SwiftPM binaryTarget dependency and code signing

I'm working with the new 5.3 tools using Xcode 12 beta3 to create a library SwiftPM package. This library depends on another SwiftPM package that wraps a binary static xcframework defined as a binaryTarget. When I link to an application and try to run it on device, it fails to install with a no code signature found error. Before including the new library the application installed and ran on device fine so I'm assuming that this comes from the new library. The SwiftPM library package builds and tests just fine so I'm assuming that its the package for the xcframework that is introducing the issue. Since code signing doesn't seem to be addressed yet, is this just something that cannot be done at this time?


We not aware of this so far, would be great if you could file a bug report with a reproducible case. Thanks!

I'm working on a reproducible case. But as I did so I found out additional information. It isn't just adding the binaryTarget SwiftPM package dependency that is required to see the issue. It is the combination of the binaryTarget package and linking a binary framework (old style .framework, not .xcframework and not available as .xcframework yet sadly) that causes the problem. I've also reproduced the issue with other .frameworks, so it doesn't seem to be one specific framework that is causing the issue.

Bug report with attached test case created.

Additional issue/bug report filed here: https://bugs.swift.org/browse/SR-13345
Providing dynamic xcframeworks via SwiftPM binaryTarget packages also fail to execute on devices. The dynamic library is not found.

I have run into the same issue with a dynamic library XCFramework installed with Swift Package Manager:
Domain: com.apple.dt.MobileDeviceErrorDomain
Code: -402620388
No code signature found.

Comparing to manual installation of the framework, I see the same error when Xcode's Embed Settings are set to "Embed without signing".
Is there a way with the package manager to achieve the equivalent of setting "Embed & Sign"?

Yeah this is happening in Xcode GM too.

Kyle I'm also having Code: -402620388 No code signature found error on Xcode 12 GM too, and I've tried literally every combination I can think of, stripping out multiple frameworks from both SPM and Carthage. Do you have any advice on how to figure out which framework/app extension is the culprit?

IM pretty sure its either Firebase, or Kochava in our case.

If you open up something like Atom, or some text editor, goto the Derived Data directory for the app in question, and do a find for .binaryTarget. You'll see the list of culprits.

Firebase! I just switched them from Carthage to Swift Package Manager as part of our upgrade to Xcode 12. I will try reverting back to Carthage (which ironically is also very broken: https://github.com/Carthage/Carthage/issues/3019) and see if deploying to device resolves.

We live in exciting times.

Also confirmed that Swift Package manager is still broken with Xcode 12 GM, with dynamic frameworks in particular.
@NeoNacho is there any sense of when Swift PM is going to support XCFrameworks with Dynamic libraries?

I'm looking into this issue right now, we hadn't encountered it in our internal testing.

Let me know if I can help at all on the Firebase side, seeing this issue in the GM on our side: https://github.com/firebase/firebase-ios-sdk/issues/6472

Note that we’re using static frameworks for FirebaseAnalytics XCFrameworks, not dynamic.

Trying to figure things out on our end as well!

Is there a feedback report for this particular issue? This seems like an additional bug.

The static framework issue seems to be related to Xcode 12 requiring an arm64 simulator slice. https://stackoverflow.com/a/63622570 is a workaround.

That work around results in not being able to build for device at all.

Build input file cannot be found: '/Users/kylebrowning/Library/Developer/Xcode/DerivedData/theathletic-ios-cudvqzmwwewqssahejwgotfeabuo/Build/Products/Debug-iphoneos/theathletic-ios.app/theathletic-ios'

Update on the dynamic frameworks -
I succeeded in installing and deploying an unsigned version of our dynamic XCFramework into an app.
We usually code sign the library using a distribution certificate, and the signed version of the library produces an error on deployment: https://bugs.swift.org/browse/SR-13366.

We've been code signing but also recommended that integrators use the "Embed & Sign" Embed setting when linking the framework to their project.
Does SPM have an expectation on the code signature of XCFrameworks?
(c.c. @NeoNacho)

Looks like I conflated this issue with another above in my comment above.

I am able to reproduce the Xcode 12 GM regression of failing to install apps that include a Swift Package with binary static frameworks. Reported at https://feedbackassistant.apple.com/feedback/8705974

I was finally able to bypass this No code signature found issue. As the last build phase, I have added a script which signs the frameworks inside the compiled app, meaning all frameworks inside $CODESIGNING_FOLDER_PATH/Frameworks. Unfortunately, I can't share my script since it is based on a codesign.py file which SAP published as part of their proprietary SAP Cloud Platform SDK 5.0 (https://blogs.sap.com/2020/03/06/cp-sdk-for-ios-5.0-released/). Without googling, I guess there are a few more scripts available out there for the same purpose :slight_smile:.

Terms of Service

Privacy Policy

Cookie Policy