[PD-dev] macOS 10.15 notarization

Dan Wilcox danomatika at gmail.com
Wed Dec 11 23:23:39 CET 2019 

We might need to add an entitlements file which specifies which things are "allowed," one of which is loading non-signed external libs. I ran into this with a project at work which uses libpd and loads a couple externals.

> On Dec 11, 2019, at 9:56 PM, Kevin Haywood <khaywood at ucsd.edu> wrote:
> 
> I just discovered the huge headache of the notarization system under Catalina: the OS will prevent loading of every non-notarized *external* that you try to load. This appears to be a 3-part ordeal per external:
> 
> macOS’ first message is thrown the first time you open a patch with a non-notarized external:
> 
>     “myexternal~.pd_darwin” cannot be opened because the developer cannot be verified. macOS cannot verify that this app is free from malware.
> 
> The buttons accompanying this message are Move to Trash (!) and Cancel.
> 
> There are probably other ways, but to fix this, I had to go to System Preferences > Security & Privacy and click the button that allows authorization for the last binary that was prevented from launching.
> 
> I then had to quit and restart Pd. Opening a patch containing the offending external, I’m greeted with an error message similar to the first:
> 
>     macOS cannot verify the developer of “myexternal~.pd_darwin”. Are you sure you want to open it? By opening this app, you will be overriding system security which can expose your computer and personal information to malware that may harm your Mac or compromise your privacy.
> 
> You get Move to Trash, Open, and Cancel buttons this time. If you say Open, your external is allowed to load from this point on. But note that you have to do this 3-step process for every external, and only at the time that they’re first loaded, meaning we’re going to have to go through this whenever we first load up some old patch with a (64-bit) external we haven’t used in a while : \
> 
> Kevin

--------
Dan Wilcox
@danomatika <http://twitter.com/danomatika>
danomatika.com <http://danomatika.com/>
robotcowboy.com <http://robotcowboy.com/>



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.puredata.info/pipermail/pd-dev/attachments/20191211/12930326/attachment-0001.html>

More information about the Pd-dev mailing list