Welcome to the community !
Indeed, macOS Catalina is stricter about running softwares you’ve downloaded that are not signed by an official Apple dev license. You will get similar issues with other downloaded software.
Several options here, from the more specific to the more general :
- Allow only this executable file : Run SonarQube again, then go
System Preferences->Security & Privacy, and in theGeneraltab you will see at the bottom the executable that was recently blocked. From this, you can clicopen anyway.
Next time you run SonarQube you will be prompted for a definitive approval :
- Allow any executable run from the
Terminal: goSystem Preferences->Security & Privacy, and in thePrivacytab, scroll in the list forDeveloper Tools, check theTerminalapp. Then restart theTerminalApp and re-run your command. - Allow all downloaded app :
sudo spctl --master-disableto allow apps downloaded from Anywhere. Be careful with that choice.
Under the hood, macOS enforce to place a quarantine flag com.apple.quarantine on :
- downloaded files with a quarantine-aware application like Safari, Firefox or Chrome
- extracted files from an archive with application like Archive Utility or macOS
tarorzip - file created with an application that has
LSFileQuarantineEnabledset to true in theInfo.plist
You can see this flag by running this on the downloaded file/folder:
- on the downloaded zip :
xattr -p com.apple.quarantine sonarqube-8.0.zip - or on the unzipped files :
xattr -p com.apple.quarantine sonarqube-8.0/bin/macosx-universal-64/wrapper
That will prompt something like :
0081;5da594f6;Chrome;A9A2B7E9-B323-4735-81EB-A8F13F892031
Which give you the name of the App that set the flag, and as a first value an hexadecimal field describing the GateKeeper score on that file. If you manually allow the wrapper with the 1 method i described, you will see this value updated.
You can remove programmatically this flag with :
xattr -dr com.apple.quarantine /path/to/sonarqube-8.0/
-d is for delete, -r for recursively in the folder.