Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Can't open Sourcetree because Apple cannot check it for malicious software

Just downloaded Sourcetree 4.0.1 from the Sourcetree website and received the following message - "Sourcetree' can’t be opened because Apple cannot check it for malicious software."

Note - I am running macOS 10.15.2. 

2 answers

1 accepted

7 votes
Answer accepted

Solution that helped me 

1) open 'system preferences' 

2) navigate to 'security & privacy' 
3) allow the use of Sourcetree

That is not a good and potentially very dangerous solution.

The only right solution is to move download app into the Trash and contact Atlassian. This build can be compromised and was not notarised. It's very easy to notarise application with Apple in automated fashion. Atlassian should fix this.

Like # people like this

"The only right solution is to move download app into the Trash and contact Atlassian". That is non-solution.

Whenever the advice is to not use a viable product until they meet someone else's demands, then feel free to disregard. Whether or not you trust the brand and product is more important than whether or not it meets the demands of a 3rd party (Apple).

The number of excellent products that are not notarized with Apple is staggering. It's a nice extra step, that provides greater confidence in the implementation of some security precautions and features, but it's far from necessary.

Like # people like this

Do you know what is staggering? The fact that Atlassian still has not solved this issue after at least half a year! The last update of Sourcetree is from januari this year.

Like # people like this

The solution is to validate the download with the hash provided by Atlassian… Atlassian doesn't provide any way to validate?! The trash looks like the best solution to me too. If, however, the trash isn't an option, then you can "right-click" (two finger tap, control-click, or right-click) the app, choose "Open", then click "Open" on the window that appears.

I can understand a company choosing not to use Apple's validation, even a company as big as Atlassian; but I don't understand them also not having their own validation.

Like # people like this

Sourcetree is handling our company's most precious assets - our app's source code. I need to be able to trust it, and notarization is an integral part of the macOS trust and security system. It's ridiculous that after one year, this hasn't been addressed yet. I'm switching to another git client.

Like # people like this

I’ve been using Tower for more than a month now both at home and at work, it’s been treating me well.

Like Tobias likes this

It seams that notarisation issue was resolved. I just tested the version 4.1.2 (238) and I was able to open the app in a normal way. 

Suggest an answer

Log in or Sign up to answer
Community showcase
Published in Sourcetree

Tip from the team: configure your repos for hosting goodness!

Supported Platforms macOS Windows We recently introduced support for additional hosting services such as GitHub Enterprise, GitLab (Cloud, Community Edition, Enterprise Edition), and...

7,105 views 5 13
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you