Fails with bbdiff as diff external tool #93
Description
With FileDiff set to use bbdiff as external diff tool in macOS, nothing happens when requesting a diff.
BBEdit’s developer thinks Sublime Text (or FileDiffs?) might be missing application entitlements.
Steps to reproduce
- Download and install BBEdit.
- Optionally install BBEdit’s command line tools: start BBEdit ▸ menu BBEdit ▸ Settings… ▸ Application ▸ Sandbox access, press Allow and confirm access to the top directory of your startup disk.
- Set FileDiffs to use BBEdit. If you installed BBEdit’s command line tools:
if you did not:
{ "cmd": ["bbdiff", "--wait", "$file1", "$file2"], }{ "cmd": ["/Applications/BBEdit.app/Contents/Helpers/bbdiff", "--wait", "$file1", "$file2"], } - Open two files in tabs and summon FileDiffs by pressing ⇧⌘P, typing FileDiffs ▸ Diff file with Previous Tab.
Expected results
BBEdit should autostart diffing the two files
Actual results
Nothing at all.
Notes
Tried also with:
{
"cmd": ["/usr/local/bin/bbdiff", "$file1", "$file2"]
}This is BBEdit’s developer’s feedback on the issue:
If you watch your macOS console when you attempt to perform the diff, you'll see something that looks like this:
error 10:40:45.285784-0400 tccd Prompting policy for hardened runtime; service: kTCCServiceAppleEvents requires entitlement com.apple.security.automation.apple-events but it is missing for responsible={TCCDProcess: identifier=com.sublimetext.4, pid=62309, auid=501, euid=501, responsible_path=/Applications/Sublime Text.app/Contents/MacOS/sublime_text, binary_path=/Applications/Sublime Text.app/Contents/MacOS/sublime_text}, accessing={TCCDProcess: identifier=com.barebones.cmd-line-tools.bbdiff, pid=62783, auid=501, euid=501, binary_path=/Applications/BBEdit.app/Contents/Helpers/bbdiff}, requesting={TCCDProcess: identifier=com.apple.appleeventsd, pid=775, auid=55, euid=55, binary_path=/System/Library/CoreServices/appleeventsd},
Sublime Text needs to be updated to address this.
Here is some information that will be useful to Sublime Text's developers in addressing this issue:
The Sublime Text application is signed with the Hardened Runtime, and requires specific code signing entitlements so that it is allowed to send Apple Events to other applications. This is necessary even when the actual sender of the Apple Event is a command-line tool run by Sublime Text, as is the case here.
In particular, macOS requires that Sublime Text include (at least) the following code signing entitlement:
<key>com.apple.security.automation.apple-events</key> <true/>Additionally, Sublime Text is missing an
NSAppleEventsUsageDescriptionvalue in the application properties.In order to resolve this issue, Sublime Text's developers will need to update the application code signing to include the above entitlement, and add the following to its application property list:
<key>NSAppleEventsUsageDescription</key> <string>Command-line tools run by Sublime Text may need to send Apple Events to other applications in order to function correctly.</string>
I will report the same issue to Sublime Text, in case they are the ones that can fix this.