How to properly use third-party dylib in a notarized app

All the code in your product should be signed by you. This is the right thing to do when distributing your app independently [1] and absolutely required by the Mac App Store [2]. In your case, I recommend that:

1. Embed this third-party library and helper tool in your bundle according to the rules in Placing Content in a Bundle.

2. Make sure both are signed by you as part of your build process.

I have two other resources that might be of interest:

• Embedding a command-line tool in a sandboxed app explains how to embed an existing command-line tool in your product.

• Embedding nonstandard code structures in a bundle explains how to fix the reference between the tool and its library.

Finally, remember that the tool will be run in a sandbox that it inherits from your app, so you have to make sure it works in that environment.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

[1] After all, you’re responsible for putting that code on the user’s machine. If that code induces nasal demons, saying “Oh, but it’s some other developer’s code!” is unlikely to be well received by your users.

[2] That’s because the Mac App Store re-signs your code during the distribution process.