[Issue 20124] macOS 10.15 requires notarized apps

d-bugmail at puremagic.com d-bugmail at puremagic.com
Wed Aug 14 21:12:09 UTC 2019


https://issues.dlang.org/show_bug.cgi?id=20124

Vladimir Panteleev <dlang-bugzilla at thecybershadow.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |dlang-bugzilla at thecybershad
                   |                            |ow.net

--- Comment #9 from Vladimir Panteleev <dlang-bugzilla at thecybershadow.net> ---
(In reply to Jacob Carlborg from comment #0)
> On the latest version of macOS, Catalina (10.15), currently in beta, it's
> required that all applications are notarized. This includes command line
> applications and installers.

(In reply to Jacob Carlborg from comment #8)
> I looked into this a bit more. It looks like the OS (in this version at
> least) only checks applications with the quarantined flag.

I was about to say, that sounded strange, as based on your initial description,
it would also apply to executables *produced* by the compiler, making it thus
impossible to use any compiler on such a system. Presumably there would be a
developer mode that someone could enable to run non-notarized programs, but
then, this would also apply to the compiler itself, making it unnecessary to
notarize.

We already do code signing for Windows, so if the foundation has the money to
spare and the release manager can fit this into their flow, I guess "why not".

> That's an
> extended attribute which is set when downloading a file using a browser
> (tested with Safari and Chrome). When I download the same file using "curl",
> it's not set. So that's not as bad as I thought it was.

BTW, Windows and Free Desktop platforms (Linux/FreeBSD) have this too. On
Windows it's in the :Zone.Identifier:$DATA alternate NTFS stream, and on Free
Desktop, it's the user.xdg.referrer.url extended attribute.

--


More information about the Digitalmars-d-bugs mailing list