-
Notifications
You must be signed in to change notification settings - Fork 121
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
TiddlyDesktop.app is damaged and can't be opened. You should move it to the trash. #294
Comments
I'd guess this is probably caused by the code not being signed. The Then the last step will be to get the secret passed into the |
Another workaround that @Jermolene might be able to do is, after a draft release has been created by the GitHub Actions workflow, run the codesigning process on his computer and replace the macapplesilicon .zip file. That's going back to a manual step so it's less than ideal, but it would at least allow creating a stopgap release until the workflow can be tweaked to include the correct codesigning key in the correct file location. |
@Jermolene - You might find https://github.com/toitlang/action-macos-sign-notarize and/or https://github.com/toitlang/action-macos-sign-notarize/blob/main/action.yml helpful to get codesigning set up in GitHub Actions. |
Info that may help to diagnose the issue: I was able to download and install 0.0.18. macOS required going into System Settings > Security to allow 0.0.18 to be run. macOS does not even provide the option to do this for 0.0.20. It simply reports TiddlyDesktop.app as damaged. |
Thanks @rmunn. I've yet to get codesigning working, and certainly hope to do so. But it seems there has been a regression from v0.0.18 in terms of the behaviour of the build, do we know what accounts for that? |
Just want to confirm the behavior that @mpmanti sees. I get exactly the same problem with v0.0.20 but v0.0.18 works once the workaround in system Settings > Security is used. (I have an M1 Mac Studio running macOS 14.3.1). |
I get the delete application error with the mac silicon version v0.0.18 as well as with v0.0.20. I have tried installing v0.0.18 several times since the v0.0.18 version was released, but have not gotten the "open anyway" error, nor is there anything in the privacy & security section of system settings. Is there a chance that an earlier attempt to install v0.0.20 may have added something to my system that wasn't properly removed when I deleted the v0.0.20 app to install v0.0.18? Running latest version of MacOS (14.3.1 (23D60)) on an M2 MacBook Pro. Sorry - one additional point: I seem to remember that I did get the open error with the initial installation of V0.0.18 before I tried installing v0.0.20, but after that attempts to install v0.0.18 resulted in the delete application error. |
I would assume it's because v0.0.20 was built on GitHub, whereas v0.0.18 was built on your own Mac. And while your Mac has a copy of your private codesigning key, GitHub doesn't. So when the And yes, that's a codesigning error. https://www.howtogeek.com/803598/app-is-damaged-and-cant-be-opened/ mentions that app files contained in .zip files that have been downloaded from the Internet are subject to quarantine (I presume unless they're signed with a valid key, but that page doesn't say so). It's Apple's ham-handed way of forcing developers to use Apple's official app store and pay them a hefty fee for the privilege. Yes, it can also prevent the spread of some kinds of malware, but Apple's recent actions have proved that it's income, not the good of their users, that they really care about. (Search for "apple epic game store" without quotes if you want evidence of that assertion). Thing is, it's harming open-source software too. Anyway, rant about Apple's lousy business practices aside, the solution is definitely what I laid out in #294 (comment). You need to find where the codesigning key is stored on your computer, upload it to a repo secret, then pass it into the |
Hi @rmunn I've been following Apple's recent battles with interest, and agree with your assessment. I may not be able to work on the codesigning immediately (I need to make a new developer account with Apple). The current Apple Silicon builds appear to be useless. I might try just removing the codesigning line from the build scripts to see if that fairs any better. |
Hi @rmunn I've updated my Apple developer account, and started following these steps to get the necessary certificates installed in the GitHub Actions runner for macOS: Note that those instructions cover installing a provisioning profile, which I don't think we need, and so I have not created a I'm a bit stuck though because I'm not familiar with the new matrix stuff, and it's not clear where to put the macOS specific set up code – could you very kindly help with that? |
What you probably want to do is have a step in the workflow that runs only during an OS X build, e.g. diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index f3c6bf7..cc90abb 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -82,6 +82,17 @@ jobs:
NWJS_VERSION: ${{ steps.calc-version.outputs.nwjs-version }}
PLATFORM: ${{ matrix.platform }}
ARCH: ${{ matrix.arch }}
+ - name: "🍎 Codesigning Mac build..."
+ if: ${{ matrix.platform == 'osx' }}
+ run:
+ # Codesigning step would go here
+ # Maybe you need a file...
+ echo "$SECRET_KEY" > /some/path/to/file.txt
+ codesign --input /some/path/to/file.txt
+ # Or maybe a command-line parameter...
+ codesign --secret-value "$SECRET_KEY"
+ env:
+ SECRET_KEY: ${{ secrets.MY_CODESIGNING_KEY }}
- name: "📦 Packaging TiddlyDesktop..."
run: ./package.sh
env: |
The short version of the matrix stuff is that you can set up parallel builds in two ways:
What I mean by "have GitHub do it for you" is what you see in most Doing it yourself is what I did, where for each matrix entry, you can specify the exact values that go into it. The Either way, GitHub ends up creating a configuration object called |
Until the code-signing issue is resolved, this workaround will allow v0.0.20 to be run. This will remove the "quarantine" attribute from the application - use at your own risk! Verified on M2, MacOS 14.3.1
|
Another alternative to using |
I am facing the same problem on an M1 Mac. I tried the Intel build and the cat jumps a few times before the app opens. Which is visibly slow. I can live with this workaround till the code-signing issue is resolved. Thank you @mooconne |
I downloaded TiddlyDesktop-macapplesilicon-v0.0.20.zip to my M1 Max macBook Pro running macOS 14.3.1, unzipped it, and moved TiddlyDesktop.app to the Applications folder. macOS refuses to open TiddlyDesktop.app.
The text was updated successfully, but these errors were encountered: