It usually happens that you can not run a downloaded binary from command line.

The OS would complain that

"watchman" cannot be opened because the developer cannot be verified.

macOS cannot verify that this app is free from malware.

Chrome downloaded this file today at 9:30 AM from github.com

There are many online tutorials telling you to overcome this obstacle by navigate to the binary location, right click, select open, and confirm

macOS cannot verify the developer of "watchman". Are you sure you want to open it?

By opening this app, you will be overriding system security which can expose your computer and personal information to malware that may harm your Mac or compromise your privacy.

Chrome downloaded this file today at 9:30 AM from github.com

However, this approach has two demerits

  • It requires GUI. Thus, it is not possible to apply to several files at once.
  • To mark some files as safe, it must be opened (executed).

Workaround 1

Use xattr -dr com.apple.quarantine <directory, binary, .app, or dylib path>


Workaround 2

Suppose that the path of the binary you want to mark as safe is /opt/watchman/bin/watchman.

  • Step 1: run xattr -p com.apple.quarantine /opt/watchman/bin/watchman. This will print a string starting with 0081;, for example 0081;5e7fec61;Chrome;6585C1D3-E260-4275-9E6E-505DF8D6B7EE.
  • Step 2: copy the output string, replace first 4 characters with 00c1.
  • Step 3: run xattr -w com.apple.quarantine "00c1;5e7fec61;Chrome;6585C1D3-E260-4275-9E6E-505DF8D6B7EE" /opt/watchman/bin/watchman

Now the binary /opt/watchman/bin/watchman can be run from command line without any complain from the OS.

Those above steps can be combined in one composed commands

xattr -w com.apple.quarantine "$(xaatr -p com.apple.quarantine /opt/watchman/bin/watchman | sed 's/^.\{4\}/00c1/')" /opt/watchman/bin/watchman

Further information

To list all file attributes use one of following commands

  • ls -al@ <path>
  • attr -lr <path>