You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
macOS requires you to allow an app to run when you download it from the internet. While I think the policy makes sense, it would be nice to "pre-approve" an application I download.
I would propose an --approve-gatekeeper flag that I can use when installing an application.
Secondly, it would be really great if this could be captured in the bundle, such that reinstalling a bundle captures this information.
Justification
I think it's import a tool like this be opt-in (hence the command line arg). It is useful when writing scripts to be able to say "I know what this cask is doing" and you can bypass system dialogs.
The commands that you need to run are not terribly difficult, but they're obscure and they rely on knowing the path to the application. If integrated into brew cask, this would make it easier to script and ensure that if something like an application path changes.
Example use case
I have no specific attachment to the name, but something like:
brew cask install atom --approve-gatekeeper
or in a Brewfile
cask"atom",:approve_gatekeeper
More info
Most apps can bypass the app launch modal with the command by running: xattr -d -r com.apple.quarantine /Applications/Atom.app/. There some extensions that are not signed and there is a second command for those. See these two links:
To me, an allowance per-app seems like the right trade-off between security and annoyance. Allowing all apps in your application directory could be a valid option but that seems potentially less common to me.
Also, I tried searching for gatekeeper in the closed issues, but since it's commonly in the debug logs I couldn't tell if there has been a similar request. Apologies if so!
The text was updated successfully, but these errors were encountered:
Description of feature/enhancement
macOS requires you to allow an app to run when you download it from the internet. While I think the policy makes sense, it would be nice to "pre-approve" an application I download.
I would propose an
--approve-gatekeeper
flag that I can use when installing an application.Secondly, it would be really great if this could be captured in the bundle, such that reinstalling a bundle captures this information.
Justification
I think it's import a tool like this be opt-in (hence the command line arg). It is useful when writing scripts to be able to say "I know what this cask is doing" and you can bypass system dialogs.
The commands that you need to run are not terribly difficult, but they're obscure and they rely on knowing the path to the application. If integrated into brew cask, this would make it easier to script and ensure that if something like an application path changes.
Example use case
I have no specific attachment to the name, but something like:
or in a
Brewfile
More info
Most apps can bypass the app launch modal with the command by running:
xattr -d -r com.apple.quarantine /Applications/Atom.app/
. There some extensions that are not signed and there is a second command for those. See these two links:To me, an allowance per-app seems like the right trade-off between security and annoyance. Allowing all apps in your application directory could be a valid option but that seems potentially less common to me.
Also, I tried searching for gatekeeper in the closed issues, but since it's commonly in the debug logs I couldn't tell if there has been a similar request. Apologies if so!
The text was updated successfully, but these errors were encountered: