You can bulk import by selecting a .zip archive of files, actually. But perhaps we can make the open file dialog multiselect. Good idea. I added it to the TODO list here: https://docs.google.com/document/d/1BnzImOF8CkungFnuRlWhnEpY...

Oh, I didn't know that. ZIP import solves the issue for me, but I'm glad you've got the multi-select feature on your to-do list.

I am extremely unhappy about not being able to install any software on my Mac without Apple's approval. This information changes a lot for me.

I certainly hope that there are still viable workarounds at this point. But this is a step in a very dangerous direction.

Right-click on a (non-signed) program you want to run, and select 'Open'. Now MacOS will ask if you want to run this software or not, and it can remember this decision so you can just run it as normal in the future.

I know. I've done that many times. But what the WireGuard guys are saying sounds like it's something very different:

"Because it uses these deep integration APIs, we're only allowed to distribute the application using the macOS App Store (whose rejections, appeals, and eventual acceptance made for quite the stressful saga over the last week and a half)"

That's quite interesting - it's the first I've seen of a real world app being limited in this way and it is worrisome. I suspect if you disabled System Integrity Protection is would work, but not sure.

On iOS they've always been APIs like this - they only work via Apple approval and not dev or enterprise signatures.

I'm an iOS/Mac dev that's released a VPN app on both app stores.

The limiting factor is that the "Network Extension" framework is the way these apps work as VPNs, and currently Mac App Store distribution is the only supported method if you're using that framework (see #8) [1].

[1] https://forums.developer.apple.com/thread/67613

Macs are still macs. You can turn off SIP, disable AMFI & entitlement checks, then grant your app whatever entitlements you want and they won’t be verified.

I really really don’t recommend doing that; you’re giving up a lot of security.

A much easier alternative is to have a dev account, then you can just enable the entitlements in your provisioning profile for your dev devices (or personal devices). Most entitlements don’t require any approval for a dev profile.

Sure--I've no doubt there's some ugly workaround process to get around it, but I felt compelled to offer more information because it is usually the case that any Mac App Store app can be distributed outside the App Store relatively easily, except those that use the Network Extension framework.

I wanted to be sure the dev here is backed up that he's not making this up--this is Apple's restriction and not his.

> A much easier alternative is to have a dev account, then you can just enable the entitlements in your provisioning profile for your dev devices (or personal devices). Most entitlements don’t require any approval for a dev profile.

Yes, this is how we test on our own Macs before publishing to the app store. Although iirc those signatures have expiration timestamps, so you'll be re-signing and redistributing on some tedious interval (something like 30-90 days).