Apple cannot check if 2.5.0 is malicious software

[JaroslawOnGitHub]

Expected Behavior

Just after updating to 2.5.0 and a trial of opening the application, maOS informs:

<<“KeePassXC.app” can’t be opened because Apple cannot check it for malicious software. This software needs to be updated. Contact the developer for more information. Safari downloaded this file today at 11:13 from github-production-release-asset-2e65be.s3.amazonaws.com.>>

Current Behavior

I cannot open the app.

Possible Solution

Previous version has been working well.

Steps to Reproduce

Context

Debug Info

KeePassXC - 2.5.0

Operating system: macOS Catalina 10.15

[varjolintu]

This does not happen with macOS Mojave 10.14.

[JaroslawOnGitHub]

After coming back to a previous version 2.4.3 the app works well again.

[beckerj]

I just updated from 2.4.3 to 2.5 on Catalina (10.15) and it works fine.

[KamilRT]

I'm having exactly the same issue. macOS Catalina here.

[droidmonkey]

See here: https://support.apple.com/en-us/HT202491

[treee111]

I had no problem with opening v2.5.0 under macOS Catalina

[JaroslawOnGitHub]

See here: https://support.apple.com/en-us/HT202491

It works very well now. Thanks! Have a good time ahead!

[heikkij]

Does it mean that we don't get fix for this as the case is closed? I mean is there any plans to get Apple to trust developers of the app?

[chriscareycode]

I noticed this also. You right click and select Open the first time and get the warning. Right click and select Open the second time and you get a different prompt and can open it.

[droidmonkey]

There is nothing to fix. This is just how Apple has decided to treat developers. Unless you release on the app store this is what you have to deal with unfortunately. Even though we sign the app with a paid certificate!!

[phoerious]

The only way to "fix" it is to get our app notarised somehow, which means throwing even more money at Apple. They make €99 a year of us already for doing absolutely nothing except letting their fully automated system generate a certificate for us.

[heikkij]

OK, I have understood that by paying 99 per a year includes possibility to have apps notarized..

[droidmonkey]

The other problem with notorization is that you have to wait for it to actually be done before you deploy since Apple actually signs your release package.

[s01ipsist]

Solution outlined on https://support.apple.com/en-us/HT202491 didn't work on one MacBook.

I found you can get round this by deleting the quarantine extended attribute on the application.

xattr -d com.apple.quarantine /Applications/KeePassXC.app

Then open as normal.

Ref: https://discussions.apple.com/thread/250425993

[erikolofsson]

The other problem with notorization is that you have to wait for it to actually be done before you deploy since Apple actually signs your release package.

You don't have to, it will check online at run time if you don't staple the package.

While annoying it's not hard to add it to your build scripts:

• Run xcrun altool to notarize
• Poll for notarization to finish with altool --notarization-info. This takes couple minutes
• Staple the .app file to make it work offline (xcrun stapler)

[phoerious]

We'll try that for 2.5.1, thanks.

[mdavis-xyz]

Should we add a link to that support page from the Mac download page?

[phoerious]

Why? The binaries are signed and notarized.

[mdavis-xyz]

Why?

Because this error is still happening. I did a brew update last week and my mac refused to run the app unless I went into the Mac security settings and ticked the box. I don't know what signing is done presently, but it's not sufficient to prevent my mac from blocking execution of the app by default.

[phoerious]

It is and I can confirm that it works. If it doesn't, then there's another problem somehow. Perhaps with Homebrew even.

[pleunv]

FWIW, I'm experiencing the same issue again with v2.7.4 on homebrew. macOS 12.6.1.

[phoerious]

Make sure you install the correct version for your processor. Also try closing your browser before installing the app.