Apple has been slowly tightening the screws on app notarization (code signing) requirements for running apps on macOS. To do it properly you need to be a registered developer ($100/year), and they're certainly not making it easy if you don't have access to a Mac.

https://support.apple.com/guide/security/app-code-signing-pr...

> On devices with macOS 10.15, all apps distributed outside the App Store must be signed by the developer using an Apple-issued Developer ID certificate (combined with a private key) and notarized by Apple to run under the default Gatekeeper settings.

Re: Developer ID Certificates: https://developer.apple.com/help/account/certificates/create...

I suspect the friction that users are facing are due to dodging the above requirements.

The whole sdk has a restriction that you can't use it off platform. The code signing thing is just a tax on ios devs

You need an apple ID. You cannot create one without using an apple device.

You can absolutely make an appleID without an Apple device. You can make one in-browser right now. https://account.apple.com/account?create

Have you actually tried it? Because I did some months ago to setup an AppleTV and it just does not work. It just hangs at the last step without telling you anything. If you inspect the server response it just says "Your account cannot be created at this time.".

What ultimately helped after weeks of trying and tinkering was installing VMware Workstation, patching it to enable macOS support, create a VM with the specific hardware configuration of an older MacBook, install an old version of macOS and do the 2FA from in there.

Use the link in my comment, it takes you straight to their signup page.

Think of it this way: if you required an apple device in order to make an Apple ID, then literally every single podcaster on Apple podcasts (which is still the dominant app for podcasts) must own an Apple device.

Did you even read what I wrote? It did not work. Apple even has an FAQ page for that error (without any useful solution). The suggestion to create an account via Apple Music app is useless since all it does is create an account which must be migrated via browser first (with the same problem). You can also find large threads on Reddit about the problem. Of course the availability of such a sign-up flow suggests it should be possibly, but having it broken for months is not a good look.

I stand corrected.

Needing an apple device to compile for an apple device is not an unreasonable requirement. Paying $100 every year is.

If you only publish free apps... you only pay $100 once.

No, sorry, but it is unreasonable.. Why should I need an apple device to compile my code for an apple device?

You can build Android apps on an Apple device, no problem. You can build Linux apps on an Apple device, no problem. etc... But the reverse isn't true. Its just more of Apple financially gate keeping their ecosystem so they make more money in as many channels as they possibly can.

Testing on real hardware is the ONLY time I would say that owning, or at least having access to the hardware has real tangible benefits, and I would argue that that you NEED or SHOULD do this.. But to block compiling to that ecosystem? Sorry but I fundamentally disagree.

Blocking compiling, means requiring xcode, which requires a mac, which requires you to give more money to Apple, and is no different IMHO than giving Apple $100 a year, because now you're giving them a lot more of that every X years (where x is how many years that laptop gets updates)

For decades, Microsoft only made Visual C++ for Windows, and alternatives like DJGPP weren't very good. This isn't unreasonable, it's just how programming works when you target a platform. Visual C++ relies on Windows because it's a Windows program, and Xcode is written for MacOS, not for Java or Electron.

What is stopping you from writing an open source alternative to Xcode that runs on Linux?

...The code signing requirement?

Why can't code be signed with open source tools?

you can code-sign with open-source tools. That's not the hard part. Signing with a certificate trusted by macOS , that's where there's no avoiding having to go to Apple.

Of course, but that wasn't the complaint, was it? The complaint was having to build on an apple device

I have a Macbook Pro M4 Max, an Apple Developer account, a bit of time, and some enthusiasm. Would love to help!

Notarize it.

You can run macOS in a docker container. There’s no hardware acceleration for gpu, but works well enough.

You can also try macinabox if you have unraid:

https://hub.docker.com/r/spaceinvaderone/macinabox

It’s probably the easiest way of setting up a Mac VM if you have unraid. I know there are similar options for qemu and kvm based hypervisors. If you have an amd gpu you should be able to pass it through.

But you can't distribute whatever you build legally as far as im aware. The apple sdks prevent you from shipping legally.

The only way atm is installing homebrew and using a gnu tool chain if I understand the license of the official sdks correctly?

Tangible thing versus conceptual thing. License never stood a chance.

quickemu [1] is good at running macOS VMs.

1: https://github.com/quickemu-project/quickemu

My only experience with docker is headless in CI. I do have AMD. I'll have to look into this. Thanks

Emulating mac or using mac SDKs on non apple devices is against apple's bullshit license though.

BS needs to be countered with rejection.

Best way to reject it is to ignore macOS.

If Apple finds out they’ll ban your developer certificates and then all installed copies of your app will stop working.

Has this ever happened? Not revoking certificates, which they've certainly done for malware or e.g. iOS "signing services", but because a developer used non-Apple hardware.

I am the dev of Pocket Squadron (https://play.google.com/store/apps/details?id=com.bombsight....) and a few years ago I tried to make a build for iOS due to many player requests. I did not have a mac so I setup a mac VM and a dev account to start making builds and see how big of a lift it would be. My account was banned unfortunately. Still no iOS build to this day, I'm probably missing out on a good bit of money.

Could have just created a new account. As I said, BS needs to e dealt with rejection... rejection of their ban in this case.

I don’t know the answer to that but a quick search shows lots of examples of people complaining that their developer certificate has been revoked, demonstrating a willingness by Apple to revoke certificates if they believe the developer violated their terms of service. I doubt Apple would go out of their way to include language in the agreement that binds developers to their own sanctioned platform if they didn’t intend to enforce it.

I would wager all of those are distributing malware.

I would take that wager. I highly doubt Apple’s revocation team has a 0% false positive rate.

I agree, but I think a better wager (and what GP probably meant) would be that all of these developers had their certificates revoked because Apple thought they were distributing malware. That's what the system is for.

Rather than making people run commands in Terminal, it would be more ideal to just tell people to try to run the app, then go to System Settings -> Privacy & Security -> scroll down until they see the Open Anyway button.

It'll be a skill they can use for any unsigned app and you can have cute screenshots. The Terminal command, on the other hand, is a huge barrier to entry.

I have a MacBook m4 Pro, m3, mac Mini m3, an apple developer account and willing to help.

I volunteer.

Why not build it as a web app and play via browser?

Contact the maintainer of macsourceports. They do exactly what you despise for dozens of projects.