Issues with the Homebrew distribution

[mtibben]

The Homebrew distribution does not sign the aws-vault binaries, while the "cask" distribution does.

❌ brew install aws-vault -> unsigned binary
✅ brew install --cask aws-vault -> signed binary

All Apple documentation guides the developer to sign binaries when dealing with the keychain, but I am unclear of the exact limitations of these unsigned binaries.

I myself have run into issues when using unsigned binaries with the keychain, however I've struggled to provide concrete examples to the homebrew maintainers.

Issues I've anecdotally seen with the unsigned Homebrew binaries:

• Double prompts when "Allow"-ing access to the keychain
• Errors when deleting credentials
• Different versions aws-vault requiring re-authentication to credentials
• Messages saying "the authenticity of aws-vault cannot be verified"

These issues are suspected to be caused by the unsigned homebrew binaries

• Cannot delete an existing profile #1053
• [v7.0.0-rc1 ] aws-vault: error: clear: Keychain Error. (-25244) #1157

I've previously raised these issues with the maintainers at Homebrew/homebrew-core#84589

My advice is to NOT use the Homebrew distribution, use the cask distribution instead.

[github-actions]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.

[github-actions]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.