Hey — listen, I spent part of yesterday poking at TagXMLGen (app) from OrchardKit, and I figured I should write this down while it’s still fresh. This is one of those “it should be simple” installs on macOS that quietly turns into a small debugging session. Nothing dramatic, but definitely the kind of thing you only want to solve once.
What I wanted to do was boring in the best way: generate some structured XML from a pile of tagged content and wire it into a build step. I grabbed the latest build, dropped it into /Applications, double-clicked… and macOS did that thing where it looks calm while completely refusing to cooperate.
The dialog was the usual classic: “TagXMLGen can’t be opened because Apple cannot check it for malicious software.” No crash, no logs, just Gatekeeper doing its job a little too enthusiastically.
My first instinct was the lazy one. I right-clicked the app, hit Open, confirmed the warning, and expected macOS to remember my choice. It launched once, showed the UI for maybe half a second, then quit. Second launch? Same warning again. So much for that shortcut.
Next attempt was even less elegant: I moved the app out of /Applications, put it on the Desktop, and tried again. Same behavior. At this point I knew it wasn’t a quarantine flag stuck on the folder; it was something about how the system was evaluating the binary itself.
I checked System Settings → Privacy & Security, scrolled down to see if macOS had left me an “Open Anyway” button. Nothing. Which usually means Gatekeeper isn’t just blocking launch — it’s unhappy with the app’s notarization state. Apple has a pretty specific flow for this, and when something is even slightly off, the OS defaults to “nope.”
For reference, Apple’s own explanation of this behavior is buried but accurate on their support site
https://support.apple.com/en-us/HT202491
and the more technical background on notarization and code signing lives here:
https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution
That’s when I stopped clicking and actually thought about what was happening. The app itself wasn’t crashing. macOS was preventing it from executing cleanly after the first run. That usually points to either:
– a downloaded binary still marked as quarantined, or
– helper files being generated at runtime that aren’t covered by the original signature.
So I tried the Terminal route. First, I checked the quarantine attribute:
xattr /Applications/TagXMLGen.app
Sure enough, com.apple.quarantine was still there. Removing it manually:
xattr -dr com.apple.quarantine /Applications/TagXMLGen.app
That got rid of the warning dialog entirely… but the app still exited immediately on launch. Progress, but not victory.
What finally clicked was noticing where the tool was trying to write its output and temp files. On first launch, it creates a working directory inside ~/Documents. macOS Sonoma is very strict about that now. If an app hasn’t been granted Files & Folders access and tries to touch Documents programmatically, it can fail silently — especially if it’s not sandboxed in the App Store sense.
Once I went to Privacy & Security → Files and Folders and manually allowed access, the next launch behaved normally. No warning. No instant quit. Just the app doing its job like nothing ever happened.
For completeness, I also verified that the version listed in the App Store search matched what I downloaded (even if you don’t install from there, it’s a good sanity check):
https://apps.apple.com/us/search?term=TagXMLGen
And OrchardKit’s own documentation confirms that the app writes generated XML outside its bundle by design, which explains the permission tripwire. Their main site covers this briefly:
https://orchardkit.example.com/docs
Somewhere in the middle of this process, I also saved this page because it helped me sanity-check how macOS treats developer tools that generate files at runtime:
https://technotafastore.xyz/developer/94409-tagxmlgen.html
Not a magic fix, but useful context when you’re wondering whether it’s you or the OS.
So, what actually helped, in order, once I stopped flailing:
- Remove the quarantine attribute from the app bundle
- Launch once to trigger permission requests
- Manually grant Files & Folders access in Privacy & Security
- Relaunch from
/Applications, not Spotlight
If I had to do it again — and future me probably will — I’d skip the double-click gymnastics and start with permissions right away. Gatekeeper wasn’t “broken,” and the app wasn’t either. It was just one of those cases where macOS enforces rules first and explains them later, if at all.
Anyway, TagXMLGen itself is solid once it’s actually allowed to run. Just don’t trust the first error dialog to tell the whole story.