If either of those aren't satisfying, you can always drop the check entirely which I can't personally recommend.

I don't think you can? Unless I am missing something?

You can add Terminal to "developer tools" so you can launch stuff from the shell without Gatekeeper interfering, but is there really a way to disable the gatekeeper warning for downloaded apps altogether?

How does that work? I use iTerm so how would I add it to "developer tools"?

If the Developer Tools section isn't visible, this command should fix it [1]:

    spctl developer-mode enable-terminal

  sudo spctl --master-disable

Executing the command does make the "Anywhere" option show up in System Settings, but from testing it doesn't seem that this option makes a difference.

The user gets a warning initially saying that the download is "damaged".

You don't specify and it's highly dependent but in most cases when an app is misbehaving it's an issue with preferences. You can reset most apps with `defaults` without blowing away all its data. There are some intricacies with how macOS handles preferences, so you should avoid manually editing related .plist.

The case where I want it to auto clean up is where it is repeatedly broken and I never really got to using and configuring it yet. It's pretty rare.

Of course, `man defaults`. You can modify the preferences and potentially fix it, backup preferences, etc. Again I must stress that you use `defaults`, the .plist on disk isn't always accurate even if you terminate the app and reboot the machine.

> The case where I want it to auto clean up is where it is repeatedly broken and I never really got to using and configuring it yet. It's pretty rare.

There isn't really a one size fits all perfect automatic solution. Not all apps are good macOS citizens.

No you don't. rsa-sha2-256 and rsa-sha2-512 are still enabled by default and can use the same key.

Podman supports generating systemd units for “Pods” (groups of containers).

The unit files podman generates are portable. Rather than version controlling your compose.yml, you would version control your unit defining your pod.

Using a makefile you could handle installing/updating/etc your unit file.

It is an equally convenient way to manage your containers, but it does require learning and understanding how everything fits together, compose is nice because it abstracts a lot.

Why would it be so hard to believe that your recovery key is hashed and salted like every other password? You can't view your key after creation, you have to regenerate it. Do I really need to pull out Wireshark to verify this for you?

Advanced data protection is explicitly removing Apple as a holder of your keys, it's not re encrypting anything, it's not new encryption. The entire process is just deleting the key that was already stored on their servers anyway. How would it be in Apple's interest to keep your recovery key after press releases and multiple warnings saying you're on your own for recovery.

https://support.apple.com/guide/profile-manager/use-a-person...

Safari existing has never held anyone back. The "plausible solution" is to be patient for Apple to implement AV1.

This still isn't really a problem (if it gets bad enough, devs will just stop supporting it), except for on iOS where it's the only browser available, so not supporting them is not an option.

Safari was the first browser to ship the most anticipated web feature of the last 3-4 years by web developers: the parent selector :has() [1] back in March.

When you check the Interop 2022 dashboard [2], Safari Technology Preview is ahead of both Firefox nightly and Chrome dev for the shipping the latest web features. Safari Technology Preview is passing 97% of the interop tests.

In case nobody noticed, the WebKit team kicked ass by shipping a ton of new features this year:

* dialog element

* lazy loading

* inert

* :has() pseudo-class

* new viewport units

* Cascade Layers

* focus visible

* accent color

* appearance

* font palettes for color fonts

* BroadcastChannel

* Web Locks API

* File System Access API

* enhancements to WebAssembly

* support for Display-P3 in canvas

* additions to COOP and COEP

* container queries

* subgrid

* web push

* shared workers

* CSS Offset Path

* AVIF

* Passkeys

Plus it’s faster and has better battery life on macOS than either Chrome or Firefox. What’s not to like?

[1]: https://webkit.org/blog/12445/new-webkit-features-in-safari-...

[2]: https://wpt.fyi/interop-2022

My userbase isn’t using Safari Technology Preview, they’re using Safari

> the most anticipated web feature

I’m curious how you measured this - I have yet to be interested in :has(), but I am very interested in AV1 and PWA features...

True. But each release of iOS gets to around 90% of the installed base by the time the next version of iOS gets rolled out; it’s non-issue for the vast majority of iOS users.

iOS 15 was updated 12 times [1] between September 2021 and July 2022; iOS users either got bug fixes or new features (usually both) in Safari each time, including users of the iPhone 6s, which shipped September 2015, more than 7 years ago.

Also, safari STILL doesn't support a lot of new wasm extensions.

According to caniuse [2], Safari’s WASM support seems to be just as current as Chrome and Firefox.

[1]:

    Version Build          Release Date
    15.0    19A341, 19A346 September 20, 2021
    15.0.1  19A348         October 1, 2021
    15.0.2  19A404         October 11, 2021
    15.1    19B74          October 25, 2021
    15.1.1  19B81          November 17, 2021
    15.2    19C56, 19C57   December 13, 2021
    15.2.1  19C63          January 12, 2022
    15.3    19D50          January 26, 2022
    15.3.1  19D52          February 10, 2022
    15.4    19E241         March 14, 2022
    15.4.1  19E258         March 31, 2022
    15.5    19F77          May 16, 2022
    15.6    19G71          July 20, 2022

I don't think that tracks individual extensions. For example bulkMemory, simd, saturatedFloatToInt, and signExtensions are not implemented iirc.

SIMD bug: https://bugs.webkit.org/show_bug.cgi?id=222382

See I’m not so sure that’s a problem. Many of the things they haven’t added I’m glad they didn’t. I like that they aren’t just rushing to implement everything someone proposes or a competitor ships.

I don’t think that’s a bad thing.

Google is effectively shipping a cross-platform “metaplatform”, for which the browser is the trojan horse. Apple is shipping a web browser that only runs on its OS and hardware.

So Webkit is slow or unwilling to implement features that may hinder battery life, user privacy or that simply have better native alternatives. Webkit is actually on the forefront when it comes to CSS features, like the recent has() selector, or JS memory usage and overall page speed.

What I think is a fair criticism is that Safari is generally tied to the OS and gets outdated when the user is unable to upgrade the OS (or oblivious). Evergreen browsers are a revolutionaty concept, not without its drawbacks, but all in all, were very positive to the web.

That’s a problem with most Apple apps. Bug in Mail? Better hope it gets fixed in the next iOS or MacOS point release. Because the fix isn’t coming out earlier.

It does make sense that it is shipped with the OS since Safari is just a wrapper around the OS WebKit library which is used across many apps and services.

The WebKit library should be always stable. In that case, I don't see a problem with other apps relying upon it.

A browser is so fundamental to modern computing that if you can't run the latest version, you might as well have a paper weight. You can run mail, office, games, all in the browser if the native alternatives fail you.

Chrome still supporting High Sierra is what makes old Macs usable.