I am experiencing a problem with codesigning on Mac OSX (Catalina and older), that I cannot find any answer for. I do have a *.component file, that I am codesigning and notarizing with my Apple Developer ID, which is working perfect. As a post-install step on the target machine, I need to include some installation info within the component's Info.plist (so I am writing back to that *.plist file), which would then qualify as a manipulation of the component itself - ergo, the component's signing is going to be corrupt at this point (the host software will not load my software any more).
So I was trying to follow some advice and do a "blind" codesigning as additional post-install step on the user's machine with:
sudo codesign --force --deep -s - ABC.componentThis was just working perfect for a few users, just when I found out, not everyone can make use of this (especially older Mac OSX). Sometimes this command will just not result in a properly signed component. One of the users then found out, he had to update XCode CL Tools, to sign the file. He went:
xcode.select --installI have tested this with several other users and it worked with them, too.
Here comes the issue:
As a result, I need to make sure, the user has installed the right version of XCode Command Line Tools, but a lot of my clients do install on an offline device - so I would not be able to have xcode-select --install as a post-install step (because no internet connection).
Is it somehow possible to bundle the proper XCode Command Line Tools into my installer and make use of it? Or do you see any other solution for the whole problem?
Thank you so much for your help.