“PageEdit” can’t be opened because Apple cannot check it for malicious software.

[rwebber81]

Version: PageEdit.app-1.9.20-Mac.txz
MacOS Version: 13.4.1
Error:
“PageEdit” can’t be opened because Apple cannot check it for malicious software.
This software needs to be updated. Contact the developer for more information.

Appears the application needs to be notarised.
While right-clicking and 'open' can bypass this, in a larger deployment this means that each device needs to be manually approved, which is not viable.

Please let me know if you would like any more information.

[kevinhendricks]

Not a bug.

PageEdit is not "notarized" and will never be "notarized" as OpenSource software that does not use the Mac AppStore should never allow Apple to control things by its "approval process". If Apple really cared about security of an app they can easily see each and every line of our source code.

I already pay over $100 annually for a digital signature because Apple required it with no relief from Apple for Sigil/PageEdit being completely free and me volunteering my time for over that last 7 years to help develop them. More importantly, Apple has no right to final say as to whether users can use OpenSource software that is NOT distributed through their App store.

As you noted, aside from that, to run PageEdit simply right click on the PageEdit icon and select "open". MacOS will then warn you. Then right click on the PageEdit icon the second time and select "open" again and PageEdit will launch, my digital signature will be verified as it has for over 7 years, and run just fine.

If users let Apple completely determine what runs on their own desktop machine, they will be completely in a walled garden and subject to Apple's whims. I will not aide or abet Apple in doing this and neither should anyone else. They are using FUD (fear uncertainty and doubt) just like Microsoft has long been accused of to try to take complete control of the desktop. If that is what you want, then stay completely away from OpenSource software.

The day macOS desktops stops running what I tell it to on my own machine, will be the day I abandon macOS and return to Linux.

And for multiple installations, simply use xattr -d com.apple.quarantine on the PageEdit.app once and move it around. I literally have it as part of the script to install trusted software.

Closing this issue as not a bug.

[kevinhendricks]

FWIW, according to Apple:

"Applications and packages installed through management systems bypass Gatekeeper and do not need to be notarized."

And IMHO, no admin should be sending company internal apps to Apple for notarization. It would be a security disaster in the making. Creating a huge single point of failure.

And of course, you can always build PageEdit from source (along with all of Qt and QtWebEngine) and sign it yourselves and even notarize you own builds if you so desire. It is opensource. Just abide by the rules of the GPL license and make your source available to everyone. Build docs are provided.

[rwebber81]

Hi - thanks, A simple yes or no would have been plenty. Regards, Rich On 19 Jul 2023, at 15:54, Kevin Hendricks ***@***.***> wrote: External Email: Use caution when responding, opening attachments, or clicking links. FWIW, according to Apple: Applications and packages installed through management systems bypass Gatekeeper and do not need to be notarized. — Reply to this email directly, view it on GitHub<#31 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AMOJY6GSI5AQRDMWBX2XOWDXQ7YJJANCNFSM6AAAAAA2P7DBUE>. You are receiving this because you authored the thread.Message ID: ***@***.***>

…

________________________________ BU is a Disability Confident Employer and has signed up to the Mindful Employer charter. Information about the accessibility of University buildings can be found on the BU AccessAble webpages. This email is intended only for the person to whom it is addressed and may contain confidential information. If you have received this email in error, please notify the sender and delete this email, which must not be copied, distributed or disclosed to any other person. Any views or opinions presented are solely those of the author and do not necessarily represent those of Bournemouth University or its subsidiary companies. Nor can any contract be formed on behalf of the University or its subsidiary companies via email.

[kevinhendricks]

Sore subject as the same issue has been brought up repeatedly in Sigil and no one searches for the closed issue. And the same on Mobileread.

[kevinhendricks]

Because support for the right-click twice on Open to launch unnotarized apps is going away in the next version ofmacOS, we have reluctantly started jotaring both Sigil and PageEdit.