Users need to know what changes in each update to macOS, as it may fix existing bugs and introduce new ones. Here’s how I work out what has changed, and its limitations.
bundles
Discovering what has been updated in a macOS update isn’t easy. In the case of command tools, it’s just impossible.
Version numbers are simple, aren’t they? So how come so few of Apple’s own apps conform to its own rules? And as for copyright info, forget it, as so many Apple apps seem to.
The differences between a full Gatekeeper check, an AMFI check for integrity, and a normal app open, and why signature errors can be tolerated.
Whenever an app is opened in 10.14.2, its signature is checked asynchronously, often several times. But in many cases, macOS doesn’t act on any errors returned.
Another worthless piece of “security theatre” about bundle signatures. I wouldn’t bother reading it, or downloading the new version of Signet.
Is checking bundle signatures a waste of time once they have passed their ‘first run’ check? Does macOS ever do that?
Has your Mac got any old apps and other bundles on it? Have their signing certificates been revoked, or are they perhaps unsigned? Here’s a new app to help you find out.
One of the Finder’s grand illusions, these are standard documents actually composed of a hierarchy of files and folders. Here are some details of common packages.
Trying to decide whether a selected item is an app bundle turns out to be simple, if you cheat.
The Eclectic Light Company 