SD Notary Questions

Now that I’ve got SD working (thanks!) I’m trying to figure out the best way to use it.

Generally I want to share with users Apple Applets, Enhanced applets and script libraries, along with various files and folders.

I group several apps that work on related tasks in the same folder on the user’s HD.

(Not the application’s folder.)

What I would like to do is notarize all of the apps, include various libraries (my own and Shane’s and others) in an installer that creates a folder in the user’s home folder (or updates the current one) and puts all the apps there and the scrip libraries in the user’s script library folder (if current versions are not already there). (Or, I guess I could put a copy of each library in each app, but that seems redundant).

I have DropDMG, and an image would be, but I’m hoping to include all the needed tools for a particular task.

One thought is to notarize all the apps, put them in another app that works as an installer.

What would be the best practice to proceed?

I’m not usre what you mean there, but only apps can be notarized.

If you’re planning to use an installer, you’re probably better to include the apps in a .zip file, and unzip as part of the installation.

I don’t know if this relevant or not, but I use DMGCanvas to create and notarize disk images that contain apps and installer apps. I’ve always notarized the apps separately, but their web site says that the app will notarize the apps and their contents, so it should be possible to use this without also using SD Notary (I’ll try doing that next time I use the app.) It costs money, but I’ve always found it worthwhile.

Here’s what I’ve come up with.

  1. Notarize all the apps to be distributed
  2. Put all the folders, files, scripts (for the scripts menu), libraries and notarized apps inside an installer app.
  3. Notarize the installer app and distribute that.
  4. When the installer app runs it will copy all its contents into the right places, including putting the libraries in the user library folder and the scripts in the user scripts folder.

Does this seem workable?

One more question, with privileges, is there a way to give an app full disk access, or access to specific folders?

Wherre are the advanced privileges documented?

As I said above, I’d look to zip the enclosed apps, to make sure no contents get changed in notarizing the installer. SD Notarry can only discern so much of your intent.


Apple’s developer documentation. Apart from the one required for third-party ASObjC libraries, you’re unlikely to need them.

When SD Notary finishes, does it automatically save the app as Run Only? It seems like my notarized apps are editable.

Is this what it looks like when a notarized app isn’t distributed correctly? or is there something else going on here?

No, it doesn’t change the code in any way.

This, I would suspect.

So, should I be exporting apps as read only before Notarizing, or are editable apps fine?

They’re fine – as long as they never modify themselves (or get modified by a user). In practice, the best way to ensure that is to export run-only versions.

FYI, thanks for all the good advice here. I’ve had a user install the first group of notarized apps and it’s working just fine.

Now I’m just tweaking the installation and distribution process.

One thing I’ve noticed is if I open a notarized app in SD the setting for Show Tab Stops has been turned on.

Is this intentional, and are there any other settings changed?

You can’t rely on any formatting information being retained.

Save yourself problems down the line: use run-only versions.

1 Like

Is stapling using a dmg better than using a sit file for distributing?

It seems to work better if I export with user frameworks and script libraries, and I’ve been exporting scripts and libraries as run only.

I’m noticing that a sparkle framework is being included with enhanced apps. Is there any way to not include that? I don’t use sparkle.

It’s entirely a matter of what’s convenient for you and your users.

No.Apart from taking up space, it’s harmless.