search

DomT4 / homebrew-autoupdate

:tropical_drink: An easy, convenient way to automatically update Homebrew.
BSD 2-Clause "Simplified" License
987 stars 54 forks source link

Suggestion: Add a --no-quarantine option when updating or upgrading casks #66

Closed simonerancati closed 3 years ago

simonerancati commented 3 years ago

You should add a --no-quarantine option when updating or upgrading casks so apps won't show Apple's popup about apps downloaded from the internet

github-actions[bot] commented 3 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.

buschtoens commented 3 years ago

This issue is still very relevant and very annoying.

This could be fixed by running xattr -d com.apple.quarantine on the files. Something along these lines should work:

# Name of the quarantined cask.
CASK_NAME="kap"

# Get artifacts of cask in `/Applications/`, separated by `\n`.
# Example: `Kap.app`
CASK_ARTIFACTS="$(brew info --cask --json=v2 "$CASK_NAME" | jq -j --raw-output '.casks[0].artifacts[0] | join("\n")')"

QUARANTINE_FLAG="com.apple.quarantine"

# De-quarantine individual artifacts.
echo $CASK_ARTIFACTS | while read line ; do
  FULL_PATH="/Applications/$line"
  if xattr -p "$QUARANTINE_FLAG" "$FULL_PATH" > /dev/null ; then
    echo "De-quarantining $FULL_PATH"
    if xattr -d "$QUARANTINE_FLAG" "$FULL_PATH" ; then
      echo "SUCCESS: $FULL_PATH"
    else
      echo "ERROR: $FULL_PATH"
    fi
  else
    echo "$FULL_PATH is already de-quarantined"
  fi
done
buschtoens commented 3 years ago

I just found out, that --no-quarantine actually is a built-in option of brew cask. This was not clear from the OP, so I thought I'd share it here for other that were as oblivious to this fact as me.

Options

brew accepts a number of options:

Interestingly, the docs go on to talk about $HOMEBREW_CASK_OPTS:

To make these settings persistent, you might want to add the following line to your .profile, .bash_profile or .zprofile:

# Specify your defaults in this environment variable
export HOMEBREW_CASK_OPTS="--appdir=~/Applications --fontdir=/Library/Fonts"

Note that you still can override the environment variable HOMEBREW_CASK_OPTS by explicitly providing options in the command line:

# Will force the Chrome app to be moved to /Applications
# even though HOMEBREW_CASK_OPTS specified ~/Applications
$ brew install --appdir="/Applications" google-chrome

So, it seems that setting $HOMEBREW_CASK_OPTS to --no-quarantine could fix this issue.

I don't really know Ruby / brew, nor launchctl well, so I'm not sure, whether a simple export in e.g. .profile would work, but I kinda doubt it, as there's e.g. this:

https://github.com/Homebrew/homebrew-autoupdate/blob/51b00cffa1e8a0d4ca7e143c1436cbd98f090531/lib/autoupdate/start.rb#L56-L80

And further, this article states:

Setting global environment variables on OS X

Applications [...] can make use of environment variables in various ways. It is a bit of a mystery for many Mac users how to create environment variables that will be available for all applications, including those launched from icons, etc. [...]

Create the plist file under ~/Library/LaunchAgents/:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
 <key>Label</key>
 <string>my.startup</string>
 <key>ProgramArguments</key>
 <array>
 <string>sh</string>
 <string>-c</string>
 <string>launchctl setenv RV_OS_PATH_OSX /volumes/zdisk;
launchctl setenv RV_OS_PATH_WINDOWS Z:;</string>
 </array>
 <key>RunAtLoad</key>
 <true/>
</dict>
</plist>

To activate the environment.plist (assuming you named it environment.plist), run

launchctl load ~/Library/LaunchAgents/environment.plist
launchctl start ~/Library/LaunchAgents/environment.plist

So, if we're looking for am immediate fix that requires no changes to homebrew-autoupdate, the above snippet used with $HOMEBREW_CASK_OPTS should do the trick.

launchctl setenv HOMEBREW_CASK_OPTS "--no-quarantine"

Even if this works — I didn't test it yet — I still very much concur with @simonerancati and would much rather see this flag getting added to homebrew-autoupdate itself.

buschtoens commented 3 years ago

I've submitted #69 (nice.) in a (somewhat half-assed) attempt to fix this by letting users specify the $HOMEBREW_CASK_OPTS env var:

# Automatically upgrade every 12 hours, including the `--no-quarantine` flag to
# avoid annoying macOS quarantine warnings.
HOMEBREW_CASK_OPTS="--no-quarantine" brew autoupdate start 43200 --upgrade
simonerancati commented 3 years ago

Thank you for your interest and help in fixing my problem (especially because I wouldn't be able to do any of the things you did), I hope someone tests, makes changes if needed and approves your merge as quickly as possible!

DomT4 commented 3 years ago

Fixed (hopefully) via @buschtoens's PR. I've merged their PR because there's no real harm in the way it was implemented regardless, and it allows for wider community testing. We can review if that doesn't solve the issue but I think it should.