Add publishing guidance for macOS applications

[Copilot]

• Review existing documentation structure and patterns
• Create the new macOS publishing documentation at docs/core/deploying/macos.md
• Ensure proper frontmatter with author, date, and topic metadata
• Format content according to repository writing style guidelines
• Address review feedback on warning message
• Fix macOS branding throughout the document
• Add optional debugging and diagnostics entitlements
• Validate the documentation builds without warnings (will be checked by OPS status checker workflow)
• Complete the task

Summary

Created a new macOS publishing documentation page at docs/core/deploying/macos.md that provides:

• Prerequisites for macOS publishing (Apple Developer Account, Xcode Command Line Tools, .NET SDK)
• Instructions to publish the app using methods from the main deployment overview
• Information about the native apphost and required entitlements
  • CoreCLR apps require com.apple.security.cs.allow-jit entitlement
  • Native AOT apps require no entitlements
  • Optional entitlements for debugging and diagnostics: com.apple.security.get-task-allow for dump collection and com.apple.security.cs.debugger for attaching debuggers
• Guidance to sign and notarize using Apple documentation
• Warning about application crashes when executing restricted operations without proper signing/notarization

The documentation follows all repository writing style guidelines:

• Active voice with second person ("you")
• Conversational tone
• Sentence case headings
• Proper frontmatter with ai-usage disclosure
• Clear structure with prerequisites, instructions, and warnings
• Correct Apple branding (macOS)

This pull request was created as a result of the following prompt from Copilot chat.

Add a new documentation page for publishing .NET applications on Mac OS. This page, located at docs/core/deploying/macos.md, provides guidance on the additional requirements for publishing .NET apps on Mac OS, including code signing, notarization, and entitlements. The documentation includes:

• Prerequisites (Apple Developer Account, Xcode Command Line Tools, .NET SDK)
• Instructions to build and publish the app
• Notes about the native apphost and required entitlements
• Guidance to sign and notarize the app using Apple documentation
• A warning about security warnings if not signed/notarized

Page authored by @agocke.

Refer to the following file content:

---

---

title: Mac OS
description: Learn how to publish .NET applications for Mac OS, including signing, notarization, and app entitlements.
author: @agocke
ms.date: [DATE]
ms.topic: how-to

Publish .NET Apps for Mac OS

Publishing .NET applications for Mac OS requires several additional steps compared to other platforms, due to Apple's security requirements.

Requirements

• Apple Developer Account: Needed for code signing and notarization.
• Xcode Command Line Tools: Provides codesign, altool, and other utilities.
• .NET SDK: Ensure you have the latest .NET SDK installed.

Steps to Publish

1. Build and Publish Your App

Use one the methods described under Publishing to produce a application. This can either be a framework-dependent or self-contained application.

2. Apphost and Entry Point

.NET creates a native apphost executable as the entry point for your app. This apphost must be signed and, if your app uses special capabilities, it must be assigned the appropriate entitlements.

For CoreCLR apps, the com.apple.security.cs.allow-jit entitlement is required.

For Native AOT apps, no entitlements are required.

3. Sign and notarize

Use Apple's developer documentation to sign and notarize the binary.

Note: Failing to sign and notarize your app may result in users seeing security warnings or being unable to launch your application.

---

Create a pull request titled "Add publishing guidance for Mac OS applications".

Original prompt

Add a new documentation page for publishing .NET applications on Mac OS. This page, located at docs/core/deploying/macos.md, provides guidance on the additional requirements for publishing .NET apps on Mac OS, including code signing, notarization, and entitlements. The documentation includes:

• Prerequisites (Apple Developer Account, Xcode Command Line Tools, .NET SDK)
• Instructions to build and publish the app
• Notes about the native apphost and required entitlements
• Guidance to sign and notarize the app using Apple documentation
• A warning about security warnings if not signed/notarized

Page authored by @agocke.

Refer to the following file content:

---

---

title: Mac OS
description: Learn how to publish .NET applications for Mac OS, including signing, notarization, and app entitlements.
author: @agocke
ms.date: [DATE]
ms.topic: how-to

Publish .NET Apps for Mac OS

Publishing .NET applications for Mac OS requires several additional steps compared to other platforms, due to Apple's security requirements.

Requirements

• Apple Developer Account: Needed for code signing and notarization.
• Xcode Command Line Tools: Provides codesign, altool, and other utilities.
• .NET SDK: Ensure you have the latest .NET SDK installed.

Steps to Publish

1. Build and Publish Your App

Use one the methods described under Publishing to produce a application. This can either be a framework-dependent or self-contained application.

2. Apphost and Entry Point

.NET creates a native apphost executable as the entry point for your app. This apphost must be signed and, if your app uses special capabilities, it must be assigned the appropriate entitlements.

For CoreCLR apps, the com.apple.security.cs.allow-jit entitlement is required.

For Native AOT apps, no entitlements are required.

3. Sign and notarize

Use Apple's developer documentation to sign and notarize the binary.

Note: Failing to sign and notarize your app may result in users seeing security warnings or being unable to launch your application.

---

Create a pull request titled "Add publishing guidance for Mac OS applications".

This pull request was created as a result of the following prompt from Copilot chat.

Add a new documentation page for publishing .NET applications on Mac OS. This page, located at docs/core/deploying/macos.md, provides guidance on the additional requirements for publishing .NET apps on Mac OS, including code signing, notarization, and entitlements. The documentation includes:

• Prerequisites (Apple Developer Account, Xcode Command Line Tools, .NET SDK)
• Instructions to build and publish the app
• Notes about the native apphost and required entitlements
• Guidance to sign and notarize the app using Apple documentation
• A warning about security warnings if not signed/notarized

Page authored by @agocke.

Refer to the following file content:

---

---

title: Mac OS
description: Learn how to publish .NET applications for Mac OS, including signing, notarization, and app entitlements.
author: @agocke
ms.date: [DATE]
ms.topic: how-to

Publish .NET Apps for Mac OS

Publishing .NET applications for Mac OS requires several additional steps compared to other platforms, due to Apple's security requirements.

Requirements

• Apple Developer Account: Needed for code signing and notarization.
• Xcode Command Line Tools: Provides codesign, altool, and other utilities.
• .NET SDK: Ensure you have the latest .NET SDK installed.

Steps to Publish

1. Build and Publish Your App

Use one the methods described under Publishing to produce a application. This can either be a framework-dependent or self-contained application.

2. Apphost and Entry Point

.NET creates a native apphost executable as the entry point for your app. This apphost must be signed and, if your app uses special capabilities, it must be assigned the appropriate entitlements.

For CoreCLR apps, the com.apple.security.cs.allow-jit entitlement is required.

For Native AOT apps, no entitlements are required.

3. Sign and notarize

Use Apple's developer documentation to sign and notarize the binary.

Note: Failing to sign and notarize your app may result in users seeing security warnings or being unable to launch your application.

---

Create a pull request titled "Add publishing guidance for Mac OS applications".

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

---

Internal previews

📄 File	🔗 Preview link
docs/core/deploying/macos.md	docs/core/deploying/macos

[Copilot]

Pull Request Overview

This PR adds new documentation for publishing .NET applications on Mac OS, addressing Apple-specific requirements like code signing, notarization, and entitlements. The document is AI-assisted and follows the repository's style guidelines.

Key changes:

• New how-to guide covering Mac OS publishing prerequisites and steps
• Documentation of platform-specific entitlement requirements for CoreCLR vs Native AOT apps
• Security guidance on signing and notarization requirements

[agocke]

cc @mmitche @jkoritzinsky @jjonescz

[jkoritzinsky]

We should consider adding information about the other entitlements that may be useful for .NET tooling (such as get-task-allow for createdump and dotnet dump).

[agocke]

Yes, it would be good to outline that:

• com.apple.security.get-task-allow is needed for dump collection
• com.apple.security.cs.debugger -- needed to attach debugger to the process

@copilot Please add this

[Copilot]

Added the debugging entitlements in commit 115eefc:

• com.apple.security.get-task-allow for dump collection
• com.apple.security.cs.debugger for attaching debuggers

Also fixed the macOS branding throughout the document.