|
Sigil for Mac & macOS 10.15 Catalina
I started this discussion in a Catalina thread on the Apple forum and was asked to take it elsewhere.
Starting with macOS 10.15 Catalina, Apple is requiring app notarization by default: "Mac apps, installer packages, and kernel extensions that are signed with Developer ID must also be notarized by Apple in order to run on macOS Catalina." Meanwhile, this discussion on MacRumors suggests Catalina's Gatekeeper can be overridden via System Prefs > Security or spectl to allow unsigned/unnotarized apps to run. KevinH weighed in on the new notarization requirement thus: Quote:
Quote:
|
See the related discussion I had with Kovid here:
https://www.mobileread.com/forums/sh...43#post3859243 His plan is a wait-and-see approach but the new "hardened runtime" requirement would be an issue for Calibre as well. To be notarized an app must use the Apple hardened runtime. The only way to get Sigil to use the hardened runtime would be to ask for almost all of the entitlements (exceptions) as both Sigil and Calibre use python plugins which may load many python packages and associated shared libraries and modules, none of which we sign), we both use QtWebKit/QtWebEngine which means we use JIT compilation, javascripts, and areas of the stack are walked for garbage collection, etc. Access to user's Photos, Audio, and Video would be restricted. They do not want you to allow the user to run a debugger to help track down an error, they do not want you to use DYLD library path setting, and etc. Basically, Apple views any 3rd party app as an "attack vector" for an uncaught virus or malware, instead of a real app. This makes no sense at all. If anyone gets physical access to your mac machine, you are screwed anyway. The silly thing is anyone can write a python plugin package that does anything it wants and a user could install that and run it via Sigil or Calibre or even from the command line, so this notarization is effectively shutting a barn door after all the animals inside have already fled. So my plan is similar to Kovids. First wait and see what develops. The beta is allowing us both to run now since we are signed but that may change. If that door closes, the problem will be figuring a way to actually get our apps to work with the "hardened runtime" if at all possible. If so, I will try for "notarization" but it might be impossible to actually pass that requirement even when asking for almost all of the exceptions. If I can not get notarization to pass, then we come to a real problem. As long as Apple allows unsigned and unnotarized apps to be run, I will simply stop signing it (actually lessening security not increasing it) and keep releasing. If Apple ever prevents power users from installing and running the apps we want, I will simply stop being a Mac user. At that point, some other Apple volunteer developer would have to step up, redesign Sigil to curtail or limit its usefulness to fit the hardened runtime limits or development on macOS would stop. |
Quote:
If Apple insists on driving developers like you and KovidGoyal away, I will likely abandon Mac as well — words I thought I'd never say. The last non-Mac operating system I used was DOS. I have never used Windows or Linux, and the thought of leaving Mac is daunting and deeply unhappy-making. |
With regard to notarization, here are two interesting articles that may (or may not) include useful information if notarization is a no-go for Sigil: disabling Gatekeeper on Catalina and Catalina Security Explained
|
Good news! Looks like all my worry about notarization is moot.
From Apple Support: Quote:
|
Did you already updated to catalina?
|
Not yet. I've been trying to find time to install it on an external SSD for testing purposes. Hopefully this week.
(I don't plan to update my primary Mac any time in the foreseeable future because I have 32-bit apps I need.) |
Quote:
|
This whole notarization thing has been rather murky from the start.
A lot of developer talk is over my head, but early discussion on the Internet suggested it would only apply once an app was signed or if it was downloaded from the Internet, or that Gatekeeper could be overridden using a Terminal command (spctl) or overridden the way Apple now confirms it can be — all of which would allow a developer to test on other machines they own without notarizing. kovidgoyal said Gatekeeper is triggered by downloading with Safari here: https://www.mobileread.com/forums/sh...84#post3886884 In any case, I am hopeful this is now moot :) |
Quote:
|
For what it's worth, I cloned my Mojave VM and updated the clone to Catalina over the weekend (long weekend here for Thanksgiving). Calibre 4.1 and Sigil 9.1.8 downloaded, installed and ran with the usual Mac query over trusting the application. Now I just need to clean out the remaining 32-bit apps.
|
It does appear that the notarization requirement is not as stringent as Apple first implied, and KevinH and DiapDealer can leave Sigil unnotarized if notarization turns out to be too much of a pain in the behind :)
|
I'm determined not to pay the extortion money they want to keep Windows from popping warnings about unknown publishers. ;)
It's not really even the money at this point (though the prices ARE ridiculous--and getting more so). It's the hoops I would have to jump through and the documents I would have to provide just to be allowed to spend too much money on a certificate (assuming one doesn't want to get a fly-by-night cert). All just to eliminate a pop-up warning that can be easily dismissed. I'm not p(l)aying. |
Is Apple charging a fee for notarization?! :eek:
|
Apparently so, for popup Windows only :)
|
I don't know if Apple charges for notarization. I was referring to Windows and all the various certification issuers they're in cahoots with to get software devs to pay exorbitant fees for codesigning certs so they won't be an "unknown publisher" any more.
|
Apple does not charge for notarization but for notarization to work you need an active Apple developer subscription which costs $99 a year, so effectively you pay Apple a hundred dollars a year for notarization. With only codesigning, you could let the developer account lapse, renewing it only once every 5 years when the codesigning key expires, so the effective cost was $20 a year.
On Windows, you have to pay a third party, not microsoft, for a codesigning certificate, and the cost varies from about $50 to $100 a year. |
Uhhh this is becoming offtopic, but just to be sure i understood this correctly: The notarizitaion is only for apps not being solf through the app store to get rif of the message "You downloaded it from the internet and unsafe blablablabla Are you sure? blablabla?"
|
Yes, notarization is only for apps distributed outside the App Store. Apps distributed inside the App Store have a different screening process.
When notarization was first announced, Apple implied that apps would not run at all on Catalina if they weren't notarized, which posed a problem for apps like Sigil if notarization proved too much of a pain in the behind for developers to implement. Discussion on the Internet suggested there would be ways around notarization, including resorting to a Terminal command to disable Gatekeeper. Fortunately, that's not necessary as Apple has provided a simple, straightforward way around it. |
Hmmmm ... According to Oracle: "Eventually (as of January 2020), you will only be able to install and run Mac software distributed outside the Mac App store on macOS 10.15 systems that are notarized by Apple."
This is consistent with Apple's Sept 3 statement: "Mac software distributed outside the Mac App Store must be notarized by Apple in order to run on macOS Catalina. To make this transition easier and to protect users on macOS Catalina who continue to use older versions of software, we’ve adjusted the notarization prerequisites until January 2020." This is a bit in contradiction to Apple's Oct 7 support document providing instructions to override Gatekeeper and run unsigned/unnotarized apps. I suppose we just have to wait until January to see if Apple is indeed going to close the door to unsigned/unnotarized apps :( |
Good to know, thx. Then i will wait with Catalina, maybe Mojave is the last version.
|
Poking around Catalina ...
1) Catalina defaults to zsh instead of bash in Terminal (though you can apparently switch it back to bash if you want). I don't really know what this means, but what I'm trying to figure out is: Does it matter whether you use zsh or bash when unpacking the Sigil .txz installer? Does it matter whether you use zsh or bash for any other ebook-related Terminal things, like java -jar for epubcheck or running KindleGen or Calibre modules from a Terminal window? 2) Catalina includes Python 2.7.16. As 2.7 is reaching end of life, if I install Python 3, will that screw up anything I have that requires Python 2 to run? From what I've read, I can have both 2 and 3 installed, but how do I point to one or the other at will? Or will the script or process know which one it needs and pick the correct one automatically? It's probably obvious that I don't know what I'm talking about here. I'm not doing any programming. Just running Python scripts and apps and want to make sure I can keep running them. Thank you! |
- Zsh should be a close drop in replacement for bash, so hopefully no issues there.
- python 2.x has always been installed on macOS. There are no issues installing Python 3.x at the same time. They end up in different places. Also Sigil has its own internal Python 3 on macOS again with no troubles. So no worries here. |
Thank you, KevinH. As you predicted, zsh worked find to unpack Sigil's .txz (and also run epubcheck.jar and kindlegen from the command line).
What was surprising, though, is I accidentally double-clicked Sigil's .txz file, and Catalina's default Archive Utility unpacked it just fine. So Terminal command is not necessary in Catalina. (I tested it both ways — tar -xvf on Terminal and simply double-clicking the .txz file. Both worked.) Launching Sigil the first time (I did a clean install) resulted in a pop-up that says, Sigil can't be opened because Apple cannot check it for malicious software. This software needs to be updated. Contact the developer for more information. It then offers two buttons: Show in Finder and Okay. If, instead, you right-click-Open, you get three choices: Show in Finder, Okay and Open. Clicking Open launches Sigil, no problem. You can also go to System Prefs > Security after the initial launch attempt and there will be a message saying, Sigil was blocked from use because it is not from an identified developer with a button to Open Anyway. This message is a bit off-putting since Sigil is code-signed (confirmed with spctl -a -v). For unsigned & unnotarized apps, like the KindleUnpack applet, you get a pop-up that says, macOS cannot verify the developer of KindleUnpack 64 v0.81. Are you sure you want to open it? By opening this app, you will be overriding system security which can expose your computer and personal information to malware that may harm your Mac or compromise your privacy. Once again you can override Gatekeeper with right-click-Open or System Prefs > Security. Interestingly, some unsigned/unnotarized apps (like Alf's standalone app) won't open at all if unzipped in Catalina, but will open if you unzip it on Mojave or High Sierra then copy it over to Catalina. Command line tools (like Kindlegen and epubcheck) run without any warning. Some notarized apps (like BBEdit) pop-up a milder warning: BBEdit is an app downloaded from the Internet. Are you sure you want to open it? But other notarized apps (like KindlePreviewer and Send to Kindle) launch without any warning at all. I then did some very quick tests on plugins, all of which worked (after installing ActiveTcl). These include: EpubCheck, cssRemoveUnusedSelectors, ePub3-itizer, TagMechanic, KindleImport, KindleGen, PunctuationSmarten, ShowSemantics, etc. I will spend more time with Sigil on Catalina in the coming days and report back anything interesting, but so far so good. I have also spent a tiny amount of time on Calibre 3.48 and plan to install 4.2 once I get a chance. |
from MacRumors:
Quote:
|
Yes, I am not yet going to worry about notarization. At some point, maybe. I personally think Apple's requiring a code signed app to be notarized is for the birds and will not truly help security.
|
from Cult of Mac:
Quote:
|
| All times are GMT -4. The time now is 09:56 PM. |
Powered by: vBulletin
Copyright ©2000 - 3.8.5, Jelsoft Enterprises Ltd.
MobileRead.com is a privately owned, operated and funded community.