Skip to content

Add publishing guidance for macOS applications #49417

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open

Add publishing guidance for macOS applications #49417

wants to merge 6 commits into from
+51 −0

Conversation

Copy link
Contributor

Copilot AI commented Oct 22, 2025
edited
Loading

  • Review existing documentation structure and patterns
  • Create the new macOS publishing documentation at docs/core/deploying/macos.md
  • Ensure proper frontmatter with author, date, and topic metadata
  • Format content according to repository writing style guidelines
  • Address review feedback on warning message
  • Fix macOS branding throughout the document
  • Add optional debugging and diagnostics entitlements
  • Add proper links to .NET publishing overview and Apple developer documentation
  • Clarify Native AOT terminology and add links to Native AOT documentation
  • Validate the documentation builds without warnings (will be checked by OPS status checker workflow)
  • Complete the task

Summary

Created a new macOS publishing documentation page at docs/core/deploying/macos.md that provides:

  • Prerequisites for macOS publishing (Apple Developer Account, Xcode Command Line Tools, .NET SDK)
  • Instructions to publish the app using methods from the main deployment overview (with link to /dotnet/core/deploying/)
  • Information about the native apphost and required entitlements
    • Apps not published as Native AOT require com.apple.security.cs.allow-jit entitlement
    • Apps published as Native AOT require no entitlements
    • Links to Native AOT documentation for more information
    • Optional entitlements for debugging and diagnostics: com.apple.security.get-task-allow for dump collection and com.apple.security.cs.debugger for attaching debuggers
  • Guidance to sign and notarize using Apple's documentation (with link to Apple's notarization guide)
  • Warning about application crashes when executing restricted operations without proper signing/notarization

The documentation follows all repository writing style guidelines:

  • Active voice with second person ("you")
  • Conversational tone
  • Sentence case headings
  • Proper frontmatter with ai-usage disclosure
  • Clear structure with prerequisites, instructions, and warnings
  • Correct Apple branding (macOS)
  • Proper links to related documentation
  • Clear terminology (Native AOT vs non-Native AOT apps instead of CoreCLR terminology)

This pull request was created as a result of the following prompt from Copilot chat.

Add a new documentation page for publishing .NET applications on Mac OS. This page, located at docs/core/deploying/macos.md, provides guidance on the additional requirements for publishing .NET apps on Mac OS, including code signing, notarization, and entitlements. The documentation includes:

  • Prerequisites (Apple Developer Account, Xcode Command Line Tools, .NET SDK)
  • Instructions to build and publish the app
  • Notes about the native apphost and required entitlements
  • Guidance to sign and notarize the app using Apple documentation
  • A warning about security warnings if not signed/notarized

Page authored by @agocke.

Refer to the following file content:

title: Mac OS
description: Learn how to publish .NET applications for Mac OS, including signing, notarization, and app entitlements.
author: @agocke
ms.date: [DATE]
ms.topic: how-to

Publish .NET Apps for Mac OS

Publishing .NET applications for Mac OS requires several additional steps compared to other platforms, due to Apple's security requirements.

Requirements

  • Apple Developer Account: Needed for code signing and notarization.
  • Xcode Command Line Tools: Provides codesign, altool, and other utilities.
  • .NET SDK: Ensure you have the latest .NET SDK installed.

Steps to Publish

1. Build and Publish Your App

Use one the methods described under Publishing to produce a application. This can either be a framework-dependent or self-contained application.

2. Apphost and Entry Point

.NET creates a native apphost executable as the entry point for your app. This apphost must be signed and, if your app uses special capabilities, it must be assigned the appropriate entitlements.

For CoreCLR apps, the com.apple.security.cs.allow-jit entitlement is required.

For Native AOT apps, no entitlements are required.

3. Sign and notarize

Use Apple's developer documentation to sign and notarize the binary.

Note: Failing to sign and notarize your app may result in users seeing security warnings or being unable to launch your application.

Create a pull request titled "Add publishing guidance for Mac OS applications".

Original prompt

Add a new documentation page for publishing .NET applications on Mac OS. This page, located at docs/core/deploying/macos.md, provides guidance on the additional requirements for publishing .NET apps on Mac OS, including code signing, notarization, and entitlements. The documentation includes:

  • Prerequisites (Apple Developer Account, Xcode Command Line Tools, .NET SDK)
  • Instructions to build and publish the app
  • Notes about the native apphost and required entitlements
  • Guidance to sign and notarize the app using Apple documentation
  • A warning about security warnings if not signed/notarized

Page authored by @agocke.

Refer to the following file content:

title: Mac OS
description: Learn how to publish .NET applications for Mac OS, including signing, notarization, and app entitlements.
author: @agocke
ms.date: [DATE]
ms.topic: how-to

Publish .NET Apps for Mac OS

Publishing .NET applications for Mac OS requires several additional steps compared to other platforms, due to Apple's security requirements.

Requirements

  • Apple Developer Account: Needed for code signing and notarization.
  • Xcode Command Line Tools: Provides codesign, altool, and other utilities.
  • .NET SDK: Ensure you have the latest .NET SDK installed.

Steps to Publish

1. Build and Publish Your App

Use one the methods described under Publishing to produce a application. This can either be a framework-dependent or self-contained application.

2. Apphost and Entry Point

.NET creates a native apphost executable as the entry point for your app. This apphost must be signed and, if your app uses special capabilities, it must be assigned the appropriate entitlements.

For CoreCLR apps, the com.apple.security.cs.allow-jit entitlement is required.

For Native AOT apps, no entitlements are required.

3. Sign and notarize

Use Apple's developer documentation to sign and notarize the binary.

Note: Failing to sign and notarize your app may result in users seeing security warnings or being unable to launch your application.

Create a pull request titled "Add publishing guidance for Mac OS applications".

This pull request was created as a result of the following prompt from Copilot chat.

Add a new documentation page for publishing .NET applications on Mac OS. This page, located at docs/core/deploying/macos.md, provides guidance on the additional requirements for publishing .NET apps on Mac OS, including code signing, notarization, and entitlements. The documentation includes:

  • Prerequisites (Apple Developer Account, Xcode Command Line Tools, .NET SDK)
  • Instructions to build and publish the app
  • Notes about the native apphost and required entitlements
  • Guidance to sign and notarize the app using Apple documentation
  • A warning about security warnings if not signed/notarized

Page authored by @agocke.

Refer to the following file content:

title: Mac OS
description: Learn how to publish .NET applications for Mac OS, including signing, notarization, and app entitlements.
author: @agocke
ms.date: [DATE]
ms.topic: how-to

Publish .NET Apps for Mac OS

Publishing .NET applications for Mac OS requires several additional steps compared to other platforms, due to Apple's security requirements.

Requirements

  • Apple Developer Account: Needed for code signing and notarization.
  • Xcode Command Line Tools: Provides codesign, altool, and other utilities.
  • .NET SDK: Ensure you have the latest .NET SDK installed.

Steps to Publish

1. Build and Publish Your App

Use one the methods described under Publishing to produce a application. This can either be a framework-dependent or self-contained application.

2. Apphost and Entry Point

.NET creates a native apphost executable as the entry point for your app. This apphost must be signed and, if your app uses special capabilities, it must be assigned the appropriate entitlements.

For CoreCLR apps, the com.apple.security.cs.allow-jit entitlement is required.

For Native AOT apps, no entitlements are required.

3. Sign and notarize

Use Apple's developer documentation to sign and notarize the binary.

Note: Failing to sign and notarize your app may result in users seeing security warnings or being unable to launch your application.

Create a pull request titled "Add publishing guidance for Mac OS applications".

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

Internal previews

📄 File 🔗 Preview link
docs/core/deploying/macos.md docs/core/deploying/macos

Copilot AI changed the title [WIP] Add documentation page for publishing .NET applications on Mac OS Add publishing guidance for Mac OS applications Oct 22, 2025
Copilot AI requested a review from agocke October 22, 2025 18:28
Copilot finished work on behalf of agocke October 22, 2025 18:28
agocke
agocke reviewed Oct 22, 2025
View reviewed changes
Copilot AI requested a review from agocke October 22, 2025 18:35
Copilot finished work on behalf of agocke October 22, 2025 18:35
@agocke agocke marked this pull request as ready for review October 22, 2025 19:02
@agocke agocke requested review from a team and adegeo as code owners October 22, 2025 19:02
@Copilot Copilot AI review requested due to automatic review settings October 22, 2025 19:02
Copilot
Copilot AI reviewed Oct 22, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds new documentation for publishing .NET applications on Mac OS, addressing Apple-specific requirements like code signing, notarization, and entitlements. The document is AI-assisted and follows the repository's style guidelines.

Key changes:

  • New how-to guide covering Mac OS publishing prerequisites and steps
  • Documentation of platform-specific entitlement requirements for CoreCLR vs Native AOT apps
  • Security guidance on signing and notarization requirements

@agocke
Copy link
Member

agocke commented Oct 22, 2025

cc @mmitche @jkoritzinsky @jjonescz

jkoritzinsky
jkoritzinsky reviewed Oct 22, 2025
View reviewed changes
Copilot AI changed the title Add publishing guidance for Mac OS applications Add publishing guidance for macOS applications Oct 22, 2025
Copilot finished work on behalf of agocke October 22, 2025 20:54
Copilot finished work on behalf of agocke October 22, 2025 20:56
mmitche
mmitche reviewed Oct 23, 2025
View reviewed changes
docs/core/deploying/macos.md Outdated

## Publish your app

Use one of the methods described in the [.NET application publishing overview](index.md) to produce an application. You can create either a framework-dependent or self-contained application.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

index.md file not found.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe link to publishing docs? https://learn.microsoft.com/en-us/dotnet/core/deploying/

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@copilot please fix

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed in commit e18a988. Changed the link from index.md to /dotnet/core/deploying/ to point to the published documentation.

mmitche
mmitche reviewed Oct 23, 2025
View reviewed changes
mmitche
mmitche reviewed Oct 23, 2025
View reviewed changes
docs/core/deploying/macos.md Outdated

## Sign and notarize

Use Apple's developer documentation to sign and notarize the binary.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Link to apple's developer docs?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added link to Apple's notarization documentation in commit e18a988.

Copilot AI requested a review from agocke October 23, 2025 15:59
Copilot finished work on behalf of agocke October 23, 2025 15:59
jkotas
jkotas reviewed Oct 24, 2025
View reviewed changes
docs/core/deploying/macos.md Outdated

.NET creates a native *apphost* executable as the entry point for your app. This apphost must be signed and, if your app uses special capabilities, it must be assigned the appropriate **entitlements**.

### Entitlements for CoreCLR apps
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"CoreCLR apps" is not something that we explain anywhere. We should explain this as apps published as Native AOT vs. apps not published as Native AOT. Also, link to Native AOT publishing topic from here.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@copilot

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updated in commit e97042e. Replaced "CoreCLR apps" terminology with "apps not published as Native AOT" and "apps published as Native AOT", and added links to the Native AOT documentation.

Copilot finished work on behalf of jkotas October 24, 2025 19:08
Copilot AI requested a review from jkotas October 24, 2025 19:08
jkotas
jkotas reviewed Oct 24, 2025
View reviewed changes
docs/core/deploying/macos.md

## Prerequisites

Before you publish your .NET application for macOS, ensure you have the following:
Copy link
Member

@jkotas jkotas Oct 24, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this talking about dotnet publish or some other kind of publish? I assume that it is the latter. Does it need clarification?

@jkotas jkotas self-requested a review October 24, 2025 19:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mmitche mmitche mmitche left review comments

Copilot code review Copilot Copilot left review comments

@jkoritzinsky jkoritzinsky jkoritzinsky approved these changes

@jjonescz jjonescz jjonescz approved these changes

@adegeo adegeo Awaiting requested review from adegeo adegeo is a code owner

@agocke agocke Awaiting requested review from agocke

@jkotas jkotas Awaiting requested review from jkotas

At least 1 approving review is required to merge this pull request.

Assignees

@agocke agocke

Copilot code review Copilot

Labels

dotnet-fundamentals/svc

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@agocke @jkoritzinsky @jjonescz @jkotas @mmitche