Some users reports me, that my application doesn’t start after some days. Today I get a logfile from one user. In this I see that Gatekeeper detected malware and stopped the start. Ir seems the problem started an update from macOS, but only in older version. With macOS 26 nobody reported problems.
The application is notarized and also the version in the store has the problem.
My question is now is some else has the problem, or has an idea which may caused it.
Thank you
Did you use SD Notary 2 for notarization?
Hello,
no, I use the notarization command from Apple within my build process.
That seems like a good place to start. You could use one of your Apple developer incidents to get someone’s attention at Apple and have them look into it.
Another possibility… rebuild and notarize your software. See if the updated system shows any errors.
Hello,Hello,
I think meanwhile I found the problem and was able to solve it. But give me some lines to explain it.
The problem occurred on several installations by my users after they updated their macOS. And after the update to macOS 26 it also appeared on my computer. This helped to find it.
I checked the console and the output from Gatekeeper / XProtect. It always said that there is malware. And it is only in the Intel version. If I compiled it only for ARM it worked. And also only with my largest application. The other had not the problem.
Also some changes in signing and notarization didn’t help. All verifications showed a correct app. One other test was to remove some modules to find the one which has the code with the problematic signature. But there was not one module. It was independent which module I removed. It seems that only the size is critical.
After some days I had the idea to change the optimization level within Xojo. And this solved the problem. Instead of the default value, I use now moderate.
I believe that this changes the code in a way that GateKeeper / XProtect don’t find a known signature. There was no output to see which malware or signature raised the stop.
I’m glad to fix it. And if someone else has the problem it may help, too.