New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
caveats: add an unsigned_accessibility caveat message #7652
caveats: add an unsigned_accessibility caveat message #7652
Conversation
This is useful for applications that are not signed by the developer and require Accessibility access. Because the app is not signed, macOS only authorizes the current binary, and so when it is updated (and the binary changes) the new version is unsigned, despite the app still showing as ticked in System Preferences. The user has to manually untick and retick the app each time. The ideal fix is for the developer to sign their app, but not all developers are willing to pay for this, so the best we can do is to advise users of the workaround/solution. Refs: Homebrew/homebrew-cask#83157
@@ -58,6 +58,19 @@ def eval_caveats(&block) | |||
EOS | |||
end | |||
|
|||
caveat :unsigned_accessibility do |access = "Accessibility"| | |||
# access: the category in System Preferences -> Security & Privacy -> Privacy the app requires. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
so you will need to re-grant Accessibility access every time the app is updated. | ||
|
||
Enable or re-enable it in: | ||
System Preferences → Security & Privacy → Privacy -> #{access} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I considered actually running open /System/Library/PreferencePanes/Security.prefPane
to open the pane for the user, but that would get run even if you run brew info
AIUI, so decided against it.
Also didn't document that as having two ways to do the first step is needlessly confusing.
Thanks so much for your first contribution (hopefully of many)! Without people like you submitting PRs we couldn't run this project. You rock, @gibfahn! |
As every user will hit this on every upgrade (e.g. [0][], [1][]), we should document this in the cask itself. Uses the caveat defined in [2][], and adds documentation for it. [0]: hluk/CopyQ#1030 [1]: hluk/CopyQ#1245 [2]: Homebrew/brew#7652
This is useful for applications that are not signed by the developer and
require Accessibility access.
Because the app is not signed, macOS only authorizes the current binary,
and so when it is updated (and the binary changes) the new version is
unsigned, despite the app still showing as ticked in System Preferences.
The user has to manually untick and retick the app each time.
The ideal fix is for the developer to sign their app, but not all
developers are willing to pay for this, so the best we can do is to
advise users of the workaround/solution.
Refs: Homebrew/homebrew-cask#83157
cc/ @vitorgalvao
brew style
with your changes locally?brew tests
with your changes locally?