I’ve been working on a little desktop app that will be distributed outside any App Store. It has a very limited and specialized group of potential users.
One when runs it the first time, you get a message from the Mac operating system about the dangers of using such apps (i.e. not from the App Store). It includes some instructions about how to run the app anyway. I want to document the instructions and include some screenshots.
The problem is that my Macs know about the app, and they will simply run it. Anyone have an idea of how to make the app appear “new” or unrecognized?
Well, you’re basically just talking about running an unsigned app. It has nothing to do with the App Store per se. Beware that sketchy developers give this very instruction, though they frame it as "how to run the first time”, as if it’s routine, rather than “how to bypass Gatekeeper.”
The answer is to right-click the app bundle and select “Open.” After the user dismisses the following warning, they will be bothered no more.
If, as you suggest, this app is to be used by select users who know and trust you (or just trust you), this will suffice. But if you’re making the app available for general distribution, it is not a good look. I’m guessing you simply don’t wish to (or can’t justify) paying Apple so you can sign/notarize.
Edit: signing also confirms that you are who you say you are, and that the code was not modified downstream by a third party, because any tampering would break the signature. This should give some peace of mind to you and your users, in case your app were obtained from a nefarious middleman.
Edit again: well, your real question is how to make your own system forget the approval, so you can inspect the warning yourself. Sorry, got nothing there.
He has an app which is already recognised, and wants OSX to forget it so that he gets the messages again.
(I’ve personally played with things like changing the app name, and the identifiers in the embedded plist, but not found a method by trial and error yet)
I get that, and made an edit just before your comment came in. But is it necessary? Other than getting a screen grab for his documentation, I can’t think of a reason. I’ll just reiterate that this must be a very select group, if he is distributing an unsigned app. And since he conflates signing/notarization with “App Store”, I just thought some clarification was in order.
I don’t recall all the details of all the potential cases. Is the app still code signed and notarized? An app that is code signed and notarized will have a dialog like:
“Example.app” is an app downloaded from the Internet. Are you sure you want to open it?
But you have to have the com.apple.quarantine extended attribute to get that prompt. This attribute is added to downloads. You might find the alert comes back if you zip the app, upload it somewhere, and then download it in Safari.
There may be a similar alert if the app is code signed but not notarized. That might be the case where you have to right-click and choose Open.
In my quick test just now, an unsigned app with the quarantine flag will refuse to launch even via the Open item in the contextual menu. You have to manually remove the quarantine flag to get such an app to run.
-s is about symbolic links. To write a value you have to use -w, but you also have to specify what the value is. Setting com.apple.quarantine to a blank or garbage value doesn’t work (doesn’t make the prompt return). I believe a true quarantine value is something like a UUID reference to a database entry that logs where the download came from.
