+1. I ran into this as well and it’s been really painful. The issue comes from changes in codesigning on OS X and the way the OS X installer works. In the olden days only binaries would get signed, but now it’s the entire package. Since that change happened the contents of a bundle must not change after signing or loading will fail. At the same time the OS X installer merges folders when installing and thus does not overwrite bundles which are folders, but merges the files contained.
Now if you happen to rename or remove a file in a new version of a signed bundle or have some crap files happen to somehow end up in the bundle, the old data will still stick around and invalidate the new signature.
Signing has changed around OS X 10.11 and the installer… it has always worked like this, but with binary-only signing it wasn’t as harmful.
The only solution is to add a cleanup-script before the install that deletes an existing installation completely. Apple could have prevented this mess by easily allowing the installer to overwrite folders.
Figuring out what happened took forever because for me it also happened just for a few people depending on their version history.
I also use packages. I made a very simple script that is executed “Pre-installation” on my AAX packages target:
rm -rf "/Library/Application Support/Avid/Audio/Plug-Ins/plugin.aaxplugin"