When I open WindowMizer.app 5.0.3, I get an error dialog that says:
I read the "Read Me.rtfd" file in which it says the following in the Gate Keeper section:“WindowMizer.app” can’t be opened because it is from an unidentified developer.
Your security preferences allow installation of only apps from the App Store and identified developers.
It then gives instructions for manually allowing the app to open. However, I don't think manually allowing should be necessary. I think something is wrong with how the app is signed.This alert should not be shown because RGB World is a registered developer with Apple™, and yet the alert persists.
When I compare WindowMizer.app with other signed apps using codesign and spctl, I can see what appears to be a difference in the certificate used to sign the app, so I think WindowMizer.app is being signed with the wrong certificate.
For example here's a codesign comparison of WindowMizer.app and StockMarketEye.app:
See how the Authority is different? The first one is "Mac Developer" for WindowMizer.app, but "Developer ID Application" for StockMarketEye.app.
Code: Select all
$ codesign -dvv /Applications/WindowMizer.app Executable=/Applications/WindowMizer.app/Contents/MacOS/WindowMizer Identifier=com.rgbworld.WindowMizer Format=app bundle with Mach-O thin (x86_64) CodeDirectory v=20500 size=15812 flags=0x10000(runtime) hashes=485+5 location=embedded Signature size=4697 Authority=Mac Developer: Chris K (N6LFC6L43X) Authority=Apple Worldwide Developer Relations Certification Authority Authority=Apple Root CA Signed Time=May 19, 2019 at 4:20:29 AM Info.plist entries=37 TeamIdentifier=783W9MA932 Runtime Version=10.14.0 Sealed Resources version=2 rules=13 files=125 Internal requirements count=1 size=180 $ codesign -dvv /Applications/StockMarketEye.app Executable=/Applications/StockMarketEye.app/Contents/MacOS/StockMarketEye Identifier=com.stockmarketeye.desktop Format=app bundle with Mach-O thin (x86_64) CodeDirectory v=20200 size=282 flags=0x0(none) hashes=3+3 location=embedded Signature size=9017 Authority=Developer ID Application: TransparenTech LLC (YQ7FAX29SW) Authority=Developer ID Certification Authority Authority=Apple Root CA Timestamp=Apr 29, 2019 at 1:33:26 PM Info.plist entries=25 TeamIdentifier=YQ7FAX29SW Sealed Resources version=2 rules=13 files=11 Internal requirements count=1 size=188
And similarly with spctl:
See how the source and origin are different?
Code: Select all
$ spctl -a -vv /Applications/WindowMizer.app /Applications/WindowMizer.app: rejected origin=Mac Developer: Chris K (N6LFC6L43X) $ spctl -a -vv /Applications/StockMarketEye.app /Applications/StockMarketEye.app: accepted source=Developer ID origin=Developer ID Application: TransparenTech LLC (YQ7FAX29SW)
I think WindowMizer.app is being signed with the wrong certificate.