The Codesign command adds extended attributes to files that previously had no extended attributes.
In my case codesign add following extended attributes to text file in Frrameworks folder: com.apple.cs.CodeDirectory com.apple.cs.CodeRequirements com.apple.cs.CodeRequirements-1 com.apple.cs.CodeSignature
Can I somehow prevent this behavior?
Thank you.
The presence of code signing extended attributes is worrying, and it’s definitely something you should investigate and try to fix. It typically means that your code isn’t following the rules outlined in Placing Content in a Bundle, or you’re manually signing code and not following the process in Creating distribution-signed code for macOS.
By way of explanation, code signing uses these extended attributes when it’s signing a data item as if it were code. As the data item doesn’t have a place to store the code signature, codesign places it in extended attributes. See TN3126 Inside Code Signing: Hashes for more on that.
These extended attributes are a worry for two reasons. First, it’s not uncommon for code to be transferred via a channel that doesn’t preserve extended attributes. If that happens to code that uses extended attributes for its code signature, it breaks the code signature O-:
The other issue is that the most common cause of this problem is a bad bundle structure and, quoting Placing Content in a Bundle:
If you put content in the wrong location, you may encounter hard-to-debug code signing and distribution problems. These problems aren’t always immediately obvious.
In my case codesign add … extended attributes to text file in [Frameworks] folder
You shouldn’t have text files in the Frameworks directory. That location is reserved for code. The fix is to move those frameworks in a location that’s appropriate for data.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"