One of the surprise announcements at WWDC 2019 last June, which seems to have been largely forgotten, is that Catalina not only requires apps and similar executable code to be notarized, but that single-file command tools must also be notarized. Given that there’s currently no way of stapling a notarization ticket to a command tool, I suspect many have just filed this under Too Difficult. But for anyone who installs third-party command tools, this could pose an insurmountable problem. This article explores how Catalina’s Gatekeeper system handles command tools, and what you can do about it.
Demonstration
If you have a Mac running Catalina and a third-party command tool to hand, here’s a little worked example of what happens. Add a quarantine flag to a copy of that command tool (easily done using my free utility xattred), and install it – either at the command line or using Finder – in /usr/local/bin. Then run it from Terminal. If the command tool isn’t notarized, you should see it being killed at launch, with a Gatekeeper failure dialog.
If you then open the Security & Privacy pane, you should see a button has been added at the foot of the General tab, offering to allow the running of the command tool “anyway”.
Read more at EclecticLight.co