Max Goedjen
Max Goedjen
Oh, maybe with `https://developer.apple.com/documentation/devicecheck/dcappattestservice/3573912-generateassertion`? So potentially you'd have one shared attestation (or maybe one per key? Not sure if there'd be a benefit there or not) and generate an assertion...
@taxilian I'm gonna change this one to a feature request – it currently does not behave this way, but I may add the ability to do so in the future...
FWIW it's a hack, but if you explicitly need this behavior right now, killing `SecretAgent` will flush out any in-memory authorizations.
@deni you _should_ be able to turn those off in macOS settings (and macOS should prompt you to allow/deny them on initial setup). I'm not super comfortable allowing users to...
Ah! I see, that makes sense. Overall I'm still... pretty uncomfortable letting users disable update notifications in that manner for an app like this (although I will point out you...
AFAICT SPM doesn't really support full on Mac apps very well at the moment beyond just CLI stuff. If I'm wrong about this, someone please tell me 😅. Gonna leave...
Yeah, it's because that path is within the sandbox secretive has access to.
Nothing that would prevent you from symlinking it though, if you were so inclined.
@francoisdtm coming back to this one – can you describe what kind of thing you'd be interested in? Most of the relevant functionality is already exposed via the ssh-agent interface....
I think my main reservation at this point is: we've discussed a few ways to potentially attest a secret at this point, but I'm not sure any of them actually...