#451: mac gatekeeper quarantine removal

[shodiBoy1]

This PR fixes #451

Implemented changes:

On modern macOS (15.1+, Apple Silicon), just removing com.apple.quarantine didn't work - unsigned apps still showed the "is damaged" popup. Tested this on a real M1 Pro with IntelliJ CE and Android Studio.

The fix does two things after extraction:

• xattr -cr to clear all extended attributes (quarantine, resource forks, etc.)
• codesign --force --deep --sign - to ad-hoc sign the .app bundle - but only if it's not already properly signed (so we don't break notarized apps like Eclipse)

Other changes:

• Version file (.ide.software.version) stays at rootDir instead of being copied inside the .app, because codesigning seals the bundle and any writes after that break it
• linkDir now correctly points inside the .app bundle (e.g. Contents/MacOS) where the binary lives. The symlink target changed, so getInstalledVersion() was updated to resolve the symlink back to rootDir via getValidInstalledSoftwareRepoPath to find the version file
• Added ProcessErrorHandling to codesign calls - NONE for the verification step (failure is expected for unsigned apps) and LOG_WARNING for the signing step
• Removed findBinDir() from MacOsHelper and the getToolBinPath() macOS workaround - both were redundant after fixing the linkDir assignment
• Updated tests to use getInstalledVersion() instead of checking the version file through the symlink

---

Checklist for this PR

• When running mvn clean test locally all tests pass and build is successful
• PR title is of the form #«issue-id»: «brief summary» (e.g. #921: fixed setup.bat). If no issue ID exists, title only.
• PR top-level comment summarizes what has been done and contains link to addressed issue(s)
• PR and issue(s) have suitable labels
• Issue is set to In Progress and assigned to you or there is no issue (might happen for very small PRs)
• You followed all coding conventions
• You have added the issue implemented by your PR in CHANGELOG.adoc unless issue is labeled
  with internal

[coveralls]

Coverage Report for CI Build 24732604475

Warning

Build has drifted: This PR's base is out of sync with its target branch, so coverage data may include unrelated changes.
Quick fix: rebase this PR. Learn more →

Coverage increased (+0.02%) to 70.613%

Details

• Coverage increased (+0.02%) from the base build.
• Patch coverage: No coverable lines changed in this PR.
• 86 coverage regressions across 3 files.

Uncovered Changes

No uncovered changes found.

Coverage Regressions

86 previously-covered lines in 3 files lost coverage.

File	Lines Losing Coverage	Coverage
com/devonfw/tools/ide/tool/ToolCommandlet.java	47	73.45%
com/devonfw/tools/ide/tool/LocalToolCommandlet.java	22	80.36%
com/devonfw/tools/ide/os/MacOsHelper.java	17	76.92%

---

Coverage Stats

Relevant Lines:	15220
Covered Lines:	11200
Line Coverage:	73.59%
Relevant Branches:	6766
Covered Branches:	4325
Branch Coverage:	63.92%
Branches in Coverage %:	Yes
Coverage Strength:	3.11 hits per line

---

💛 - Coveralls

[hohwille]

@shodiBoy1 thanks for your PR. Great that you are working on this nasty problem that is currently blocking Mac users and renders the UX of IDEasy on Mac void. 👍
Currently, I do not see the difference in the xattr compared to PR #453. Can you explain why this should fix the problem now? Have you tested this approach on MacOS and it worked for unsigned apps like e.g. IntelliJ?

FYI: Did you also see this comment? #451 (comment)
When we remove the quarantine attribute, MacOS protected the app directory and we cannot make any modifications to it after that. This IMHO implies that we cannot keep the current solution with the .ide.software.version file that we simply copy to the linkDir as a workaround. Maybe it could work if we do that before we remove the quarantine attribute?
Further, in PR #453 @jan-vcapgemini made a review comment that this xattr execution should be moved to MacOsHelper what makes sense to me and should be followed.

[shodiBoy1]

previous fix was wrong just doing xattr -r -d com.apple.quarantine isn't enough on macOS 15.1+ with Apple Silicon. Unsigned apps still get blocked even without the quarantine attribute.

new fix xattr -cr to clear all extended attributes, then codesign --force --deep --sign - to ad-hoc sign the .app bundle. The codesign part is what actually makes it work. I skip signing if codesign -v passes so we don't break already notarized apps like Eclipse.

Moved the logic into MacOsHelper.removeQuarantineAttribute() and it's called from LocalToolCommandlet.installTool() now, not from extract.

.ide.software.version stays at rootDir can't write inside the .app after codesigning or you get "Operation not permitted". Version file is written before signing so no issue there.

Tested with IntelliJ CE and Android Studio on M1 Pro, works fine.

[hohwille]

@shodiBoy1 thanks for your update. Now this looks way more promising. 👍
However, there are still things to clarify before we can merge.

[hohwille]

@shodiBoy1 thank you so much for your improvements. You fixed a severe blocker bug causing big progress for IDEasy users on MacOS! 🥇
I only added cosmetic review comments but this PR is now about ready for merge.