Re-tested Ghidra demo on macOS Apple Silicon (macOS 15.3.1)

updated Ghidra version to 11.13.1, improved project setup, and
added macOS Gatekeeper workaround.

docz/docs/03-demos/32-extensions/41-ghidra.md

@@ -27,7 +27,7 @@ This demo was tested by SheetJS users in the following deployments:
 
 | Architecture | Ghidra   | Date       |
 |:-------------|:---------|:-----------|
-| `darwin-arm` | `11.1.2` | 2024-10-13 |
+| `darwin-arm` | `11.13.1`| 2025-03-17 |
 
 :::
 
@@ -293,7 +293,7 @@ sudo npm install -g ghidra.js
 3) Create a temporary folder to hold the Ghidra project:
 
 ```bash
-mkdir -p /tmp/sheetjs-ghidra
+mkdir -p /tmp/sheetjs-ghidra; cd /tmp/sheetjs-ghidra;
 ```
 
 4) Copy the `TSTables` framework to the current directory:
@@ -321,6 +321,59 @@ binaries. `lipo` creates a new binary with support for one architecture.
 $(dirname $(realpath `which ghidraRun`))/support/analyzeHeadless /tmp/sheetjs-ghidra Numbers -import TSTables.macho
 ```
 
+<details>
+  <summary><b>Above Command Execution Notes</b> (click to show)</summary>
+
+On macOS, you may see the prompt:
+
+```
+**********************************************************************
+JDK 21+ (64-bit) could not be found and must be manually chosen!
+**********************************************************************
+Enter path to JDK home directory:
+
+```
+
+When this appears, enter the path to your JDK installation. The default path is typically:
+
+```
+/Library/Java/JavaVirtualMachines/jdk-[version].jdk//Contents/Home/
+
+```
+
+or similar, depending on your installed Java version.
+
+Make sure it's version 21 or greater. If you don't have it installed, you can install it via brew:
+
+```bash
+brew install --cask zulu@21
+```
+
+If you get a message saying "decompile Not opened", don't worry - this is just macOS Gatekeeper preventing the
+app from running.
+
+![macOS apple silicon, decompile not opened notice](pathname:///ghidra/macos_apple_silicon/decompile_not_opened_notice.png)
+
+To resolve adjust Gatekeeper settings:
+
+1. Open up "System Settings"
+2. Find the "Privacy & security" tab on the left side and click on it.
+3. Scroll down to "Security" section and look for "Allow application from".
+4. Choose the option saying "App Store & Known Developers
+5. Click "Allow Anyway" for "decompile" was blocked to protect your Mac.
+
+![macOS apple silicon, privacy security allow application and allow decompile](pathname:///ghidra/macos_apple_silicon/privacy_security_allow_application_and_allow_decompile.png)
+
+6. If you get another pop up modal `Open "decompile"` click "Open Anyway"
+
+![macOS apple silicon, Open "decompile" modal pop up](pathname:///ghidra/macos_apple_silicon/open_decompile_open_anyway.png)
+
+7. After you will get another pop up modal "Privacy & Security" click "Use Password..."
+
+![macOS apple silicon, "Privacy & Security" modal pop up](pathname:///ghidra/macos_apple_silicon/privacy_and_security_use_password.png)
+
+</details>
+
 :::note pass
 
 This process may take a while and print a number of Java stacktraces. The errors
@@ -350,6 +403,10 @@ $(dirname $(realpath `which ghidraRun`))/support/analyzeHeadless /tmp/sheetjs-gh
 
 10) Open the generated `SheetJSGhidraTSTCell.xlsx` spreadsheet.
 
+```bash
+open -a "Numbers" SheetJSGhidraTSTCell.xlsx
+```
+
 [^1]: The project does not have a website. The [source repository](https://github.com/vaguue/Ghidra.js) is publicly available.
 [^2]: `BrtRowHdr` is defined in the [`MS-XLSB` specification](/docs/miscellany/references)
 [^3]: See [`json_to_sheet` in "Utilities"](/docs/api/utilities/array#array-of-objects-input)