Hardened Runtime is not enabled when Archive

Question

Hardened Runtime is not enabled when Archive

exelban opened this issue 4 years ago · 4 comments

Hi.
'm using this library for a while and it works perfectly. Till yesterday(

Yesterday I try to archive a new build of my application. And suddenly I receive the error: Hardened Runtime is not enabled.

At the beginning I run carthage build, but it not help. After I remove all carthage files and build all from scratch. It not help, the same error appears.

After I make a clean project in swift and add LaunchAtLogin. And on archive stage, I receive the same problem.

I check if copy-helper.sh works by adding an exit 1 at the end of the file. When the archive process stops on exit code 1. I go and verify if LaunchAtLoginHelper.app is signed. And it was signed with the correct ID.

MacOS version: 10.15.3/10.15.4
Xcode version: 11.4 (11E146)

The output from Archive:

Hardened Runtime is not enabled.

"LaunchAtLoginHelper.app" must be rebuilt with support for the Hardened Runtime. Enable the Hardened Runtime capability in the project editor, test your app, rebuild your archive, and upload again.

And critical.log:

2020-04-07 15:43:22 +0000  Distribution items ineligible: Error Domain=IDEDistributionMethodDeveloperIDErrorDomain Code=1 "Hardened Runtime is not enabled." UserInfo={NSLocalizedDescription=Hardened Runtime is not enabled., NSLocalizedRecoverySuggestion="LaunchAtLoginHelper.app" must be rebuilt with support for the Hardened Runtime. Enable the Hardened Runtime capability in the project editor, test your app, rebuild your archive, and upload again.}

Answer 1 · 2020-04-18T17:16:10.000Z

Same issue
MacOS version: 10.15.3/10.15.4
Xcode version: 11.4 (11E146)

Answer 2 · 2020-04-29T16:31:39.000Z

If you would do a search for "hardened" in this repo you would find issue #20
where the solution was posted.
Have a Run Script in your Build Phases and run this:

LOCATION="$BUILT_PRODUCTS_DIR/$CONTENTS_FOLDER_PATH/Library/LoginItems/LaunchAtLoginHelper.app"

# By default, use the configured code signing identity for the project/target
IDENTITY="${CODE_SIGN_IDENTITY}"
if [ "$IDENTITY" == "" ]
then
# If a code signing identity is not specified, use ad hoc signing
IDENTITY="-"
fi
echo "Hardening Launch At Login Helper with developer identity \"$IDENTITY\"..."
codesign --verbose --force --deep -o runtime --sign "$IDENTITY" "$LOCATION"

Answer 3 · 2020-05-02T17:16:36.000Z

@nodeful that doesn't work for me, I'm using Carthage not Pods because of the dropped support. Are there any other steps needed? I'm first calling the helper script and then after the script you've written above. The error I get is at runtime, not buildtime:

dyld: Library not loaded: @rpath/LaunchAtLogin.framework/Versions/A/LaunchAtLogin
Reason: no suitable image found.  Did find:
/Contents/MacOS/../Frameworks/LaunchAtLogin.framework/Versions/A/LaunchAtLogin: code signature in
/Contents/MacOS/../Frameworks/LaunchAtLogin.framework/Versions/A/LaunchAtLogin) not valid for use in process using Library Validation: mapped file has no Team ID and is not a platform binary (signed with custom identity or adhoc?)

Answer 4 · 2020-09-23T22:26:56.000Z

I'd recommend switching to SPM for this, which should have fewer problems: https://github.com/sindresorhus/LaunchAtLogin/releases/tag/v4.0.0