Mach-O universal (x86_64 arm64) [libui] sign_app returns: true codesign --preserve-metadata=entitlements --force --verify --verbose=4 --options runtime --timestamp --entitlements '/Users/chip/code/ruby/distribution/PATHmanager.entitlements' --sign 'Apple Distribution: Chip Castle Dot Com, Inc. (BXN9N7MNU3)' '/Users/chip/code/ruby/distribution/PATHmanager.app' /Users/chip/code/ruby/distribution/PATHmanager.app: signed app bundle with Mach-O thin (arm64) [com.chipcastle.pathmanager] sign_app returns: true Verifying signature for /Users/chip/code/ruby/distribution/PATHmanager.app/Contents/Frameworks/libui.dylib codesign --verify --verbose=4 '/Users/chip/code/ruby/distribution/PATHmanager.app/Contents/Frameworks/libui.dylib' /Users/chip/code/ruby/distribution/PATHmanager.app/Contents/Frameworks/libui.dylib: valid on disk /Users/chip/code/ruby/distribution/PATHmanager.app/Contents/Frameworks/libui.dylib: satisfies its Designated Requirement verify_app_signature for /Users/chip/code/ruby/distribution/PATHmanager.app/Contents/Frameworks/libui.dylib returns: true Verifying signature for /Users/chip/code/ruby/distribution/PATHmanager.app codesign --verify --verbose=4 '/Users/chip/code/ruby/distribution/PATHmanager.app' --prepared:/Users/chip/code/ruby/distribution/PATHmanager.app/Contents/Frameworks/libui.dylib --validated:/Users/chip/code/ruby/distribution/PATHmanager.app/Contents/Frameworks/libui.dylib /Users/chip/code/ruby/distribution/PATHmanager.app: valid on disk /Users/chip/code/ruby/distribution/PATHmanager.app: satisfies its Designated Requirement verify_app_signature for /Users/chip/code/ruby/distribution/PATHmanager.app returns: true Building the .pkg... productbuild --sign '3rd Party Mac Developer Installer: Chip Castle Dot Com, Inc. (BXN9N7MNU3)' --identifier 'com.chipcastle.pathmanager' --version '1.23' --component '/Users/chip/code/ruby/distribution/PATHmanager.app' /Applications '/Users/chip/code/ruby/PATHmanager.pkg' productbuild: Adding component at /Users/chip/code/ruby/distribution/PATHmanager.app productbuild: Signing product with identity "3rd Party Mac Developer Installer: Chip Castle Dot Com, Inc. (BXN9N7MNU3)" from keychain /Users/chip/Library/Keychains/login.keychain-db productbuild: Adding certificate "Apple Worldwide Developer Relations Certification Authority" productbuild: Adding certificate "Apple Root CA" productbuild: Wrote product to /Users/chip/code/ruby/PATHmanager.pkg productbuild: Supported OS versions: [Min: 12.0, Before: None] build_package returns: true Verifying signature for /Users/chip/code/ruby/distribution/PATHmanager.app/Contents/Frameworks/libui.dylib codesign --verify --verbose=4 '/Users/chip/code/ruby/distribution/PATHmanager.app/Contents/Frameworks/libui.dylib' /Users/chip/code/ruby/distribution/PATHmanager.app/Contents/Frameworks/libui.dylib: valid on disk /Users/chip/code/ruby/distribution/PATHmanager.app/Contents/Frameworks/libui.dylib: satisfies its Designated Requirement verify_app_signature for /Users/chip/code/ruby/distribution/PATHmanager.app/Contents/Frameworks/libui.dylib returns: true Verifying signature for /Users/chip/code/ruby/distribution/PATHmanager.app codesign --verify --verbose=4 '/Users/chip/code/ruby/distribution/PATHmanager.app' --prepared:/Users/chip/code/ruby/distribution/PATHmanager.app/Contents/Frameworks/libui.dylib --validated:/Users/chip/code/ruby/distribution/PATHmanager.app/Contents/Frameworks/libui.dylib /Users/chip/code/ruby/distribution/PATHmanager.app: valid on disk /Users/chip/code/ruby/distribution/PATHmanager.app: satisfies its Designated Requirement verify_app_signature for /Users/chip/code/ruby/distribution/PATHmanager.app returns: true Any ideas? Thanks in advance.

Yes, sorry that I wasn't clear - The error did occur when attempting to open the app with TestFlight (the dialog box opened twice with the same message, BTW.) Plus, PATHmanager.app is neither installed under /Applications, nor ~/Applications. If there's something else I can do to get it installed, I'm all ears. :-) I'll post the output of your suggested commands from the extracted .pkg file that was uploaded using Transporter (hopefully that helps?): Signature dump for app bundle /tmp λ codesign -d -vvv "PATHmanager.app/" Executable=/private/tmp/PATHmanager.app/Contents/MacOS/PATHmanager Identifier=com.chipcastle.pathmanager Format=app bundle with Mach-O thin (arm64) CodeDirectory v=20500 size=223206 flags=0x10000(runtime) hashes=6964+7 location=embedded Hash type=sha256 size=32 CandidateCDHash sha256=a7e912f449ef085b27467d282bfeca980b8e4d9c CandidateCDHashFull sha256=a7e912f449ef085b27467d282bfeca980b8e4d9c9063d3b31bb34aaa15383e7d Hash choices=sha256 CMSDigest=a7e912f449ef085b27467d282bfeca980b8e4d9c9063d3b31bb34aaa15383e7d CMSDigestType=2 CDHash=a7e912f449ef085b27467d282bfeca980b8e4d9c Signature size=9116 Authority=Apple Distribution: Chip Castle Dot Com, Inc. (BXN9N7MNU3) Authority=Apple Worldwide Developer Relations Certification Authority Authority=Apple Root CA Timestamp=Mar 27, 2025 at 1:01:31 PM Info.plist entries=19 TeamIdentifier=BXN9N7MNU3 Runtime Version=15.0.0 Sealed Resources version=2 rules=13 files=3 Internal requirements count=1 size=204 Since that doesn't tell me much, I'll add this as well: λ codesign -d -r- "PATHmanager.app" Executable=/private/tmp/PATHmanager.app/Contents/MacOS/PATHmanager designated => identifier "com.chipcastle.pathmanager" and anchor apple generic and certificate leaf[subject.CN] = "Apple Distribution: Chip Castle Dot Com, Inc. (BXN9N7MNU3)" and certificate 1[field.1.2.840.113635.100.6.2.1] /* exists */ Signature app for dylib λ codesign -d -vvv "PATHmanager.app/Contents/Frameworks/libui.dylib" Executable=/private/tmp/PATHmanager.app/Contents/Frameworks/libui.dylib Identifier=libui Format=Mach-O universal (x86_64 arm64) CodeDirectory v=20500 size=3281 flags=0x10000(runtime) hashes=97+2 location=embedded Hash type=sha256 size=32 CandidateCDHash sha1=6f0f3b4eefb0e542619665c4c6396f84b765a92f CandidateCDHashFull sha1=6f0f3b4eefb0e542619665c4c6396f84b765a92f CandidateCDHash sha256=51b0d7e81f542de2b8c8a8d091548bfd4b1091e5 CandidateCDHashFull sha256=51b0d7e81f542de2b8c8a8d091548bfd4b1091e5ce8be2b38188f806bed13dc6 Hash choices=sha1,sha256 CMSDigest=705e70b2c2bda6cefedab9ccb490452f2ea83ce07d9ed5e0285c74cd6eedb151 CMSDigestType=2 CDHash=51b0d7e81f542de2b8c8a8d091548bfd4b1091e5 Signature size=9197 Authority=Apple Distribution: Chip Castle Dot Com, Inc. (BXN9N7MNU3) Authority=Apple Worldwide Developer Relations Certification Authority Authority=Apple Root CA Timestamp=Mar 27, 2025 at 1:01:31 PM Info.plist=not bound TeamIdentifier=BXN9N7MNU3 Runtime Version=12.1.0 Sealed Resources=none Internal requirements count=1 size=184 And also: λ codesign -d -r- "PATHmanager.app/Contents/Frameworks/libui.dylib" Executable=/private/tmp/PATHmanager.app/Contents/Frameworks/libui.dylib designated => identifier libui and anchor apple generic and certificate leaf[subject.CN] = "Apple Distribution: Chip Castle Dot Com, Inc. (BXN9N7MNU3)" and certificate 1[field.1.2.840.113635.100.6.2.1] /* exists */ Thanks again.

Yes, that's correct. That error only only occurs when installing via TestFlight and pops up twice. The app is never installed under /Applications. To be clear, before codesigning, the app runs fine on my system (always has). As a further test, if I extract the pkg file that I uploaded via Transporter, which is subsequently available via TestFlight, I get this: /tmp λ xar -xf ~/code/ruby/PATHmanager.pkg /tmp λ ll total 8 drwxrwxrwt 7 root wheel 224 Mar 31 09:23 . drwxr-xr-x 6 root wheel 192 Mar 20 09:49 .. -rw-r--r-- 1 chip staff 1217 Mar 31 09:23 Distribution drwx------ 3 chip wheel 96 Mar 20 09:50 com.apple.launchd.AUOVCHr68r drwx------ 5 chip staff 160 Dec 31 1969 com.chipcastle.pathmanager.pkg srwxr-xr-x 1 chip wheel 0 Mar 20 09:50 mykitty-1525 drwxr-xr-x 2 root wheel 64 Mar 30 15:31 powerlog /tmp λ cpio -i < "com.chipcastle.pathmanager.pkg/Payload" 58137 blocks /tmp λ ll total 8 drwxrwxrwt 8 root wheel 256 Mar 31 09:23 . drwxr-xr-x 6 root wheel 192 Mar 20 09:49 .. -rw-r--r-- 1 chip staff 1217 Mar 31 09:23 Distribution drwxr-xr-x 3 chip wheel 96 Mar 31 09:23 PATHmanager.app drwx------ 3 chip wheel 96 Mar 20 09:50 com.apple.launchd.AUOVCHr68r drwx------ 5 chip staff 160 Dec 31 1969 com.chipcastle.pathmanager.pkg srwxr-xr-x 1 chip wheel 0 Mar 20 09:50 mykitty-1525 drwxr-xr-x 2 root wheel 64 Mar 30 15:31 powerlog /tmp λ open PATHmanager.app The application cannot be opened for an unexpected reason, error=Error Domain=RBSRequestErrorDomain Code=5 "Launch failed." UserInfo={NSLocalizedFailureReason=Launch failed., NSUnderlyingError=0x600003c9c0f0 {Error Domain=NSPOSIXErrorDomain Code=153 "Unknown error: 153" UserInfo={NSLocalizedDescription=Launchd job spawn failed}}}

Thanks for the tips! I tried sysdiagnose in various incantations, but received no output. Here's a sample: sudo sysdiagnose -H -v 30371 The 30371 is the pid for TestFlight on my system at the time. I'm new to sysdiagnose, so I could've easily used it improperly. I also inspected the contents of /private/var/tmp, which had on 2 directories, one of them being empty. The other only contained a binary file at /private/var/tmp/SoftwareUpdateCore/EventReporterPersistedState/SUCoreEventReporterState.state, but I'm assuming this is not related. At any rate, I clicked on the Send Feedback button from within TestFlight and provided a screenshot along with a description in case that helps. I'll also attach the screenshot here so you can see what I mean. Thanks again.

Thank you for the documentation. Let's see if I got the steps straight... I launched TestFlight, then from the Terminal I typed sudo sysdiagnose, clicking Enter for it to start processing. I then clicked Open from TestFlight and clicked Done on both error dialogs. Per the sysdiagnose instructions, I clicked Ctrl-\ within the Terminal to allow it to finish processing. Per the documentation you provided, I waited more than 10 minutes. At that point, neither did sysdiagnose bring the Finder to the front, nor did it create any files under it's directory. Here's verification: λ sudo sysdiagnose -H Password: Sysdiagnoses can be found at '/private/var/tmp' ~ λ ls -alR /private/var/tmp total 0 drwxrwxrwt 2 root wheel 64 Apr 2 21:17 . drwxr-xr-x 36 root wheel 1152 Mar 20 09:49 .. I have yet to hear back from support regarding my bug report, so I'll wait. Thanks again.

(Smacks head) Ha! Ok, I moved too fast on that one. Thanks for clarification. I extracted the resulting tar.gz file and inspected quite a few files, but I'm kinda flying blind here TestFlight feedback allows for attaching screenshots, but not other files. The archive is too large to attach here, so what would be of interest? Thanks.

Here's the file listing in case you see where I should focus. Thanks. sysdiagnose.tree.txt

Bug number: FB17118773 I tried exporting from Console any Process matching TestFlight to no avail. I didn't see anything of interest there, though. Thanks.

Actually, I just found this within the Console output: Library Validation failed: Rejecting '/Users/chip/Library/Containers/com.chipcastle.pathmanager/Data/tmp/tebako-runtime-20250404-48697-v1sra5/libui.dylib' (Team ID: none, platform: no) for process 'PATHmanager(48697)' (Team ID: BXN9N7MNU3, platform: no), reason: mapping process and mapped file (non-platform) have different Team IDs This is strange, because I'm using the same Team ID in the cert when codesigning the libui.dylib and the app bundle. Additionally, I'm unclear on why the dylib would be located under /Users/chip/Library/Containers/com.chipcastle.pathmanager/Data/tmp/tebako-runtime-20250404-48697-v1sra5/libui.dylib, because not only is that not where I initially built the binary, it's not where I copied it for codesigning.

Thank you for the tips on creating the crash report. Very helpful, and yes, libui.dylib does show up on lines 128 and 270-271 of attached report. However, I'm unclear on next steps. Thanks again. PATHmanager-2025-04-15-102823.ips

To recap, my Ruby files for the app are located under ./app, with the gems being "vendored". This library is located at ./app/vendor/bundle/ruby/3.3.0/gems/libui-0.1.2-arm64-darwin/vendor/libui.dylib. I'm curious if I should codesign the libui.dylib before building the binary with Tebako? If so, would I still need to codesign the Contents/Frameworks files under the app bundle? (I'm assuming yes on this latter point.) Thanks in advance for your suggestions.