Jump to content
Kyle Bradbury

Workflows that call bash scripts

Recommended Posts

Posted (edited)

Using https://github.com/tilmanginzel/alfred-bluetooth-workflow as an example:

 

This workflow initiates executable scripts, which are currently being blocked by Gatekeeper. When running this workflow, you get the message: " 'etree.so' cannot be opened because Apple cannot check it for malicious software”. If you go to Security & Privacy there is an option to "Open Anyway" next to the message " 'etree.so' was blocked from opening because it is not from an identified developer." However, pressing the button does nothing. The only way I am able to run this workflow currently is by disabling Gatekeeper. 

 

This behavior is new to Catalina, as previously the executable scripts could run without being flagged.

 

edit:
Catalina Version 10.15 Beta (19A512f)
Alfred 4.0.3 (1092)

Edited by Kyle Bradbury

Share this post


Link to post
Share on other sites
On 8/3/2019 at 8:43 PM, Tilman said:

The binaries which are distributed with my workflow are not notarized.

 

Is there a reason you can't use Python's built-in XML libraries instead of LXML?

Share this post


Link to post
Share on other sites

@deanishe Yes. If I remember correctly I was depending on XPath expressions, which were not possible with the built-in library due to limited support. Unfortunately no other progress so far, will comment in the GitHub issue soon.

Share this post


Link to post
Share on other sites
2 minutes ago, Tilman said:

XPath expressions, which were not possible with the built-in library due to limited support

 

There are only a couple of them. Shouldn't be hard to translate to the built-in ElementTree, and LXML is an awfully large dependency just to run a couple of XPaths.

Share this post


Link to post
Share on other sites
Just now, Tilman said:

Yeah, seems like getting rid of LXML would be a good idea.

 

Aye. Catalina really doesn't like unsigned binaries. It refuses to run my Go workflows, AFAIK, and I've no idea what I'm supposed to do about that :(

Share this post


Link to post
Share on other sites
Posted (edited)

Thanks! Linked to it in my issue. :)

I suppose that it would still be possible to correctly notarize my workflow and/or the distributed binaries. Will take more time though to look into it...

Edited by Tilman

Share this post


Link to post
Share on other sites
8 minutes ago, Tilman said:

I suppose that it would still be possible to correctly notarize (and maybe even staple) my workflow and/or the distributed binaries.

 

Not sure. I get the impression notarization is only for native software. In any case, I'm 99% certain you need a non-free Apple Developer ID.

 

I suspect there may be an easier way to allow binaries using sudo spctl ...

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...