I’m reluctant to just revert this change, as it’s necessary to run console apps built with Xcode 14.1+:
It would be helpful to know how your project is configured. Have you specified a code-signing identity and development team ID, or are you leaving those fields blank? Are you manually signing the app, e.g. in a post-build step? How is libavcodec.dylib added to the bundle, and during which part of the build?
After investigating, it looks like previously (with an empty signing identity), Xcode would bypass the signing step for GUI apps, so the resulting app would be linker-signed:
CodeDirectory v=20400 size=236163 flags=0x20002(adhoc,linker-signed) hashes=7377+0 location=embedded
Signature=adhoc
Info.plist=not bound
TeamIdentifier=not set
Sealed Resources=none
Internal requirements=none
When we completely remove the CODE_SIGN_IDENTITY key from the xcproj, Xcode adds a codesign step, and signs with the identity "-". The resulting binary has the following characteristics:
CodeDirectory v=20400 size=236396 flags=0x2(adhoc) hashes=7377+7 location=embedded
Signature=adhoc
Info.plist entries=20
TeamIdentifier=not set
Sealed Resources version=2 rules=13 files=1
Internal requirements count=0 size=12
My suspicion is that adding a framework to the bundle after the signing step will invalidate the bundle signature, but without detailed information about your build process, it’s difficult to say exactly what’s going wrong.
If I create a completely new app in Xcode, setting the development team to “None” in the wizard, then the generated project has no CODE_SIGN_IDENTITY key, but the product will still be automatically signed with an identity of “-”. I think it’s probably a good idea for JUCE projects to mirror this approach, so my preference would be to find a way of ensuring that any embedded frameworks are also correctly signed.
Using --deep is probably not a good idea:
It looks to me like Xcode defaults to resigning embedded frameworks during the build. Assuming the framework was specified as an “embedded framework” in the Projucer, I would expect this to work automatically.