"SketchUpAPI.framework" can't be opened because Apple cannot check it for malicious software

Hi! I’m a software engineer creating several standalone applications using C/C++/Cython and SketchUp C API. (not a Ruby extension)

We’ve used previous versions of SketchUp SDKs on macOS, and it worked well. But after upgrading SDK to 2022 version (SDK_Mac_2022-0-353), this message popped up.

I know if I explicitly allow the use of framework on masOS Settings app (Security & Privacy) then it will work, but it is inconvinient for our customers to do this.

Could you check if you SDK have code signing problem? If not, how can I solve this problem?

My OS: macOS Monterey 12.3.1

Isn’t this what macOS is doing to all downloaded files? Even Windows - depending on what browser you use. You have to “unblock” them to say you trust that file you downloaded. This should appear to end users though when you distribute the framework with your app. (Correct me if I misunderstood the question)

SketchUpAPI.framework is a folder inside the SketchUp app bundle, and the app bundle is notarized. I don’t know under what conditions macOS tries to treat it as a bundle and not a folder that happens to end with .framework. What are the steps that someone would do before seeing the message you showed?

Did you perhaps copy that framework out of the SketchUp.app in order to compile and link your code? The notarization applies to the app bundle as a whole, not to individual folders inside it. If that’s not what you did, I have no clue.

Thank you for your replies!

I don’t know your notarization process, but I downloaded your SDKs on your SDK download page. here: SketchUp Developer SDK | SketchUp Extension Warehouse

And it seems the frameworks (SketchUpAPI.framework) in SDK have their own code signatures.

I made a simple CMake project to show you the problem more clearly: GitHub - seungha-kim/sketchup-api-demo
This project contains the SDK files for demonstration purpose. If it is illegal, tell me, then I’ll remove the project immediately!

If you run run-XXXX-X-XXX.sh file, it will build a simple C++ project linked with your SDK which is the specified version in the name of script. On my machine, (M1 Max, Monterey 12.3.1, Xcode 13.3.1)

  • run-2020-2-171.sh , run-2021-0-338.sh successfully print “Layer Count: 2”
  • run-2021-1-331.sh , run-2022-0-353.sh show the message “SketchUpAPI.framework can’t be opened…”

Please check this demo.

  • the project’s target architecture is x86_64

There is a version of this bundled with SketchUp, yes. But it’s distrobuted via out SDK to be used with other applications.

After you downloaded the framework, did you unblock it? macOS and Windows tends to mark binaries downloaded via the browser which the user has to unblock/approve before they can use it.

Thanks for the reply!

What I’m curious about is the reason why there is a difference between previous versions of SDK and recent SDKs. We had no problem with previous versions. I thought your SDK’s notarization problem caused this situation. But after some research, the difference could be caused by some changes of notarization process, maybe? And it seems Apple’s notarization process requires my executable to be notarized anyway independently with the SketchUp SDK, to be run without “Apple cannot check…” popup.

As you said, if I allow the framework in Settings app I can run my executable. I’ll do this for development. If this error message pop up even after notarizing my executable, then I’ll write another post.

Thank you!

1 Like

With the same machine and/or OS? Apple has changed the behaviour almost between every version. If you were to download any of the older SDKs on your current machine, that doesn’t get blocked like the latest version?