MacOS Library Validation


When running a UPDD Client application you may see the following or similar error relating to the use of our libraries:

/usr/local/lib/libupddapi.1.0.0.dylib: code signature in (/usr/local/lib/libupddapi.1.0.0.dylib) not valid for use in process using Library Validation: mapping process has no Team ID and is not a platform binary

This issue is a "library validation" security feature which requires all third party libraries used by an app to be signed by the same team ID as the application itself (where each Apple developer account has one team ID). This of course is not the case -- our library is signed by our team ID, your app will be signed by your team ID or, as the error indicates, not signed with any team ID at all.

The issue is being reported since Apple enabled this feature by default starting with Xcode 11.

We believe there are two possible ways to handle this:

1. Resign our library using your own certificate so that the team IDs match

2. Disable this security requirement in your app. This doc page discusses how this is achieved:

https://developer.apple.com/documentation/bundleresources/entitlements/com_apple_security_cs_disable-library-validation

We recommend option 2 as it is the simplest option and it looks like that's the intended course for software that utilizes third party libraries.