Corrupt Installer for Mac (version 2.3.1 macOS 10.12+ (x86_64))

Tags: #<Tag:0x00007fe316f7a098>

Afternoon all,
I’ve downloaded the latest version for Mac several times, and each time it’s showing as corrupt when I run it for the first time.


I’ve subsequently installed the previous version too, and that works fine. Any ideas?
(I’m running High Sierra 10.13.6)

Also, and in case anyone with SuperPowers is reading, the EU download mirrors are not responding :frowning:

There seems to be something odd with how macOS 10.13 launches the app, but we have not yet figured out what it is. There is a ticket to track this at

Unfortunately I don’t have access to macOS 10.13 and can only test on 10.12 and 10.15 myself. I have one idea left on what is happening (could be that macOS 10.13 sets the working directory differently when launching apps). I will make a test build available, just takes me a while. It would be great if you could test it.


I have created a test build with a change on how the working directory is handled. Could you test whether the following app works for you?

Thanks a lot for your help.



I’ve just joined this forum to say that I’ve just bumped into this problem as well.

I downloaded the test build (linked above) and sadly it also fails to launch with the OS claiming the app is corrupt.

However, launching the app directly off the mounted disc image (.dmg) - the app (both final 2.3.1 and test build) appear to function. Drag the app from the disc image to the Applications folder (to ‘install’) and launching then fails (claiming it’s corrupt).

I haven’t tried to do anything with this app yet, as I immediately came here searching for a possible solution.

The app will not launch from macOS 10.13.6 Applications folder, however on a newer MacBook Pro running 10.14.6 it launches as expected (from the Applications folder).

Hopefully that made some sort of sense!


1 Like

Thanks a lot for testing this. Unfortunately I personally don’t know what to do about this. I have run out of ideas on what to try, and I personally can only test on macOS 10.12 and 10.15, and it works fine on both systems. If someone has the necessary skills and environment to debug this on macOS 10.13 I would be really glad to get some help here.

1 Like

I just bumped into this problem as well trying to install the new version 2.3.2 on macOS 10.12.6 when trying to open the app from my applications folder. Not sure if this is the right place for this but it seems to be the most recent posting on this issue… I tried the other installer you suggested in this thread and it still gives me the same “MusicBrainz Picard” is damaged and can’t be opened. You should move it to the Trash. I’ve read that this problem has been fixed on macOS 10.12 so I’m not sure what I’m doing wrong. Any insight would be greatly appreciated.


1 Like

I can confirm the same issue appears on 10.13 and 10.15 (Catalina).
Besides I am having very frequent crashes with indexes out of range when loading files to be tagged

1 Like

I had the same problem - MusicBrainz Picard is damaged and can’t be opened - but I managed to get 2.3.2 running on macOS 10.13.6 by doing the following - don’t do this if you aren’t confident in using the command line:

  1. From the dmg, copy the app to the Applications folder
  2. Launch Terminal
  3. Type the following command: xattr -cr /Applications/‘MusicBrainz’
    (note the single quotes around the filename because the filename contains a space)
    (if done correctly there should be no error in Terminal)
  4. Double-click on Picard in the Applications folder

I don’t often use Terminal so I’m not well versed in it but apparently using the ‘xattr’ removes extended attributes from the file on the Mac. I don’t know what the consequences are but Picard seems to run fine (at least I haven’t run into any issues yet). I’ve not used Picard before so I’m finding my way around now that I can run it.

Here’s a link to the article which gave me the insight -

I hope it helps someone.



Sounds to me like the app has not been codesigned properly therefore Gatekeeper has added a quarantine flag to the extended attributes. It’s Apples security to prevent people from installing an application from an unknown developer, in other words a random application downloaded from the web.

@Freso Whoever develops the Picard application needs an Apple Developer Certificate and to then properly codesign the app before it’s uploaded for users to download. I suspect it was an honest mistake and it was forgotten in the rush to get a release out. :wink:

You can use the above xattr -cr command as @SmileyMiley kindly posted above which clears the quarantine flag and recursively clears the flag from all files within the app.

Please read through the following carefully and take your time. As long as you stick to my instructions you will be fine. Hopefully most of you will only have the de-quarantine to deal with. Those on Mojave upwards will have extra steps to take.

Note there is nothing that can cause any harm here as there is no sudo command or entering of any passwords as long you are ether logged in as administrator or have admin privileges. Even if the sudo command was required and entering a password there is still no harm as this is very basic stuff.

To de-quarantine an application launch Terminal which can be found in your Utilities folder.
In Terminal,
Type: xattr -cr
Press space:
Drag and drop the app into the terminal window after the space. This will automatically insert the file path and is simplest method. The above posted if manually typed, /Applications/‘MusicBrainz will not work because there is a space in-between MusicBrainz and Picard, it would require a backslash \ in that space. Trust me, just drag and drop and let terminal do the work for you.
Press Return:

You may then have to codesign the application especially if running Mojave and above where notarization comes into play. For this it requires you to install the Apple Command Line Tools which you will be asked to install if not already installed. This may require you to enter your admin password which when asked you will not see as you type in the terminal so you type it blind (no worries with someone looking over your shoulder). Once you have typed the password to install the tools hit return and wait for it to complete

Or you can install them beforehand as follows:

In Terminal,
Type: xcode-select --install
Press Return:

You can now codesign the app.
Type: codesign -f -s - --deep
Press Space:
Drag and drop the app into the terminal window
Press Return:

Quit terminal and launch app. Everything should work fine now.

If running Catalina then there are even more security restrictions in place so you may have to temporarily disable System Integrity Protection (SIP) first.

Don’t ask me anything about Windows. :laughing:

The app gets code signed and notarized by apple. I already experimented with different variations of the code signing, see the ticket linked above.

As written above my main issue with this is that I can test on macOS 10.12 and 10.15 only. I really have no idea why 10.13 misbehaves. So if somebody has the technical knowledge to figure out exactly what is causing the above on 10.13 and what needs to be changed with the package any help is highly appreciated.

Removing the extended attributes might be a clue. Maybe some specific attribute is set on some file that macOS 10.13 has trouble with. Maybe we should try removing all attributes before code signing. I can provide a test build with this.


Maybe we need to narrow down with which version this starts to break and see which changes had been introduced in that version. So far I have reportes that 2.1.3 works fine and 2.3.0 and later cause problems (mainly on macOS 10.13, probably not for everyone). There have been 4 other releases in between, could someone test if these work?

The following changes might affect the macOS app:

Picard 2.2 (2019-09-14)

  • CFBundleIdentifier changed from “org.musicbrainz.picard” to “org.musicbrainz.Picard”

Picard 2.2.1 (2019-09-20)

  • Set LSMinimumSystemVersion to “10.12”

Picard 2.2.1 (2019-09-20)

  • No packaging changes

Picard 2.2.2 (2019-10-08)

  • Set DYLD_FALLBACK_LIBRARY_PATH for properly loading discid.dylib earlier on app start
  • Include compiled astrcmp module

Picard 2.2.3 (2019-11-06)

  • No packaging changes

Picard 2.3

  • New build system using Github Actions
  • Upgrade to PyInstaller 3.6
  • Enable macOS hardened runtime
  • Notarize app
  • Register Picard for supported file types by setting CFBundleDocumentTypes
  • Set LSApplicationCategoryType

Another thing to consider: We had reports of users claiming their antivirus software interfered with the app launch. Maybe check if you have something like this running.


Mmm very odd. I’m running Picard Version 2.3.2 on High Sierra 10.13.6 and have never had any issues but I do run SIP without the Kext or File System Protection.

csrutil enable --without kext --without fs

More Info:

I highly recommend the above site for anything Apple and it has some great info on all of Apples security policies and problems.

To check the status of an app to see if it’s allowed to run which may also give some clues to why it wont run.
Type: spctl -a
Press Space:
Drag and drop the app into the terminal window
Press Return:

Do you know if the main executable and all the contents where signed. I don’t run antivirus accept for the XProtect part of Gatekeeper. Way to many false positives with anti virus software and they hog computer resources. Malware (including adware, ransamware) can be a problem for Mac’s but not a true Virus but you do help PC users if sharing files. Malwarebyes is the only software I would recommend or any products from objective-see. Most anti virus software’s do more harm than good. OSX is pretty good at looking after itself.

The thing with Gatekeeper is that it records everything you download, which browser used, site URL and time of download. This all gets listed as extended attributes metadata. Nice for forensics :wink:

Apple is the problem because they keep introducing all this security nonsense which IMO is mostly not about security and more about making things difficult to drive developers towards the MAS where they profit. I wont install anything from MAS on principle plus I block all connections to Apples servers. I’m not interested in MAS or Cloud stuff. They can spy and data collect from somebody else thank you very much.

An alternative to the above xattr -cr is xattr -rd which recursively deletes the attributes instead of clear.

I would test the software myself but my system is highly customized and locked down. It would mean me installing Virtual systems and I only have a a laptop with limited resources these days. Application is damaged is definitely a Gatekeeper issue and the quarantine flag. Once it has done it’s scan, set the quarantine flag and giving the user the warning, there is no going back until either that flag is removed or Gatekeeper is disabled and fresh copy of the app is downloaded to install.

If users want to temporally disable Gatekeeper to install and allow downloads from anywhere. Then launch the app once.
Type: sudo spctl --master-disable
Press Return:
Enter your password, The cursor will not move and there will be no feedback.
Press Return:

To then re-enable after the initial launch,
Type: sudo spctl --master-enable
Press Return:

Just downloaded Picard 2.3.2 - the issue still exists: unable to launch the app running High Sierra (10.13.6).
Using SmileyMiley’s method, with carV3’s drop-app-onto-terminal procedure quoted above, the app will now launch. Thank you both for the info.

Want testing Releases 2.2, 2.2.1, 2.2.2, 2.2.3 on macOS 10.13.6 and got an incompatibility configfile problem. So I delete the original post to prevent irritations.

@Elv65 This is a separate issue. Versions before Picard 2.3 are not compatible with configs created by pre-release versions. You can either run Picard 2.3 or later release versions or keep using the Picard 2.4 beta. Alternatively you can delete your config file.

1 Like

I see and wondering where the version info comes from. I have delete all configure files.
I want you to help testing your versions on macOS 10.13.6.

For all versions 2.2 up to 2.2.3 i open the DMG, copy MusicBrainz Picard to HD and starting it. After confirm to open the internet loaded app, all releases starting correctly.

Doing the same with 2.3.2 the dialog appears to tell me the app is corrupted and should be send to trash bin.

xattr -d MusicBrainz\
is a workaround to starting 2.3.2 on macOS 10.13.6

Do you have a 2.2.x or 2.3.0, 2.3.1 for short Test?

This then is the issue discussed here. We should have a fix for this in the next release. Until then you’ll need to stick with the 2.2.3 version.


[quote=“Elv65, post:16, topic:470673”]
I see and wondering where the version info comes from
[/quote]ctrl / right click on the Picard Application and Show Package Contents > Contents > Info.plist

You can find this either inside the Picard application in your applications folder or inside the Picard app within the DMG. Note to make changes to this file inside your Applications folder you will first have to disable System Integrity Protection (SIP). If any changes are made the App will then need to be re codsigned.

How to turn off System Integrity Protection in macOS

  1. Boot your Mac in Recovery Mode. (Command-R)
  2. Click Utilities.
  3. Select Terminal.
  4. Type csrutil disable
  5. Press Return
  6. Reboot as normal

To check SIP status

  1. Launch Terminal
  2. Type csrutil status
  3. Press return

SIP has now been disabled. Note this also bypasses kext signing and your system is potentially left vulnerable.

To re-enable SIP

Follow the steps above but instead of typing csrutil disable type csrutil enable

As for the ‘app is corrupted and should be sent to the trash’ warning this is a Gatekeeper issue so the app will have to be de-quarantined or disable Gatekeeper first and then re-download the App and install again. Disabling SIP is also a workaround for this as it bypasses the kext signing. Sometimes its necessary to disable both SIP and Gatekeeper to workaround restrictions. I know, this works against the grain and not how Apple should do things but Apple are becoming like Windows LOL

It’s all down to Apples false sense of security to drive money their way via the App store and developer fees. Yes there are security benefits for those who are not that knowledgable or lapse about things but the negatives outweigh the positives and quite frankly Apple have turned into an arse. Saying that, malware and ransomware attacks are on the rise so some people may apreciate this comfort blanket.

Thanks! Your tip worked for me, to install 2.4.4 on MacOS 10.12.6. Picard now starts up OK - I haven’t tried anything else so far! I frequently record live music (choir or handbells) with a Tascam digital audio recorder and then edit it with Audacity, so the metadata always needs to be edited to be useful…

This issue seems to be caused by Gatekeeper and wrongly set attributes on the app. Why this wrong attribute is set is currently unknown, but the solution is to clear this flag using the xattr tool. See the following FAQ entry for details:

Otherwise this is out of our control. So far only users on macOS 10.12 and 10.13 seem to be occasionaly affected by this.