I am running OpenSCAD on a Mac with OSX 14.7 (Sonoma). I have the same issue with the stable (2021.01) release as well as a newer one (2024.12.09). My user account on the Mac does is not an administrator. If I start OpenSCAD and select a recent project, the Mac always pops up a window that says “OpenSCAD would like to access files in your Documents folder.” and I have to select Allow. My user account does have read/write access to my Documents folder and I store my OpenSCAD files inside that folder. To install OpenSCAD, I dowloaded the .dmg file and opened it. Unlike most Mac installers it didn’t open a window with a shortcut to the Applications folder, so I just dragged the application icon to my applications folder open in another Finder window. Is this the correct way to install on the Mac? Mark

It is annoying. The problem is 1.) The Mac binary isn't properly code-signed (if it were, then there'd be a Contents/_CodeSignature subdirectory inside the app bundle) issues/5421 <https://github.com/openscad/openscad/issues/5421> 2.) The Terminal command codesign -d --entitlements - --xml /Applications/OpenSCAD.app shows that the app is lacking key value pairs like: <key>com.apple.security.app-sandbox</key><true/> <key>com.apple.security.files.user-selected.read-write</key><true/> Kind of the price we pay for using a cross-platform app as opposed to macOS native. Easily fixed if you are willing to recompile OpenSCAD from source on your own Mac. In Xcode, In the target's Signing&Capabilities panel you'd add App Sandbox and include a NSDocumentsFolderUsageDescription <https://developer.apple.com/documentation/bundleresources/information_property_list/nsdocumentsfolderusagedescription> key in the Info.plist ,explaining why it should access the Documents folder (Its default location of its library) localized in the InfoPlist.strings file. On Tue, Dec 10, 2024 at 3:04 PM Mark Erbaugh via Discuss < discuss@lists.openscad.org> wrote: > I am running OpenSCAD on a Mac with OSX 14.7 (Sonoma). I have the same > issue with the stable (2021.01) release as well as a newer one (2024.12.09). > > My user account on the Mac does is not an administrator. If I start > OpenSCAD and select a recent project, the Mac always pops up a window that > says “OpenSCAD would like to access files in your Documents folder.” and I > have to select Allow. My user account does have read/write access to my > Documents folder and I store my OpenSCAD files inside that folder. > > To install OpenSCAD, I dowloaded the .dmg file and opened it. Unlike most > Mac installers it didn’t open a window with a shortcut to the Applications > folder, so I just dragged the application icon to my applications folder > open in another Finder window. Is this the correct way to install on the > Mac? > > Mark > > > > _______________________________________________ > OpenSCAD mailing list > To unsubscribe send an email to discuss-leave@lists.openscad.org >

FYI: The binary snapshots are code signed and notarized since 2024.12.01 We can probably include the NSDocumentsFolderUsageDescription in our app bundle. -Marius > On Dec 10, 2024, at 18:48, David Phillip Oster via Discuss <discuss@lists.openscad.org> wrote: > > It is annoying. The problem is > > 1.) The Mac binary isn't properly code-signed (if it were, then there'd be a Contents/_CodeSignature subdirectory inside the app bundle) issues/5421 <https://github.com/openscad/openscad/issues/5421> > > 2.) The Terminal command codesign -d --entitlements - --xml /Applications/OpenSCAD.app > shows that the app is lacking key value pairs like: <key>com.apple.security.app-sandbox</key><true/> <key>com.apple.security.files.user-selected.read-write</key><true/> > > Kind of the price we pay for using a cross-platform app as opposed to macOS native. Easily fixed if you are willing to recompile OpenSCAD from source on your own Mac. In Xcode, In the target's Signing&Capabilities panel you'd add App Sandbox and include a NSDocumentsFolderUsageDescription <https://developer.apple.com/documentation/bundleresources/information_property_list/nsdocumentsfolderusagedescription> key in the Info.plist ,explaining why it should access the Documents folder (Its default location of its library) localized in the InfoPlist.strings file. > > On Tue, Dec 10, 2024 at 3:04 PM Mark Erbaugh via Discuss <discuss@lists.openscad.org <mailto:discuss@lists.openscad.org>> wrote: >> I am running OpenSCAD on a Mac with OSX 14.7 (Sonoma). I have the same issue with the stable (2021.01) release as well as a newer one (2024.12.09). >> >> My user account on the Mac does is not an administrator. If I start OpenSCAD and select a recent project, the Mac always pops up a window that says “OpenSCAD would like to access files in your Documents folder.” and I have to select Allow. My user account does have read/write access to my Documents folder and I store my OpenSCAD files inside that folder. >> >> To install OpenSCAD, I dowloaded the .dmg file and opened it. Unlike most Mac installers it didn’t open a window with a shortcut to the Applications folder, so I just dragged the application icon to my applications folder open in another Finder window. Is this the correct way to install on the Mac? >> >> Mark >> >> >> >> _______________________________________________ >> OpenSCAD mailing list >> To unsubscribe send an email to discuss-leave@lists.openscad.org <mailto:discuss-leave@lists.openscad.org> > _______________________________________________ > OpenSCAD mailing list > To unsubscribe send an email to discuss-leave@lists.openscad.org

After reading the docs, my understanding of NSDocumentsFolderUsageDescription, is that is simply offer the user a better description why we need access to the Documents folder. Which is fine, but the popup will still be needed. David, is that what you had in mind? -Marius > On Dec 10, 2024, at 18:48, David Phillip Oster via Discuss <discuss@lists.openscad.org> wrote: > > It is annoying. The problem is > > 1.) The Mac binary isn't properly code-signed (if it were, then there'd be a Contents/_CodeSignature subdirectory inside the app bundle) issues/5421 <https://github.com/openscad/openscad/issues/5421> > > 2.) The Terminal command codesign -d --entitlements - --xml /Applications/OpenSCAD.app > shows that the app is lacking key value pairs like: <key>com.apple.security.app-sandbox</key><true/> <key>com.apple.security.files.user-selected.read-write</key><true/> > > Kind of the price we pay for using a cross-platform app as opposed to macOS native. Easily fixed if you are willing to recompile OpenSCAD from source on your own Mac. In Xcode, In the target's Signing&Capabilities panel you'd add App Sandbox and include a NSDocumentsFolderUsageDescription <https://developer.apple.com/documentation/bundleresources/information_property_list/nsdocumentsfolderusagedescription> key in the Info.plist ,explaining why it should access the Documents folder (Its default location of its library) localized in the InfoPlist.strings file. > > On Tue, Dec 10, 2024 at 3:04 PM Mark Erbaugh via Discuss <discuss@lists.openscad.org <mailto:discuss@lists.openscad.org>> wrote: >> I am running OpenSCAD on a Mac with OSX 14.7 (Sonoma). I have the same issue with the stable (2021.01) release as well as a newer one (2024.12.09). >> >> My user account on the Mac does is not an administrator. If I start OpenSCAD and select a recent project, the Mac always pops up a window that says “OpenSCAD would like to access files in your Documents folder.” and I have to select Allow. My user account does have read/write access to my Documents folder and I store my OpenSCAD files inside that folder. >> >> To install OpenSCAD, I dowloaded the .dmg file and opened it. Unlike most Mac installers it didn’t open a window with a shortcut to the Applications folder, so I just dragged the application icon to my applications folder open in another Finder window. Is this the correct way to install on the Mac? >> >> Mark >> >> >> >> _______________________________________________ >> OpenSCAD mailing list >> To unsubscribe send an email to discuss-leave@lists.openscad.org <mailto:discuss-leave@lists.openscad.org> > _______________________________________________ > OpenSCAD mailing list > To unsubscribe send an email to discuss-leave@lists.openscad.org

  // Setup code that might create autoreleased objects goes here.

Thank you Marius, for taking a look at this. Summary: After exploring the question, I don't know why OpenSCAD asks more than once. Most of this letter is an attempt to build a model, but the model asks once, then never again. I built a mini-model of this part of OpenSCAD, attached is the source project, the signed notarized app (with my bundle id and developer team), and a screenshot of the system alert that shows the first time I run it. All the code is in appdelegate.m All it does is dump the names of the files in ~/Documents/OpenSCAD to its window, or if that directory does not exist, then ~/Documents. #import <Cocoa/Cocoa.h> *@interface* AppDelegate : NSObject <NSApplicationDelegate> *@property* *IBOutlet* NSWindow *window; *@property* *IBOutlet* NSTextView *textView; *@end* *@implementation* AppDelegate - (*void*)applicationDidFinishLaunching:(NSNotification *)aNotification { NSFileManager *fm = NSFileManager.defaultManager; NSURL *url = [fm URLForDirectory:NSDocumentDirectory inDomain: NSUserDomainMask appropriateForURL:*NULL* create:*NO* error:*NULL*]; NSURL *scad = [url URLByAppendingPathComponent:@"OpenSCAD"]; *BOOL* isDir = *NO*; NSArray *a = ([fm fileExistsAtPath:scad.path isDirectory:&isDir] && isDir) ? [fm contentsOfDirectoryAtPath:scad.path error:*NULL*] : [fm contentsOfDirectoryAtPath:url.path error:*NULL*]; *self*.textView.string = a.description; } *@end* *int* main(*int* argc, *const* *char* * argv[]) { *@autoreleasepool* { // Setup code that might create autoreleased objects goes here. } *return* NSApplicationMain(argc, argv); } The first time I run it, I get the permissions alert. After allowing it, I never get that alert again, even after a full restart. [image: Screenshot 2024-12-10 at 9.57.17 PM.png] The NSDocumentsFolderUsageDescription doesn't fix any problem, but Apple on iOS will stop apps from properly functioning if they lack appropriate privacy strings, so it seems like a wise bit of future proofing. The signed, notarized executable is here: https://drive.google.com/file/d/1JlMEDt2_Mg6gqmhyZu16HJlBVBwnBYiK/view?usp=sharing (gmail won't let me attach it directly) The executable has a Contents/_CodeSignature subdirectory inside, but running codesign -d --entitlements - --xml scadModel.app shows it has an empty plist of entitlements. (If the app were sandboxed, it would not be able to directly read ~/Documents - instead it would grab the empty contents of ~/Library/Containers/scadModel/Documents . But scadModel does have the Hardened Runtime capability.) All tests run on Sequoia 15.1.1 , M2 Mac Mini, and M1 Mac Air, Xcode 16.1 Tests run on the build mac, in my account, and on a different Mac, logged in to a different account. On Tue, Dec 10, 2024 at 9:09 PM Marius Kintel <marius@kintel.net> wrote: > After reading the docs, my understanding of > NSDocumentsFolderUsageDescription, is that is simply offer the user a > better description why we need access to the Documents folder. Which is > fine, but the popup will still be needed. > > David, is that what you had in mind? > > -Marius > > On Dec 10, 2024, at 18:48, David Phillip Oster via Discuss < > discuss@lists.openscad.org> wrote: > > It is annoying. The problem is > > 1.) The Mac binary isn't properly code-signed (if it were, then there'd be > a Contents/_CodeSignature subdirectory inside the app bundle) issues/5421 > <https://github.com/openscad/openscad/issues/5421> > > 2.) The Terminal command codesign -d --entitlements - --xml > /Applications/OpenSCAD.app > shows that the app is lacking key value pairs like: > <key>com.apple.security.app-sandbox</key><true/> > <key>com.apple.security.files.user-selected.read-write</key><true/> > > Kind of the price we pay for using a cross-platform app as opposed to > macOS native. Easily fixed if you are willing to recompile OpenSCAD from > source on your own Mac. In Xcode, In the target's > Signing&Capabilities panel you'd add App Sandbox and include a > NSDocumentsFolderUsageDescription > <https://developer.apple.com/documentation/bundleresources/information_property_list/nsdocumentsfolderusagedescription> > key in the Info.plist ,explaining why it should access the Documents > folder (Its default location of its library) localized in the > InfoPlist.strings file. > > On Tue, Dec 10, 2024 at 3:04 PM Mark Erbaugh via Discuss < > discuss@lists.openscad.org> wrote: > >> I am running OpenSCAD on a Mac with OSX 14.7 (Sonoma). I have the same >> issue with the stable (2021.01) release as well as a newer one (2024.12.09). >> >> My user account on the Mac does is not an administrator. If I start >> OpenSCAD and select a recent project, the Mac always pops up a window that >> says “OpenSCAD would like to access files in your Documents folder.” and I >> have to select Allow. My user account does have read/write access to my >> Documents folder and I store my OpenSCAD files inside that folder. >> >> To install OpenSCAD, I dowloaded the .dmg file and opened it. Unlike most >> Mac installers it didn’t open a window with a shortcut to the Applications >> folder, so I just dragged the application icon to my applications folder >> open in another Finder window. Is this the correct way to install on the >> Mac? >> >> Mark >> >> >> >> _______________________________________________ >> OpenSCAD mailing list >> To unsubscribe send an email to discuss-leave@lists.openscad.org >> > _______________________________________________ > OpenSCAD mailing list > To unsubscribe send an email to discuss-leave@lists.openscad.org > > >