Error: MacDown is damaged and can’t be opened #1106
Comments
|
There seems to be some issue with signature. I’ll discuss with @uranusjr about this. Sorry I missed this bug before releasing. macOS won’t check signatures unless it is downloaded from Internet (“untrusted source”). |
|
Can someone confirm whether this happens on 10.14 (Mojave), or only on 10.15? |
|
I can reproduce with v0.7.1. I have stronger sense that this is due to SIP. |
|
Can confirm. 10.14.6 is prompting me to delete the (manually dowloaded) App. Auto-Update also exits with an error. Error after manual download:
Error after auto-update:
|
|
@noestreich Could you please try v0.7.1? |
|
@FranklinYu No Problem with 0.7.1 Regarding 0.7.2: It's the quarantine-flag, as you already suspected. if one removes it via terminal, version 0.7.2 just starts fine. Edit: Nice toolbar guys!
|
|
Similar problems here in 10.13.6.
|
|
I'm getting the same issue 😢
@uranusjr forgot to add you. It is happening on 10.14.x too |
|
Found an article talked about the quarantine issue. |
|
I think I finally reached a conclusion. about quarantine flagI can’t do anything about the quarantine flag. It’s added by the browser. To verify, download the zip file (either 0.7.1 or 0.7.2, it doesn’t matter) with wget https://github.com/MacDownApp/macdown/releases/download/v0.7.2/MacDown.app.zipThen double click the zip file to extract the app as usual. You should be able to run extracted MacDown without further steps. another factorThe “application source” preference is also related. Please check this preference on your computer. Navigation path: “System Preferences” -> “Security & Privacy” section -> “General” tab -> “Allow apps downloaded from”. For details, see this blog. solutionsTwo possible solutions:
|
|
The macOS has become more and more hateful. |
|
@FranklinYu When does the notarization process reveal the legal name? PS: I had no problem updating to 0.7.2 via Sparkle on macOS 10.15.1 (security option is on "App Store and trusted developers") PS 2: I've edited the title of this issue that others can find it more easily… |
alexkaessner
changed the title
|
My MacOS preference was already set to allow apps downloaded from "App Store and identified developers" when I encountered this problem. But thanks to the tip in this thread, I was able to download the file via |
The |
If I understand correctly, Sparkle would bypass this issue because it’s not downloading with browser.
According to this forum thread legal name is exposed unless I create a legal company. Do you have first-hand experience, or know someone with first-hand experience to verify? If I can hide my legal name from user (no need to hide from Apple) then it would be great. |
|
@FranklinYu I can agree that the legal name is exposed when distributing via Mac App Store. Though I'm not sure if the developer account name will be shown somewhere when only using it to notarize apps. But I only have experience releasing on the MAS, so I'm not 100% sure. |
|
as far as I know it is not publicly shown, but can be dumped in Terminal with |
|
Can confirm what @harp79 said. |
|
Sadly this can’t be bypassed by Homebrew Cask. See Homebrew/homebrew-cask#70798 |
|
I tried installing v.0.7.2 (on Mojave, 10.14.6) both via browser download and homebrew cask, and both yielded the, "Macdown is damaged and can't be opened..." error message. I'm used to troubleshooting the Privacy "Open Anyway" error, but this is different. I downloaded v.0.7.1 and it worked perfectly, so I'm using that. Love the app! Also, there is a blatant clone of Macdown in the App store called MarkEditor.
|
Oh no and they even charge $0,99 for it! |
|
@alexkaessner We can do nothing as long as they abide by the MIT license. This is expected. If @uranusjr didn’t want this he would have chosen something like MPL. I have been looking for ways to signing open source software with shared developer account. There is no existing service like this. I would contact various foundations to see whether they are interested in such services. |
|
Yeah, and the reason is I’m actually totally fine with people selling this code on App Store (as long as the license is honoured, of course). That said, many of those entries on App Store don’t actually honour the license. I haven’t checked this MarkEditor in particular, but I have submitted multiple claims to Apple for unattributed code reuse. |
|
I was able to get it to run using the wget trick described above: But I have two issues:
Overall this is an excellent app -- my favorite for markdown editing on Mac. Thanks again for all you do. |
|
I installed Macdown using Homebrew with the command:
I got this issue upon trying to open Macdown after its installation. This also appeared during an earlier attempt to download Macdown as a dmg. Running the following command got rid of the issue:
Note: if you downloaded Macdown as a dmg, be sure to move Macdown to your Applications folder before running the command. Now I am able to open and use Macdown. Thanks to @noestreich for the fix! |
|
The proper fix would be that someone re-uploads the zip file, making sure it's not signed at all. Then people should be able to update it without troubles and those who download it manually could open it with right-clicking the app, then choosing "Open". |
|
Hi, Still impossible to update to 0.7.2 ! The file downloaded is always corrupted (says OS X) 😩! I’m under High Sierra. Do you plan to fix it soon ? Thanks. Alain |
Either use a different unzip tool (not the Apple default one) - this will prevent the quarantine flag being added to the unzipped app. Or use one of the suggestions earlier in this thread to remove quarantine flag from the app and be able to run it. |
|
Hi everybody. Sorry for the delay. I revisited the issue today. Xcode would only archive (Apple’s term for “build and export”) an application with a signature, be it signed with a local (self-signed) certificate, or a valid certificate from Apple. Luckily, a hidden flag of After this mess, we would still need a long-term solution since this hidden flag trick is unreliable. |
|
@FranklinYu instead of using the Archive command you could also add a second target, and set its scheme to build for Release instead of Debug. Also, in the build settings for this target, remove all code sign settings. Then you could just build the app for that target, and then zip it manually afterwards. That's what I do with several tools I make. If you need help with that, let me know and I'll do a pull request with the changes. |
|
I have uploaded a new build of v0.7.2 replacing the original one. Would be appreciated if everybody in this thread try it out. |
|
I use the auto update within the app upgrade successfully without problem. I'm on 10.15.1 . |
|
I can confirm that the application runs once you have ignored the warnings and given it permission. It still flickers, though, so I’m still using 7.1. |
I can open the new macdown build via "right-click open". But "Preferences -> Markdown" looks like If anyone else has this problem, I will file another issue. |
|
@hacktrick After downloading I get
But works fine after opening/enabling in the Security & Privacy Settings! 👏👏👏 |
|
@FranklinYu I get this error, basically the same as @klaas:
I can open it with right click to bypass this message though! @hacktrick This is issue is already tracked here #1103 |
|
To everyone: It's currently expected behavior that you have to open the app with a right click. No need to mention this as a problem here. @FranklinYu Maybe you want to mention this fact on the website (though that's on UranusJr's site - not sure if you have access to that?) |
How would you like it to be mentioned on the website? Would like some more details. Like updating the release note or what? |
|
@FranklinYu Ah right - the Download link on https://macdown.uranusjr.com/ is immediate. I see no good place to add such a note. How about this instead: Instead of putting only the app into the zip, why not add also a text file there. It could be named "Read me to install MacDown.txt" and would contain text like this: |
|
The traditional way to distribute Mac apps is to use a DMG disk image where you can place documentation and even aliases to the Applications folder to make dragging and dropping easy. You have control over the arrangement of the icons, background images, etc. You can even add instructions in the window that explain how to launch the app safely. It's a bit more work to create but make it easier for users in the long run. A little non-technical background information here with images: https://www.maketecheasier.com/why-does-macos-use-dmg-files/ |
|
@tempelmann I thought by “this fact” you meant “the v0.7.2 release has been re-built and re-uploaded“. If you are talking about “telling users that they need right-click to open the application“ then it has actually been mentioned in https://macdown.uranusjr.com/faq/#unidentified |
|
The same for me :-(
Envoyé de mon iPhone
… Le 7 déc. 2019 à 10:10, Patrick Hackbarth ***@***.***> a écrit :
I have uploaded a new build of v0.7.2 replacing the original one. Would be appreciated if everybody in this thread try it out.
I can open the new macdown build via "right-click open". But "Preferences -> Markdown" looks like
If anyone else has this problem, I will file another issue.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub, or unsubscribe.
|
|
Since no one is reporting binary corruption issue I would assume that this is fixed. While I would still be working on it, my current priority is #1104. @tempelmann Would appreciate a Pull Request for your solution of removing code signature. |
|
For example, not being codesigned properly will cause LittleSnitch to report a missing signature from the previous version, on each connection. Now I'm wondering why the heck the latest version isn't signed. Sooo, you'll either have to codesign properly, so that Apple can attest that you've only used an Apple-sanctified buildsystem (without some hacked
Please, can we macOS power users, agree to never, ever advise anyone to change the global GateKeeper switch, pretty please ? That's like "Disk Utility > Fix permission problems", but worse, and it does not mean you you think it means — it'll disable all signature checks, on anything you download, even that malwared OpenOffice you've just accidentally hit via some weird Flash ad somewhere. Please. Keep up the good work tho, I'll just do what I said and explicitly trust your work, but not before sincere kudos from another macOS "developer", banging its head against ever more crazy signing issues 😜. |
I don’t recall recommending anyone to change the global switch in this issue. In fact, the option is hidden by default since macOS Sierra. If you are concerned about https://macdown.uranusjr.com/faq/, please file an issue (or better yet, a Pull Request) at https://github.com/MacDownApp/macdown-site. I’m closing this issue since the original problem has been solved temporarily. Long-term solution will be discussed in #1127. |
and others
Apple official says that macOS10.15.1 is not compatible with 32-bit version programs.
Does MacDown provide 64-bit versions in the future?
The text was updated successfully, but these errors were encountered: