Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Jekyll & Gatekeeper #573

Closed
chrisfinazzo opened this issue Jun 11, 2012 · 3 comments
Closed

Jekyll & Gatekeeper #573

chrisfinazzo opened this issue Jun 11, 2012 · 3 comments
Labels
frozen-due-to-age

Comments

@chrisfinazzo
Copy link
Contributor

With the next release of Mac OS X not far off, I'm wondering if anyone's considered how Jekyll will/will not address the addition of a feature like Gatekeeper. Most of you are probably aware of this, but it's been on my mind lately so I thought I'd put it out there.

Currently, 3 modes are supported within Gatekeeper:

  1. Mac App Store only
  2. Mac App Store + "Known developers" (The Developer ID program)
  3. Install from anywhere

Thinking about how Jekyll (and its dependencies) fit in, it seems like only #2 and #3 are an option given the Sandboxing rules which apply to MAS applications. Does Jekyll plan to adopt Dev ID? I'm not aware of anything in the MIT License which would prevent this (as opposed to say, GPL, which might have stricter requirements), but I'm by no means an expert on it either.

From what I know, there is an override where you can right-click an application's icon to bypass the Gatekeeper dialog, but as Jekyll and the dependencies are run from a Terminal, this obviously doesn't work.

As things stand, the default Gatekeeper setting is #2, which seems like a fair compromise, but since Jekyll is open source, the question remains. From a security perspective, it would be reassuring to know that all the software I'm using has either been vetted (through the App Store) or comes from developers in good standing.

I seem to remember that a number of the Jekyll developers are Mac users (TPW, for example), but I'm curious if they've decided how to handle this?
@tombell
Copy link
Contributor

tombell commented Jun 11, 2012

You install Jekyll via rubygems, and Ruby is compiled from source, rvm or rbenv so I think it depends really on how installing ruby, rvm or rbenv goes.

@tombell
Copy link
Contributor

tombell commented Jun 11, 2012

I think Gatekeeper really only refers to actual .app applications. If it extends to command line applications it's going to be a real hinderance to many people who actually like OSX because it's UNIX.

@chrisfinazzo
Copy link
Contributor Author

Thanks for the reply, I hope you're right.

Seems like they couldn't enforce something like that especially since they've moved to distribute Xcode (and the Command line tools) through the store, but the pessimist in me says it's a toss up. I question it simply because they haven't commented on this particular use case, but given the UNIX core on Macs it would really be a blow to open source development. At this point, I'm cautiously optimistic.

@jekyll jekyll locked and limited conversation to collaborators Feb 27, 2017
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
frozen-due-to-age
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@tombell @chrisfinazzo @jekyllbot