Apple has decided to increase the requirements on what needs to be done with applications to avoid nasty warnings for users. Signing is no longer sufficient, the application also needs to be "notarized" (put through some automated checks by Apple).
Their instructions are very Xcode centric, so not particularly helpful for automation, and even less helpful trying to get this done on a non-macOS machine. There are some command line tools that might be possible to integrate in to our current signing work flow though. We'll have to test.
Somewhat more concerning is that they have a list of requirements that must be met for the application to be notarized. I am not sure which of these we might fail to fulfil. One that is definitely a problem is "Link against the macOS 10.9 or later SDK."
They mention that the rules can be relaxed, but are vague as to when that can happen.
10.15 is now out so we can start looking in to this.
TigerVNC's entry for this:
Just like with earlier versions macOS 10.15 only applies these checks to programs downloaded from the browser.
Given a ThinLinc client signed today you get the following message when trying to open it:
> "ThinLinc client" can't be opened because Apple cannot check it for malicious software.
> This software needs to be updated. Contact the developer for more information.
> Safari downloaded this file today at 1:16 PM from cendio.com
> [Show in Finder] [OK]
It does not give you the option to run the file.
You can work around this by right clicking ThinLinc client from Finder and choosing "Open". After doing this you no longer receive the warning.
Tester should verify that you always get the option to start a signed macOS client that has been downloaded from a browser.
Instructions for signing a client package can be found here:
When using the script copy-sign-bundle it it returns an error saying "Failed notarization with status: ". However, there is no exit status and the script just continues anyway despite an error. Furthermore, the error seems to be a false alarm since macOS host reports notarization success.
Part of my commits had been missed in a merge somewhere. Should be fixed now.
I downloaded a client from a browser and was able to start the client without any message saying it cannot be opened. The signed macOS client this works just fine now.