On Thu, Jan 08, 2026 at 07:45:13AM +0100, LyX devel wrote: > The DMG from LyX ftp-site is signed with a self-created key. I made this key. > > There was a discussion about this topic in 2013 mails with the subject > ???LyX.app can't be opened??? ??? > > I can afford the fee - but??? > > That time (2013) I had a problem with signing a ???contract??? I cannot 100% > understand. And I see the ethical problems about FOSS and (recurring!) > payments for a license to distribute it. > > Of course I???m interested in a safe software infrastructure too. I accept > that Apple has a responsibility to that and has to provide a way to > distribute software as securly as it can.
To be clear about my position - if you/Koji decide that it's OK for you to pay or ask for donations from fellow mac citizens on the list I have no problem with it. I just don't think it's right to use the generic funds donated for the development. But is my understanding correct that you already have apple dev account for the signing and only the notarization is the hindrance to provide gatekeeper-compliant package? It maybe the path with least headache in the end, ideology aside. > The best option would be to have the option to sign the software w/o fee > somehow. I???d prefer to get a key as an official organization. Perhaps TUG > got it w/o fee? My understanding is that this is possible only if we became non profit organization. If someone wants to spend his time organizing it that's ok with me as well, it only seems like lot of work for very little outcome. I *think* there is also FOSS way how to approach this via homebrew - if we come up with formula for lyx (essentially build script) that will create the bottle within homewbrew system and there won't be the signature problem as we have by our own provided binaries via homebrew cask. Pavel -- lyx-devel mailing list [email protected] https://lists.lyx.org/mailman/listinfo/lyx-devel
