swiss-mac-user / macos-scripted-setup Goto Github PK

Due to bug in script, I had to rerun the installer multiple times. It's annoying that it redoes all the steps, like installing Google Chrome. Ideally things wouldn't be redone.

Remove support for «Fig», as it's officially being discontinued.

• Remove /Applications/Fig.sh
• Remove install switch from config.default.sh

Add settings to enable «Night Shift», using the Homebrew library smudge/nightlight

Any feedbacks for macOS 14 Sonoma support is highly appreciated.

When installing on fresh M2 Mac Mini:

Installing Xcode Command Line Tools (xcode):
xcode-select: error: Unable to get active developer directory. Use `sudo xcode-select --switch path/to/Xcode.app` to set one (or see `man xcode-select`)

Just setting up a mac mini M2, I'm getting:

Installing Visual Studio Code:
######################################################################### 100.0%######################################################################### 100.0%

❌ Cannot move Application 'Visual Studio Code.app'
Path not found: /Users/corneliusroemer/Downloads/Visual Studio Code.app

...done ✅

The Homebrew extension mas (Mac App Store command line interface), for automatic Apps install from the Mac App Store, won't recognize a successful App Store-authentication during setup.

Reason is the known issue and lacking support by the mas library itself, as tracked in the issue here:

• mas-cli/mas#417

Workaround

Note that mas will be successfully installed (if enabled), and hence can later be used in the Terminal to manually install Apps from the Mac App Store.

Some Applications downloaded by the script and using curl will, when trying to be (automatically) be opened, show the warning:

«App is damaged and can’t be opened. You should move it to the bin.»

Root cause

macOS security (Gatekeeper) quarantines some Apps, in order to attempt to limit software to the Mac App Store - plus System Integrity Protection is preventing third-party apps from potentially tampering with sensitive parts of the system or injecting code into Apple apps like Finder and Safari.

Unfortunately, at least since macOS 13 Ventura (which tightens security and previous workarounds), my tests were all unsuccessful to programmatically remove the affected Apps out of the Gatekeeper quarantine: I tried removing xattr-attributes, temporarily disabling spctl, and assigning missing xattr-attributes about the downloaded datetime and source.

Hence I see this currently as a won't fix - unless someone finds a clever way how this protection could be circumvented.

Workaround

As the apps are downloaded via their official website, it's unlikely – but not guaranteed – they are expected to be non-malicious and a so called "false positive".

The Apps can be opened using the following manual steps:

1. Right-click the Application and choose "Open"
2. Confirm the additional warning shown

Affected applications

Affected applications are:

• Keka
• Transmission
• Nova
• (non conclusive)

Not affected Apps seem to be:

• 1Password Installer
• Spotify Installer
• Gas Mask
• (non conclusive)