search

glacambre / firenvim

Embed Neovim in Chrome, Firefox & others.
GNU General Public License v3.0
4.65k stars 143 forks source link

macOS Ventura blocks jansi lib because it isn't verified #1540

Closed j-hui closed 1 year ago

j-hui commented 1 year ago

chrome://version:

Arc 114.0.5735.45 (Official Build) (x86_64) 
Revision    94eb79f57830359fbc4300679cb5a1c19e57372a-refs/branch-heads/5735@{#952}
OS  macOS Version 13.4 (Build 22F66)
JavaScript  V8 11.4.183.14
User Agent  Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36
Command Line    /Applications/Arc.app/Contents/MacOS/Arc --flag-switches-begin --flag-switches-end
Executable Path /Applications/Arc.app/Contents/MacOS/Arc
Profile Path    /Users/jhui/Library/Application Support/Arc/User Data/Default
Linker  lld

What I tried to do

Open firenvim in textbox

What happened

macOS pops open this warning about loading some kind of shared library:

image

In fact, two of these pop up, one after the other.

It doesn't seem to affect the text editing experience. It's just annoying because I need to close this every time I enter a text box.

glacambre commented 1 year ago

Hi,

Firenvim is a pure lua plugin. It does not have binaries in any shape or form, much less libraries. This means that it's likely this library is being loaded when you launch Neovim, either because you are infected with malware or because one of your other plugins is loading it.

In order to confirm this, I would recommend disabling all of your plugins except Firenvim and seeing if the message disappears. If the message disappears, then one of your plugins is responsible. If the message persists, then you probably have malware that gets run when Neovim is launched somehow (possibly due to an infected dylib?).

I'm going to close this issue because Firenvim is not responsible for this pop-up, but please do not hesitate to ask more questions if you have them or need more help. Your situation is very worisome and I'll be happy to help however I can.

j-hui commented 1 year ago

Thanks for your guidance! I found the problem, and thankfully (I hope?) it isn't malware...

It turns out it was because my lspconfig was loading ltex-ls, a language server for spelling and grammar. The language server itself is implemented in Kotlin, and depends on jansi.

Some other notes: this problem only seems to appear when using Firefox or Arc (which I believe uses chromium under the hood); I don't get this warning when using this plugin with Chrome.

My solution is simply to not use ltex (I was already considering ditching it since its diagnostics are quite noisy).

Thanks again for your help!