The entitlement
com.apple.security.temporary-exception.iokit-user-client-class
is set to boolean true by Projucer
Apple does not accept this (anymore), it has to be an array or string
Apple review:
Guideline 2.4.5(i) - Performance
Your app incorrectly implements sandboxing, or it contains one or more entitlements with invalid values. Please review the included entitlements and sandboxing documentation and resolve this issue before resubmitting a new binary.
Entitlement “com.apple.security.temporary-exception.iokit-user-client-class” value must be string, or array or dictionary of strings, but contains value “True”.
In order to provide a proper fix for this issue, I’d like to come up with a reasonable test case. Can you share more about your usage of this entitlement?
Are you accessing a custom kernel extension through it? Are you aware of openly available kernel extensions with public APIs that could be used for testing this setting?
Hi Attila, thanks for getting back to me.
It occurs with just a standard JUCE macos auv3 and standalone that comes with it, sandbox enabled, hardened runtime. down to macos 14.0 compatible, x86_64, arm64,arm64e
Juce 7.0.5 ( due to deadline I postponed updating )
Deleting the row from the entitlement files was the solution, apple didn’t like the empty value
The wrong line was at the bottom of this:
EDIT: the security.inherit option is not causing the problem, I have removed it now, I dont think I need it.
Apple review allso complaint about failing descrption of microphone use. Is that boolean at device.microphone also wrong? EDIT: the user readable micorphone reason line in Projucer is normally set.
Sorry about the mess here, I hope to learn something here
You probably don’t need either the inherit or the iokit entitlements. The first comes into play when you launch subprocesses, and the second is needed if you want to interact with kernel extensions.
