-
Notifications
You must be signed in to change notification settings - Fork 24
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make IDEasy usable on MacOS with active Gatekeeper #451
Comments
Please also note that once the app is whitelisted for gatekeeper in the security settings (see other alternatives in the article) then the app is sealed and cannot be modified anymore. So we cannot copy our |
|
The problem with Apple is that they publish updates and do significant breaking changes without caring about open-source ecosystems and non-apple-native developers. While I fully agree that security is a very imporant issue and that you sometimes need to do breaking changes to avoid legacy flaws blocking future development but Apple seems to be the absolute opposite of Microsoft and just keep their narrow-minded monopoly running ignoring the rest of the world. Sorry, for the harsh words, but to make clear points I tend to use strong words... After all they are rendering months if not years of open-source developer work void over night. That is a very frustrating experience since we are trying very hard to support MacOS over many years now and frequently get a hard time with that. |
List of tools and their Gatekeeper status:
|
On modern MacOS devices gatekeeper is most likely activated to increase security.
As a result apps downloaded from the Internet, cannot be opened without strange quirks.
However, the entire purpose of IDEasy is to download apps from the internet and allow you to start them.
Therefore, with the MacOS gatekeeper active currently IDEasy is almost not usable since every app will open a popup like this:
Normal users will not know how to proceed since
Cancel
will prevent that the app is opened andMove to trash
is even worse and will delete the app and break the installation that was just created by IDEasy.There are some security mechanisms implemented in IDEasy that do checksum verification.
Surely the vendors like the apache software foundation could potentially publish a new release of their tool with evil code that will erase your disc or encrypt all your files and ask for ransom. However, open-source software is based on trust and transparency. If a prominent OSS tool would ever do that it will kill its entire reputation for the tool and the foundation behind it - forever.
Also since we test releases upfront, we hopefully notice and would ban the release from our urls repository so that it does not reach our users.
I just researched the topic and studied this article.
So after reading all the options, I come to conclusion that we should try to run something like this on the macos app after the installation:
I am unsure if that operation will work for the entire app or has to be called recursively for every file in the app.
Workaround
Not really the proposed solution but as a simple workaround users can disable gatekeeper:
related issues
#452
The text was updated successfully, but these errors were encountered: