Notarisation taking around 24hours then accepted

Question

Created Jul ’24

Replies 4

Boosts 0

Participants 4

Im using a git actions CI/CD pipeline for my automated deployment and I'd like to include notarisation in this process. Right now when I'm submitting for notarisation manually/locally it's taking around 24 hours and then is eventually successfully accepted. \

Using a git actions server to do this has a cost per minute (and an even higher cost at 10x per minute for a Mac-OS machine), so notarising with a 24hr turn around time is not feasible.

Ive submitted my application many times and it's been the same experience each time taking around 24 hours and then being accepted. How can I shorten the time frame on this or even find out what I might be doing wrong to cause such a long time for a response?

here my log: { "logFormatVersion": 1, "jobId": "3ccf4652-60dc-4fd1-b281-23d49b2b7bb1", "status": "Accepted", "statusSummary": "Ready for distribution", "statusCode": 0, "archiveFilename": "AudioMap.dmg", "uploadDate": "2024-07-14T16:51:02.848Z", "sha256": "614c5992133d61094b39b6a5d00a225d2fc7efe78ab0e59cd47c78275602cb59", "ticketContents": [ { "path": "AudioMap.dmg", "digestAlgorithm": "SHA-256", "cdhash": "9d4f500a2fd49769b99f921d3fbe8ef753604abe" }, { "path": "AudioMap.dmg/AudioMap.app", "digestAlgorithm": "SHA-256", "cdhash": "b1fa9c86be805ef28c645f3b03631e2e5873ce77", "arch": "arm64" }, { "path": "AudioMap.dmg/AudioMap.app/Contents/Frameworks/libsodium.26.dylib", "digestAlgorithm": "SHA-256", "cdhash": "6228e3fdcd29c080ae45d1bc5a6af10960db8938", "arch": "arm64" }, { "path": "AudioMap.dmg/AudioMap.app/Contents/MacOS/AudioMap", "digestAlgorithm": "SHA-256", "cdhash": "b1fa9c86be805ef28c645f3b03631e2e5873ce77", "arch": "arm64" }, { "path": "AudioMap.dmg/AudioMap.app/Contents/Frameworks/libsodium.26.dylib", "digestAlgorithm": "SHA-256", "cdhash": "6228e3fdcd29c080ae45d1bc5a6af10960db8938", "arch": "arm64" } ], "issues": null }

Boost

Answer 1

Engineer OP

Apple

Jul ’24

Accepted Answer

Recommended

We looked into your uploads, and everything is working fine.

The first time a developer uploads a new app to the macOS notary service, our systems take a while to analyze it in-depth and generate a "fingerprint" to distinguish it from all the other apps developers upload, including malware.

If your app is minimal (e.g. "hello world" or mostly consists of a common library), you may need to implement more of your functionality and then notarize it. Once this step is complete, future versions of the same codebase should be processed more quickly.

3

Answer 2

Engineer OP

Apple

Jul ’24

Also, we covered some topics you may find useful in our March 2024 Q&A https://developer.apple.com/news/?id=s8eigiyj

2

Answer 3

scradeley OP

Jul ’24

My app is not minimal at all but in fact quite developed and very specific. It does include the popular JUCE library as it is an audio app as well as the libsodium library for encryption purposes but it is a very unique application with advanced functionality.

  I have submitted multiple versions and its still taking around 20 hours to be notarised each time.

  At what point or with what changes might I expect this turn around time to improve, or is that just the way it is? Or perhaps am I doing something wrong? How can I improve the turn around time on this?

Are there any other avenues to seek more specific feedback on how can I best optimise my app with respect to this?

2

Answer 4

VoyageDev OP

Aug ’24

Facing same issue, but haven't had my plugin using JUCE library notarized yet. It's just waiting...over an hour so far. I've done this plenty of times with older versions of my plugin and never had this issue.

edit: it was an issue with the dmg mounted via a second instance. I've since uploaded fine.

1