security policy does not allow @ path expansion

When building for the Mac:

• Do enable the hardened runtime. It opts you in to import security enhancements.

• Don’t disabling library validation. Library validation is one of those important security enhancements. Disabling it makes your app significantly less secure. It also causes all sorts of other problems, as the OS attempts to ensure that your app doesn’t get compromised in some way.

A particularly gnarly example of that last point is the issue discussed in Resolving Gatekeeper Problems Caused by Dangling Load Command Paths. I believe that your current issue a less gnarly incarnation of the same thing.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Hi Quinn, thanks as always for your reply.

I did have hardened runtime enabled and I still see the error. I tried enabling the library validation because the error relates to a library. I removed it and the issue persists.

I've refactored my code to remove the dependency on the library, but now the widget won't appear as available to install† at all. Out of desperation I've tried converting to the new AppIntents, that seems like a good idea generally but it hasn't helped in this case.

Here's what I've found most recently:

• make a new widgets extension with a bundle id with that ends in widgets instead of widget. it appears
• remove the old widget extension and rename the new one to without the S it doesn't appear
• rename it to with the S it appears again

So I assume this is something to do with signing or security, as at that point it's nothing to do with my code.

As an aside, the default widget target generated by Xcode doesn't have a hardened runtime entitlement and it works. But it's also just hello world so 🤷

I should have said, I went through quite a bit of your post, but ran out of time that day. I'll go through it again. My is currently just in development for macOS but I don't intend to make it available outside of the Mac App Store, and I'm developing in Xcode so I think quite a lot of it is out of scope for this issue.

Any advice on how to debug this further would be appreciated.

† by available to install I mean if you bring up Notification Centre and tap "Edit Widgets" it doesn't appear on the list of apps

Some stuff I should add:

• I can't find anything in the crash logs or the console logs which seems to be related to me
• the same code works fine on iOS

I've refactored my code to remove the dependency on the library, but now the widget won't appear as available to install† at all.

I can’t really help you on the widgets front; other folks in DTS deal with that technology. If you’re no longer seeing this dynamic linker error then I recommend that you start a new thread in the App & System Services > Widgets & Live Activities topic area.

If you want to dig deeper on the dynamic linking issue, I’m happy to do that here.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Thanks Quinn.

I realised that because the issue is just down to the bundle ID I can make a demo project to recreate it, which I've done. So I can raise a DTS ticket now.

Thanks again, Lewis