Archaeology
Release History
The table below summarizes the released versions of Archaeology, and what
fixes and enhancements were made to each version. You can determine the
version you have installed from Archaeology > About.
Release History for Archaeology
| Version |
Changes |
|
1.1 (106)
|
Released on August 13, 2023
- Allows decoding of Code Signing Requirements found within a Code Signature
Security::SuperBlob — most commonly a single “designated”
requirement within “Internal Requirements”. Archaeology decodes the requirement into an
equivalent Boolean expression, akin to the one shown by
codesign(1) or csreq(1), but with
syntax highlighting and comments that give more information (such as the names of certificate fields otherwise
identified by their OIDs). You can evaluate the requirement against a selected app or other signed code,
and see the results for individual terms of the expression.
- Allows decoding of Launch Constraints found within
a Code Signature Security::SuperBlob. These constraints are new-ish to
macOS 14 (Sonoma), and are stored in the code signature (using Xcode 15) in a BER-encoded ASN.1 format.
Archaeology decodes a launch constraint into a bespoke-but-easier-to-read Boolean expression. You can
evaluate the constraint against a selected app or other signed code, and see the results for individual
terms of the expression. If you prefer, use Go > Decode Item As > BER-encoded ASN.1
to see the underlying representation of the constraint instead.
- When the root of a BER-encoded ASN.1 appears to be a
CoreEntitlements structure — used for both
DER-encoded Entitlements and
Launch Constraints —
you can select the root item and click Show As Dictionary to see it converted
into property list form.
- For a bundle that is code-signed but does not have a Mach-O main executable (e.g. a
resource-only plugin or framework), Archaeology now shows all of the individual components
from the _CodeSignature directory, and allows these to be decoded and/or verified much
like their analogs in a Security::SuperBlob context.
- Adds the ability to open an xcframework, letting you examine each of the contained frameworks by platform.
- When viewing a URL Bookmark, you can now attempt resolution of
that bookmark by choosing Go > Resolve URL Bookmark. You can select a number
of different resolution options, but note that the handling of
security-scoped bookmarks
created by — and thus, scoped to — another app won't necessarily make sense when resolving
from Archaeology.
- Added an option under Archaeology > Preferences > General to inhibit the
warning dialog when decoding BER-encoded ASN.1 that doesn't have a Universal-class tag at its root.
Normally, Archaeology takes this as a sign that the data might not be ASN.1 at all, and
doesn't decode unless you click Decode Anyway. But if that's annoying,
you can uncheck this. (This only applies when you use the generic Go > Decode Item,
such that Archaeology must deduce what type of data is being decoded. Whenever you tell
Archaeology that you are expecting ASN.1 data, e.g. by using
Go > Decoded Item As > BER-encoded ASN.1, it won't
require a Universal-class root tag, regardless of this preference.)
- When viewing a Cocoa Keyed Archive,
NSUUID
instances now get a more useful string formatting, as long as
Format strings and dates in archives is
enabled in the open options.
- When opening a macOS Installer package (or other xar archive), Archaeology no longer presents
a confusing error if the archive is not signed: instead, it simply shows whatever info is there,
even if that is only the xar TOC digest.
|
|
1.0.1 (87.1)
|
Released on March 22, 2023
- Fixed a problem that caused the Open Download Page button in
Archaeology Preferences > Update to do nothing. If you had
version 1.0 and found your way here, we apologize. We're releasing this minor update
to minimize the number of others who have to do likewise.
|
|
1.0 (87)
|
Released on March 9, 2023
- Initial release of Archaeology.
|