Bug 473705

Summary: “kdeconnect-indicator” is damaged and can’t be opened. You should move it to the Trash.
Product: [Applications] kdeconnect Reporter: idoitprone <monkeyboyted>
Component: macos-applicationAssignee: Weixuan XIAO <veyx.shaw>
Status: REPORTED ---    
Severity: crash    
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: Other   
OS: macOS   
URL: https://binary-factory.kde.org/view/MacOS/job/kdeconnect-kde_Nightly_macos/1985/
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description idoitprone 2023-08-24 00:37:01 UTC 
SUMMARY
***
NOTE: If you are reporting a crash, please try to attach a backtrace with debug symbols.
See https://community.kde.org/Guidelines_and_HOWTOs/Debugging/How_to_create_useful_crash_reports
***

No backtrace retrieved on OSX. The application crashes immediately
```
➜  MacOS ./kdeconnect-indicator
[1]    46779 killed     ./kdeconnect-indicator
➜  MacOS pwd
/Applications/kdeconnect-indicator.app/Contents/MacOS
```

STEPS TO REPRODUCE
1. Download Kde connect indicator
2. Install the indicator
3. Open the indicator

OBSERVED RESULT
Dialog box with this error message, "“kdeconnect-indicator” is damaged and can’t be opened. You should move it to the Trash." pops open.

EXPECTED RESULT
Kdeconnect-indicator opens

SOFTWARE/OS VERSIONS
Windows: 
macOS:    
System Version:	macOS 12.6.7 (21G651)
 Kernel Version:	Darwin 21.6.0
  Model Identifier:	MacBookPro13,3
  Processor Name:	Quad-Core Intel Core i7
  Processor Speed:	2.7 GHz

Kde connect build: Success Build #1985 (Aug 22, 2023 5:18:00 AM) 


ADDITIONAL INFORMATION
Comment 1 idoitprone 2023-08-24 00:37:25 UTC 
KDE Factory builds do not work.
Comment 2 idoitprone 2023-08-24 00:39:27 UTC 
https://www.reddit.com/r/kde/comments/ns91v3/comment/ja09hus/?utm_source=reddit&utm_medium=web2x&context=3

There were two issues:

    CraftRoot/etc/blueprints/locations/craft-blueprints-kde/libs/libfftw/libfftw.py needs to be updated to check for the ARM arch and unset -DENABLE_SSE2=ON

    Craft by default produces partly-codesigned binaries which are then modified during craft --package, creating a broken app bundle. There is CodeSigning section in etc/CraftSettings.ini but it expects an official MacOS developer identity (which makes sense for KDE org). It would probably work with the official signing identity but I don't have a Mac developer program purchased (and I don't plan to get one as I expect to be able to build and run software on my computer without paying Apple yearly for some certificates). So I patched ./craft/bin/Utils/CodeSign.py to pass - (dash) as --sign identity argument (requesting adhoc signing). Then, after craft --package ... I extracted the built .app bundle and replaced entitlements [1] for all binaries find /Applications/kdeconnect-indicator.app/Contents/MacOS -type f -perm +111 -exec codesign -fs - --options runtime --entitlements ~/tmp/entitlements.plist {} \; and resigned the whole bundle adhoc again codesign -fs - kdeconnect-indicator.app. Then replaced the app bundle in the dmg.

You can follow my steps or you can try my dmg. It has adhoc-signed binaries so it may not work for you or it may require to explicitly allow opening the app in Settings -> Pricacy & Security.

I will try to upstream the changes (libfftw blueprint will be easy, adding optional adhoc option for signing may be more difficult).

[1] Entitlements I used just disable signature validation on libraries loaded into the process and allow attaching a debugger to a running process:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
        <key>com.apple.security.cs.disable-library-validation</key>
        <true/>
        <key>com.apple.security.get-task-allow</key>
        <true/>
</dict>
</plist>
Comment 3 idoitprone 2023-08-24 00:45:58 UTC 
I did not test those suggestions.