VSCodium 1.85.2 on macOS Unnotarized Developer ID Issue
spctl -a -vv /Volumes/VSCodium/VSCodium.app /Volumes/VSCodium/VSCodium.app: rejected source=Unnotarized Developer ID origin=Developer ID Application: Peter Squicciarini (C7S3ZQ2B8V)
When “assessing” code for execution, Gatekeeper evaluates each of these requirements in turn, and the first one that matches (if any) is the applicable policy. Most of the policies are allow types, meaning that matched code is allowed to run, but there are also deny types (such as Unnotarized Developer ID), which means that matched code is prohibited from running.
Here is some interesting general information to check about resolving and testing against Gatekeeper problems:
Resolving Gatekeeper Problems | Apple Developer Forums:
The post titled "Resolving Gatekeeper Problems" on the Apple Developer Forums, written by Quinn "The Eskimo!" from Developer Technical Support at Apple is a comprehensive guide addressing common issues related to Gatekeeper on macOS. Gatekeeper is a security feature designed to ensure that only trusted software runs on a user's Mac, and the post focuses on helping developers troubleshoot and resolve issues that may arise in this context.
The post identifies four common Gatekeeper problems that developers may encounter:
App blocked by a dangling load command path.
Broken code signature.
Lack of notarization.
Command-line tool blocked by Gatekeeper.
For each of these issues, the post provides detailed steps and guidance on how developers can resolve them. The emphasis is on the importance of passing Gatekeeper checks to maintain customer trust and avoid potential loss of customers.
Key points covered in the post include:
• Verification of Code Signature: Developers are advised to use the codesign tool to verify that their code is signed correctly. The post provides examples of command-line usage to check for issues such as missing or invalid sealed resources.
• Notarization Issues: Gatekeeper requires that apps be notarized, and the post guides developers on how to identify and resolve notarization problems. It includes information on checking system logs for specific entries related to notarization issues.
• Hash Mismatch: In cases where there's a hash mismatch, the post provides guidance based on the file type (e.g., zip archive, signed disk image, installer package) and recommends specific actions to address the problem.
• Command-line Tool Blocking Bug: A known bug in macOS is acknowledged, where double-clicking a command-line tool in Finder may lead to it being blocked by Gatekeeper. Workarounds, such as embedding the tool in an application or using an installer package, are suggested.
Throughout the post, there are references to Apple's documentation and resources related to code signing and notarization, providing developers with additional information for a deeper understanding.
FYI:
VSCodium 1.85.2 on macOS Unnotarized Developer ID Issue
spctl -a -vv /Volumes/VSCodium/VSCodium.app /Volumes/VSCodium/VSCodium.app: rejected source=Unnotarized Developer ID origin=Developer ID Application: Peter Squicciarini (C7S3ZQ2B8V)When “assessing” code for execution, Gatekeeper evaluates each of these requirements in turn, and the first one that matches (if any) is the applicable policy. Most of the policies are allow types, meaning that matched code is allowed to run, but there are also deny types (such as Unnotarized Developer ID), which means that matched code is prohibited from running.
Here is some interesting general information to check about resolving and testing against Gatekeeper problems:
Resolving Gatekeeper Problems | Apple Developer Forums:
The post titled "Resolving Gatekeeper Problems" on the Apple Developer Forums, written by Quinn "The Eskimo!" from Developer Technical Support at Apple is a comprehensive guide addressing common issues related to Gatekeeper on macOS. Gatekeeper is a security feature designed to ensure that only trusted software runs on a user's Mac, and the post focuses on helping developers troubleshoot and resolve issues that may arise in this context. The post identifies four common Gatekeeper problems that developers may encounter:
For each of these issues, the post provides detailed steps and guidance on how developers can resolve them. The emphasis is on the importance of passing Gatekeeper checks to maintain customer trust and avoid potential loss of customers. Key points covered in the post include:
• Verification of Code Signature: Developers are advised to use the codesign tool to verify that their code is signed correctly. The post provides examples of command-line usage to check for issues such as missing or invalid sealed resources. • Notarization Issues: Gatekeeper requires that apps be notarized, and the post guides developers on how to identify and resolve notarization problems. It includes information on checking system logs for specific entries related to notarization issues. • Hash Mismatch: In cases where there's a hash mismatch, the post provides guidance based on the file type (e.g., zip archive, signed disk image, installer package) and recommends specific actions to address the problem. • Command-line Tool Blocking Bug: A known bug in macOS is acknowledged, where double-clicking a command-line tool in Finder may lead to it being blocked by Gatekeeper. Workarounds, such as embedding the tool in an application or using an installer package, are suggested.
Throughout the post, there are references to Apple's documentation and resources related to code signing and notarization, providing developers with additional information for a deeper understanding.
https://forums.developer.apple.com/forums/thread/706379