User Profile

I have a requirement to download and install a required package before starting the actual task in a MAC application. and the downloaded package is coming from the private server through https API, I tried to run mount process for the file but it fails for .dmg formate. let task = Process.launchedProcess(launchPath: "/usr/bin/hdiutil", arguments: ["attach", "-verbose", "-debug", "-mountroot", "/dev/disk2","<path of downloaded file>"]) task.waitUntilExit() It says hdiutil: attach failed - Device not configured So I thought of asking the backend developer to provide .XIP, would that be a solution? Because I think that won't give any signing or permission issue. Any Suggestion?

The mac app I am developing is going to release outside mac app store, So I have turned off sandboxing because it was restricting some required functionality (like opening a dmg from app) in app. And there is no plan to distribute it on app store, so If I do not sign the app with any Developer ID at all, would that be fine/ right approach?