Softpedia >Mac >Utilities >Apparency >  Changelog

Apparency Changelog

What's new in Apparency 1.8.1

Feb 29, 2024
  • Deliver results faster when typing in the Open System Library with String Literal window.
  • Fixed a bug where a visionOS component was reported as requiring a version of watchOS.
  • Fixed a bug that would cause some macOS-defined launchd jobs to be missing from the Launch Information inspector, when the associated component was opened — which could be particularly confusing if you got there by using Open System Component and matched on a launchd job definition.

New in Apparency 1.8 (Feb 12, 2024)

  • After typing a name, simply pick the desired component from the list to open it.
  • Added File > Open System Library with String Literal (Shift-Control-Cmd-O), which also allows you to open a system framework or dylib, but by searching for a specific string embedded in the library. This is similiar to searching the output of strings(1), at least in concept, but it works on (the vast majority of) system libraries that have been moved into the DYLD shared cache. [Read More]
  • Added Component > Analyze Executable Using Hopper Disassembler (Shift-Cmd-D), which points Hopper at the selected component's executable, and automates through the various Hopper loading option dialogs. This even works for system frameworks that have been moved into the DYLD shared cache, thanks to Hopper's ability to read that cache — and support for using AppleScript to automate it. [Read More]
  • From the Executable Information inspector, you can now directly open any of the system frameworks or libraries in a new Apparency window. Under Dynamically Linked Libraries, select a library and choose Open Library in Apparency — or just double-click. This works only for libraries that are referenced by an absolute path (not @rpath or other DYLD variable paths, which are probably somewhere else in the current window anyway).
  • Whichever way you open the dylib, you can see its linked libraries, examine its embedded strings (see below) and/or pass it to Hopper for reverse engineering.
  • Added Component > Show String Literals from Executable (Shift-Option-Cmd-X). This inspector shows the constant strings that are built into the Mach-O executable. This is similar to what you'd get by running strings(1), although Apparency doesn't look for strings as aggressively (or heuristically) as strings(1). Apparency searches only in Mach-O sections that are declared to contain NULL-terminated C strings. You can filter and sort the list of strings in various ways, which can be helpful when you are reverse engineering an executable. Importantly, you can use this inspector on a framework or dylib that has been moved into the DYLD shared cache. [Read More]
  • Enhanced the File > Open > Look for components in de facto “code places” option to be more aggressive about finding bundles and/or code in non-standard places. This mode is a tradeoff between completeness and performance, but we may have overstressed performance in the past. Now, in addition to searching the Resources folder, it will also search non-standard directories at the top-level of the bundle Contents. Whether there are any such places varies with the app: most have none, some have a few, Xcode has many. Note that if you enable this option on a particularly large and complex app (like Xcode), you may experience a delay before the Apparency window appears (one reason that we don't turn this on by default).
  • Added File > Open System Component (Control-Cmd-O), which allows you to open a component of macOS itself, by searching for a specific name (or portion thereof). This can be used to open:
  • system frameworks (including those in PrivateFrameworks);
  • system dylibs, even those moved into the DYLD shared cache and not actually on disk; and
  • system executables started as launchd jobs.
  • Ability to open system dylibs that have been moved into the DYLD shared cache, and thus don't even exist on disk, such as /usr/lib/libobjc.A.dylib. Although you can't use the File > Open dialog for these — there's nothing to choose! — there are several other ways to open these:
  • use File > Open System Component and type the base name of the library, such as “libobjc”: you can then select the library to open;
  • if you have an opened component that uses that library, open the Executable Information inspector and double-click on the library; or
  • if you know the canonical path for the library, use the appy command line tool.

New in Apparency 1.7 (Dec 7, 2023)

  • Enhanced the Launch Information inspector to show implicit launch constraints, which are those associated with the components of macOS itself. Open a macOS component in Apparency, and use Component > Show Launch Information to see the constraints that apply. Use Window > Implicit Launch Constraints to see all of the implicit constraints defined by macOS. Props to Csaba Fitzl for reverse-engineering and documenting this mechanism.
  • Improved the handling of components that are ad hoc-signed by the macOS linker. The linker does this signing to meet the Apple Silicon requirement that all executables have a code signing digest, or cdhash. This used to be shown as having Conflicting signatures, which was technically accurate (because the Intel code is usually unsigned) but was nevertheless confusing. Now, in the most typical case of linker signing, the Signed By will be Linker (Ad-Hoc).
  • Enabled the Show Code Signature button (on the toolbar or the info pane) for more cases of Conflicting signatures, especially those involving ad-hoc signatures. This allows you to see the details for each processor architecture. For example, this can be useful on certain apps exported by Script Debugger's Export Run-Only command.
  • For macOS Sonoma “web apps” — created in Safari using File > Add to Dock — Apparency now shows a Kind Detail of “Safari Web App” in the info pane.
  • Fixed a bug where certain macOS frameworks wouldn't open correctly, showing the error bundle format is ambiguous (could be app or framework). This could happen after a macOS update, if the framework now resides on a a “cryptex” rather than on the Signed System Volume. (This can happen with Rapid Security Response updates, but also with updates like Safari, which installs new versions of WebKit and related frameworks.) Apparency will now correctly recognize the special status of macOS system frameworks, even on the cryptex volume.
  • Fixed a bug where opening a component using the “appy” command-line tool could silently fail, especially if the given path happens to be a symbolic link, such as /Applications/Safari.app (which links to a path on a “cryptex” volume). Apparency will now properly open the target of the symlink — or will show an error if it can't do so.
  • Removed support for macOS 11 (Big Sur).