TotalFinder needs to install a system component into protected disk area at
/System/Library/ScriptingAdditions/TotalFinderSIP.osax to circumvent the System Integrity Protection (SIP).
You can read some technical details here.
Rarely we might need to upgrade this component. Unfortunately that requires turning SIP off and on again. We maintain this page as a resource with explanation of each upgrade.
Released in TotalFinder 1.9.0 on March 20, 2017
Released in TotalFinder 1.10.0 on August 21, 2017
For security reasons
TotalFinderSIP.osaxchecks code signature of the code located at
/Applications/TotalFinder.appwhich it is going to inject into
Finder.app. It must make sure that the code was produced by us (BinaryAge) and properly signed with a valid developer certificate issued by Apple.
The problem is that in
v1implementation we were checking specific naming scheme of the developer certificate and Apple decided to change it. As our old certificate expired we were unable to sign new TotalFinder updates in a way which would be recognised by the
v1component as a genuine code coming from us. That is why we had to relax the check in
Unfortunately to upgrade you have to do the SIP dance again. Hopefully this will work well for foreseeable future.