Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

libjlinenative.jnilib not signed #1033

Open
davidcockbill opened this issue Jul 11, 2024 · 4 comments
Open

libjlinenative.jnilib not signed #1033

davidcockbill opened this issue Jul 11, 2024 · 4 comments

Comments

@davidcockbill
Copy link

I am trying to notarize a dmg and it is failing due to libjlinenative.jnilib not being signed.

For my application, jline is brought in as a transitive dependency by scala-compiler

Running mvn org.apache.maven.plugins:maven-dependency-plugin:3.4.0:tree:

Notarize works:

[INFO] +- org.scala-lang:scala-compiler:jar:2.13.13:compile
[INFO] |  +- org.scala-lang:scala-library:jar:2.13.13:compile
[INFO] |  +- org.scala-lang:scala-reflect:jar:2.13.13:compile
[INFO] |  \- org.jline:jline:jar:3.24.1:compile

Notarize broken:

[INFO] +- org.scala-lang:scala-compiler:jar:2.13.14:compile
[INFO] |  +- org.scala-lang:scala-library:jar:2.13.14:compile
[INFO] |  +- org.scala-lang:scala-reflect:jar:2.13.14:compile
[INFO] |  \- org.jline:jline:jar:3.25.1:compile

The error in questions is as follows (sensitive details changed to protect the guilty):

xcrun notarytool log 07fa4c77-ca9e-4132-943e-b89b1c987c01 --apple-id <apple id> --team-id <team> --password <pwd>
{
  "logFormatVersion": 1,
  "jobId": "07fa4c77-ca9e-4132-943e-b89b1c987c01",
  "status": "Invalid",
  "statusSummary": "Archive contains critical validation errors",
  "statusCode": 4000,
  "archiveFilename": "Product.dmg",
  "uploadDate": "2024-07-11T05:34:21.588Z",
  "sha256": "9b159e1bd55fa61d5450f6861458a15113e103f61ef8370c8aa60888028cac49",
  "ticketContents": null,
  "issues": [
    {
      "severity": "error",
      "code": null,
      "path": "Product.dmg/Product.app/Contents/Java/lib/jline-3.25.1.jar/org/jline/nativ/Mac/x86/libjlinenative.jnilib",
      "message": "The binary is not signed.",
      "docUrl": "https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/resolving_common_notarization_issues#3087721",
      "architecture": "i386"
    },

<SNIP>

Essential libjlinenative.jnilib is not signed. This occurs both on Intel and Arm.

If I override the transitive jline version to pull in the latest version (3.26.2) it still fails. If I pull in the latest scala-compiler and override jline with version 3.24.1 the notarize is a success.
@gnodet
Copy link
Member

gnodet commented Jul 17, 2024

We've never signed anything on our side, maybe the Scala guys did sign JLine on their side somehow ?

@davidcockbill
Copy link
Author

Hi gnodet,

Thanks for your reply. You are probably correct about Scala signing JLine. For now I have a workaround; but I guess the intent of the original bug still stands. If this artefact is to be built into a Mac application it should really be signed.

Thanks,
Dave.

@SethTisue
Copy link

You are probably correct about Scala signing JLine

I don't think so, we don't do anything special with JLine, it's just an ordinary dependency. (I am the Scala 2 release manager.)

@davidcockbill
Copy link
Author

Seth, thanks for your valued knowledge!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@gnodet @SethTisue @davidcockbill