can't be opened because the identity of the developer cannot be confirmed

[gitcnd]

Describe the bug Malware-protection and user safety are EXTREMELY IMPORTANT to everyone, especially Apple, which is why they now ban lazy couldn't-care-less developers from shipping untrusted code that runs on our machines. Anything unsigned can easily be hijacked and trojanned, and in case you're not aware, properly signed code is inspected by apple for risks that could compromise our systems. It protects us against your own mistakes, and many of your possible malicious intents, and against hackers leveraging your laziness to attack us.

Expected behavior Developers spend the effort to keep us safe by properly signing their code.

Note Please do not close this without fixing. I know this sounds rude, but think about how rude you're being by forcing all your users to disable their security and the unnecessary risks you're placing on all your customers. Which is worse?

[lordofhyphens]

I have pinged Alessandro, as I am dealing with a local natural disaster and barely have any access to anything. I believe that the copy we have up on our CI server (everything is signed and has been signed) has expired.

On Wed, Aug 12, 2020, 9:18 PM Chris Drake notifications@github.com wrote:

Describe the bug Malware-protection and user safety are EXTREMELY IMPORTANT to everyone, especially Apple, which is why they now ban lazy couldn't-care-less developers from shipping untrusted code that runs on our machines. Anything unsigned can easily be hijacked and trojanned, and in case you're not aware, properly signed code is inspected by apple for risks that could compromise our systems. It protects us against your own mistakes, and many of your possible malicious intents, and against hackers leveraging your laziness to attack us.

Expected behavior Developers spend the effort to keep us safe by properly signing their code.

Note Please do not close this without fixing. I know this sounds rude, but think about how rude you're being by forcing all your users to disable their security and the unnecessary risks you're placing on all your customers. Which is worse?

[image: Screen Shot 2020-08-13 at 12 09 02 pm] https://user-images.githubusercontent.com/4301826/90087002-11e3e100-dd5f-11ea-8307-4fd19cccb519.png

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/slic3r/Slic3r/issues/5005, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAAHYCWZ3C35OFVWG4UAM2LSANEQDANCNFSM4P5T7BDA .

[lordofhyphens]

@gitcnd So I finally have power and internet again. 1.3.0 should have been signed. I don't know why Apple has decided to screw with us.

[lordofhyphens]

@alranel Apple, in its infinite wisdom, has pushed notarization upon us. This means that the older 1.3.0 needs to be notarized or Mojave still (apparently?) triggers the gatekeeper warning.

[lordofhyphens]

Ok, I've tracked down the root cause of at least the 1.3.0 build; symlinks (still pointing inside of the bundle) are enough to cause it to be rejected on newer OSX. Unfortunately this means that I'll need to clean up and resign the 1.3.0 release.

I've patched make_dmg.sh and pushed it; @gitcnd can you confirm that this build works 4a7090f72537c7357c571205b2a1277995820337 for -dev?

TL;DR it's always been signed on OSX, Apple just decided to screw with us.

[lordofhyphens]

@gitcnd here's a copy signed by me that should pass Gatekeeper's idiocy: https://dl.slic3r.org/dev/mac/slic3r-1.3.0-nosymlinks.dmg

[gitcnd]

Installs perfectly, and starts just fine... except it locked up on the startup assistant screen (infinite spinning ball) I already had the old one in my applications folder, so I clicked "replace" when I did the drag-drop thing - maybe that tripped something up? I removed what I just installed, manually opened my ~/Applications folder, and dropped it into that a second time. Re-running it now, and it seems to work (the configuration assistant was skipped). Maybe it's a problem with that assistant on first run?

Interesting what you say about symlinks - quite a few mac .dmg images include a symlink to the applications folder along with the program icon, and also usually a background image or some such which tells users to drag the program and drop in into the applications symlink. Maybe they treat that link differently, or maybe it's some kind o shortcut that's not literally a symlink?

+1 !!! MAJOR kudos for working on this; It makes a huge difference, especially to everyone with corporate roles who aren't allowed to skip security.

[lordofhyphens]

As I said, it was always signed. Newer versions of OSX just fucked us is all.

Specifically it seems that broken symlinks (that are still relative to the bundle) are enough to reject. Some of the wxwidgets components had these in them, so I added I'm running some last tests with the dev server.

Looks like on Catalina Apple's decided everyone needs to send them a copy of the sw as well, which irritates me to no end. Not a fan of the platform at all (I don't use it for my daily driver at all).

[lordofhyphens]

Yep, have to notarize everything because Apple. I really hate this platform.

[ArchakGoel]

Having the same issue with Sonoma 14.4.1 and slic3r-1.3.0.dmg