“App” is damaged and can’t be opened. You should move it to the Bin." When updating application

Question

Created 1d

Replies 3

Boosts 0

Participants 2

I have two Mac Catalyst C# MAUI apps. First is main application, second is updater. My updater works like that: it downloads ZIP-archive of .app of main application from server, and extracts it to directory where app is placed(folder in user directory, with two .apps of updater and main one), overwriting files.

When I want launch application, I have error "App” is damaged and can’t be opened. You should move it to the Bin." . Although I can permit app opening in Settings, it occurs after every update, so it can be annoying to user.

Also, both apps are signed, and there is app identifier of updater in NSUpdateSecurePolicy in Info.plist of main app.

What can I do with this? How can I update my app without any warnings? Thanks a lot in advance for answer!

Boost

Answer 1

DTS Engineer OP

Apple

1d

Hi,

I have two Mac Catalyst C# MAUI apps. First is main application, second is updater. My updater works like that: it downloads ZIP-archive of .app of main application from server, and extracts it to directory where app is placed(folder in user directory, with two .apps of updater and main one), overwriting files.

As an aside, directly overwriting the existing files like this is a bad idea, as any intermediate failure will leave you with a partially updated, broken, app. That right approach here is to:

-Use "NSFileManager.url(for:in:appropriateFor:create:)" to get a temporary directory location that's on the same volume as your existing app install.

Copy your existing app into that temporary directory.
Modify that copy to the new version configuration.
Use "NSFileManager.replaceItemAt(_:withItemAt:backupItemName:options:)" to (safely) replace the old app bundle with the new one.

When I want launch application, I have error "App” is damaged and can’t be opened. You should move it to the Bin." . Although I can permit app opening in Settings, it occurs after every update, so it can be annoying to user.

The first step here is to determine what exactly the system doesn't like. The mostly culprit is the file quarantine xattr. You can check for it using:

xattr -l <path>

and you can remove it by running:

xattr -d com.apple.quarantine <path>

Note that you'll need to remove it from all of the files in your app bundle.

My guess is that removing it will allow your app to launch without issue, but if that DOESN'T work the the issue is with the data you're actually writing out in the update.

Assuming this is a quarantine issue, then that leads to a few more questions:

How have you actually setup your NSUpdateSecurePolicy?
What does the actual writing in your app bundle? Is it being done directly by your app or are you using a secondary tool (like "cp")?

__
Kevin Elliott
DTS Engineer, CoreOS/Hardware

0

Answer 2

rieznikov_bohdan OP

18h

@DTS Engineer Thanks a lot, I don't have any attributes on newly downloaded application. I set up my NSUpdateSecurePolicy like that

<key>NSUpdateSecurityPolicy</key> <dict> <key>AllowPackages</key> <array> <string>TEAMID</string> </array> <key>AllowProcesses</key> <dict> <key>TEAMID</key> <dict> <key></key> <array> <string>com.firm.updaterid</string> </array> </dict> </dict> </dict>

0

Answer 3

DTS Engineer OP

Apple

10h

OK. I'm going to need to take a closer look at components involved. Please file a code level support request on this noting that I asked you to in this forum post. Once the request is filed, you'll get an automatic reply saying that it was filed. Please reply to that email and attach:

The "starting" app version.
Your app updater (assuming it's a separate component).
The "post-update" app version (which doesn't work).

Once I've got the data, I'll take a look and see what I can figure out.

__
Kevin Elliott
DTS Engineer, CoreOS/Hardware

0