Skip to content

fix: ad-hoc sign app in CI to prevent macOS damaged error#17

Merged
bottlebrushes merged 1 commit intomainfrom
bettercoderthanyou/fix-brew-damaged-app
Feb 3, 2026
Merged

fix: ad-hoc sign app in CI to prevent macOS damaged error#17
bottlebrushes merged 1 commit intomainfrom
bettercoderthanyou/fix-brew-damaged-app

Conversation

@bottlebrushes
Copy link
Copy Markdown
Owner

@bottlebrushes bottlebrushes commented Feb 3, 2026

Summary

  • Added ad-hoc code signing step to CI workflow so the distributed app has a valid signature, changing macOS Gatekeeper behavior from an unrecoverable "damaged" error to a bypassable "unidentified developer" warning
  • Added troubleshooting section to README with the xattr -cr workaround for users who still hit Gatekeeper issues

Test plan

  • Verify CI build succeeds with the new codesign step
  • Download the built artifact and confirm macOS no longer shows "damaged and should be moved to Trash"
  • Confirm right-click → Open bypasses the Gatekeeper warning

🤖 Generated with Claude Code

@bottlebrushes @claude
fix: ad-hoc sign app in CI to prevent macOS "damaged" error
28907d4 
The CI build used CODE_SIGNING_ALLOWED=NO, producing an unsigned app.
macOS Gatekeeper rejects unsigned downloaded apps with an unrecoverable
"damaged and should be moved to Trash" error. Ad-hoc signing changes
this to a bypassable "unidentified developer" warning. Also adds a
troubleshooting section to the README with the xattr workaround.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@bottlebrushes bottlebrushes merged commit d99a5a7 into main Feb 3, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@bottlebrushes