How can developers properly fix "App is damaged and can't be opened" errors?
There are already several questions here on this site dealing with the error message "$App is damaged and can't be opened". The workaround given (which has worked for me) is to use xattr -rd com.apple.quarantine
on the affected app package.
The developers of LaTeXDraw, a small open source tool, state that hints about solving this would be welcome. LaTeXDraw shows the problem when installed through their DMG image, as well as through Homebrew. It seems this is a rather old piece of academic software primarily used and developed on Linux, which they just build along for macOS as well, so I would like to help them out.
I thought the "proper" solution to this is just to become a registered developer -- is that correct and sufficient? What is the technical cause of this (very confusingly worded) message, i.e. what would need to be changed in the app package?
The developer needs to make sure their application is notarized.
The official documentation on how to do that is available here:
https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution
In order to get the application notarized, it must first be signed.
The developer can choose to use their existing binary and get it notarized "after the fact" (instead of during build using Xcode). You would then take the final binary and upload it to Apple using notarytool
(comes with Xcode). When the developer gets the ticket back, it can be attached to the binary using the stapler
tool.
The process is documented here:
https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/customizing_the_notarization_workflow#3087734