I thought the macOS notarization process was annoying until we started shipping Windows releases.

It’s basically pay to play to get in the good graces of Windows Defender.

I think all-in it was over $1k upfront to get the various certs. The cert company has to do a pretty invasive verification process for both you and your company.

Then — you are required to use a hardware token to sign the releases. This effectively means we have one team member who can publish a release currently.

The cert company can lock your key as well for arbitrary reasons which prevents you from being able to make a release! Scary if the release you’re putting out is a security patch.

I’ll take the macOS ecosystem any day of the week.

> notarization has been a net negative for all parties involved

Notarization made it significantly harder to cross-compile apps for macOS from linux, which means people have to buy a lot of macOS hardware to run in CI instead of just using their existing linux CI to build mac binaries.

You also need to pay $99/year to notarize.

As such, I believe it's resulted in profit for Apple, so at least one of the parties involved has had some benefit from this setup.

Frankly I think Apple should keep going, developer licenses should cost $99 + 15% of your app's profit each year, and notarization should be a pro feature that requires a macbook pro or a mac pro to unlock.

The stapled ticket is optional beyond notarization itself. If you notarize but don’t staple the ticket, users may need an internet connection to check the notarization status.

I’m only aware of two times that Apple has revoked certificates for apps distributed outside of the App Store. One was for Facebook’s Research App. The other was for Google’s Screenwise Meter. Both apps were basically spyware for young teens.

In each case, Apple revoked the enterprise certificate for the company, which caused a lot of internal fallout beyond just the offending app, because internal tools were distributed the same way.

Something may have changed, though, because I see Screenwise Meter listed on the App Store for iOS.

https://www.wired.com/story/facebook-research-app-root-certi...

https://www.eff.org/deeplinks/2019/02/google-screenwise-unwi...

Maybe half of the 3rd party apps I have on my applications folder right now are not notarized. It’s really not that big of a deal.

The problem is not that it’s $99/year. The problem is that it requires strong ID, and if you are doing it as a company (ie if you don’t want Apple to publicize your ID name to everyone who uses your app) then you have to go through an invasive company verification process that you can fail for opaque reasons unrelated to fraud or anything bad.

The system sucks. I’d love to be able to sign my legitimate apps with my legitimate company, but I don’t wish to put the name on my passport onto the screens of millions of people, and my company (around and operating for 20-ish years now) doesn’t pass the Apple verification for some reason.

I also can’t use auto-enroll (DEP) MDM for this reason.

jars are just zip files renamed

I don't follow - can you elaborate?

I’ll take this standardized directory format over the typical docker web app where there is no standardization and files can be strewn anywhere the developer wants. You `docker exec` into it and can’t find anything.

I'm no fan of modern macOS, but I don't think that screenshot is great. There's too many lines everywhere and too little color, making it unclear where to focus your eye.

(What I am a fan of is Leopard-era Aqua, which is reasonably information dense but uses depth and color to help focus your attention.)

Rounded corners are a utilitarian feature. Human vision is based on edge detection and corners unnaturally activate it more than necessary. It's basically like being continually poked in the eye.

https://folklore.org/Round_Rects_Are_Everywhere.html

Count the pixels! Percentagewise, the window decorations and menu bar in that screenshot take up a lot more space than the modern equivalent does at 5K. If you're comparing it to to the current 14" Macbook Pro, it's closer, but Macbook Pro still wins - and still continues to hold its own even if the classic Mac is producing a 1280x1024 display. And this even though the Macbook Pro is the space-constraised pocket version! (Also note: you haven't even investigated the scaled display options yet)

Disclaimer: I have a desktop Mac, and I'm assuming the pixel counts are the same for the laptops.

(The window corners weren't always round, but there was a bit of rounding to the screen corners there from day 1: https://infinitemac.org/ - this really struck me when I first saw it, coming from the Atari ST.)

AFAIK, and not technically relevant, but iOS is very strict on this when submitting to the app store, and they’re not at all clear about it either, i had some very confusing and frustrating errors with self built frameworks with dynamic libraries. You also seem to be forbidden to use .dylib and must use the .framework format.

It’s picked up on submission automatically and not at review, but is a completely undocumented requirement.