0

I have an application (written in C++/Qt, but I don't think that's important for this issue). I have a valid developer profile, the application is distributed as downloadable .dmg file, it is properly signed and notarized - at least, to the best of my knowledge.

The usual way of installing it is to download from the website, open the .dmg, drag the app to Applications, and launch it. This works fine, at least when downloading with Safari. The users get no prompts or warnings of any kind, other than "The app is downloaded from Internet".

But the application also has an auto-update feature that works like this:

  1. Downloads the new .dmg file's contents using QNetworkAccessManager (via HTTP).
  2. Writes the file to disk with QFile.
  3. Runs the script that mounts the dmg with hdiutil attach ... -noverify.
  4. Copies the new .app over the old one using cp -r.
  5. Now the user just has to close and reopen the app.

This used to work fine up to macOS 12.6. But since Ventura (13.0), the user gets "The file is damaged and should be moved to the trash" error when opening the auto-updated app. Must be a new feature of the Gatekeeper. The file is not literally damaged, of course. Both the .app bundle and the dmg file are signed. Is there any way I can fix my auto-update function?

Violet Giraffe
  • 32,368
  • 48
  • 194
  • 335
  • In my eyes a signed DMG allows to verify that the content is still original and has not been tempered with. So as soon as you modify the DMG content the signature is no longer valid and the OS warns the user that it is damaged and should be deleted. – Queeg Jun 25 '23 at 18:24
  • @Queeg: sure, that's absolutely how it should work. But I'm not modifying the contents of any files. And it worked perfectly prior to macOS 13.0. – Violet Giraffe Jun 26 '23 at 07:15
  • Step 4 overwrites files with the new version. That modifies content, doesn't it? But to be sure you could validate your dmg after the copy using https://stackoverflow.com/questions/76551878/how-can-i-validate-a-dmg-file#comment134972600_76551878 – Queeg Jun 26 '23 at 12:32
  • @Queeg: Now I see what you mean, but it shouldn't be different from the normal workflow of opening the DMG, copying the .app bundle from it to Applications, and launching from Applications (or any other local folder). That works without issues. But I will try extracting to a separate location rather than overwriting the original bundle. – Violet Giraffe Jun 27 '23 at 11:31

0 Answers0