
MacOS 10.12.6 Source - tosh
https://opensource.apple.com/release/macos-10126.html
======
InSaneDarwin
Hey, this is Cliff aka InSaneDarwin from PureDarwin Project we have a vm that
is coming along nicely if anyone has seen our home
page([http://www.puredarwin.org](http://www.puredarwin.org)). We are looking
for some help with our own ACPI/Platform Expert and so I/OKit Drivers if you
guys are looking for some fun come join us.

~~~
blauditore
If I understand correctly, this should be able to run on any Intel platform,
so it's not bound to Apple-labelled hardware, right?

I'm asking because publishing cross-platform mobile apps is currently a
hassle, as the iOS one can only be done from MacOS, which itself only runs on
Apple hardware. As a consequence, I have an old Macbook lying around and dust
it off everytime I make a release. A VM running anywhere would come a long
way.

Also, I'm aware of hackintosh VMs, but it's a hassle to set up (and yeah,
borderline legal, but I'm on borderline patience with all that inconvenience
by now).

~~~
sigjuice
This is not macOS. According to the screenshot of the latest build, it doesn't
look like it even boots all the way to a shell. It is unlikely to ever help
you with mobile app publishing.

~~~
FlyingSnake
From the FAQs:

"PureDarwin can run on VMware as well as real Intel-based hardware. We are
successfully running a web server, have built hundreds of software packages
with MacPorts running on PureDarwin, including ssh, apache2, tightvnc, Xfce,
and others."

I personally haven't run it, but I think it's pretty usable if it can do the
things mentioned above.

~~~
hollander
If I would need to run Apache, SSH, VNC - why would I go this difficult road?
I can install Debian, Ubuntu or Centos, with desktop if I need it, and much
more support online. What does PureDarwin offer that Linux doesn't?

------
KZeillmann
I don't follow Apple open source, so I have a lot of questions: What parts of
MacOS are open source, and which are not? How is it licensed? Why is this on
their website rather than GitHub?

~~~
raimue
As Apple is not developing this software in the public, it would not make
sense to put it on GitHub or any other code hosting site. The usual approach
is that Apple throws bits over the wall where you can pick them up months
after the end-user release. And even these code drops will be thoroughly
cleaned before, so that for example kernel sources do not contain any trace of
support for ARM or anything else related to the iPhone – all of that is
strictly closed source.

Software they take in from BSD, other open source projects, or some common
Linux tools might also get patched. However, such patches are never actively
submitted back to the projects, but only published on this website.

The sources published for macOS on this website are mostly licensed any
variant of the BSD/MIT licenses, or the Apple Public Source License, or the
GPLv2. Apple avoids the GPLv3 for legal reasons due to its patent clause. That
is why they often ship only the most recent GPLv2 release and ignore all later
updates, for example GNU make 3.81 or bash 3.2. There might also be some other
licenses in the mix, such as the Artistic License for Perl and related
software.

~~~
eridius
> _Apple avoids the GPLv3 for legal reasons due to its patent clause._

The patent clause is bad, but the anti-TiVoization clause is actually worse.
According to that, if Apple accidentally ships any GPLv3 on iOS then they'll
have to release their root signing keys to the world, which would be
disastrous (it would destroy the security model of the OS).

~~~
phh
Nope, GPLv3 doesn't break any security model other than security by obscurity.
Android could very well use GPLv3 and have no consequence on its security
model. As long as the bootloader is open-able, the Tivo-ization rule of GPLv3
is respected. If Apple uses GPLv3, it will piss them off quite a lot, but it
won't impact their security at all.

~~~
eridius
Of course it will. The iOS security model fundamentally depends on everything
from the bootloader up being codesigned. Releasing the root signing keys
completely destroys this. Nothing on the system can be trusted anymore if that
happens.

Edit: Well, I guess the secure enclave can be trusted. But nothing else can
be.

~~~
slrz
It can still require signed code. I just want to swap Apple's key for mine. As
the owner of the device, by definition, I am the sole arbiter on what is
considered trustworthy. Executing only programs that I have personally
approved (and thus carry my signature) is the perfect implementation of that
policy.

Now, I might be lazy or busy and delegate that responsibility to Apple or some
other third party. There may be mismatches between my preferred policy and
what is enforced by my proxy, but it might still work reasonably well overall.
We humans do it all the time. No reason the CEO has to make every single
decision themselves.

When the stakes are high and I don't want to risk that nuances of my set
policy get lost in translation or when it's about things that are totally
outside my proxy's area of expertise, I'd prefer to make the decision myself.

With iDevices, I can't. There's only the delegate model and the only available
proxy to choose from is Apple.

PS: Releasing secret signing keys to the whole world is an obviously bogus
suggestion. Please stop beating up this strawman.

~~~
eridius
It's not a strawman. It's what would have to happen according to the GPLv3.
The fact that you could design a system that allows for user-replaceable keys
doesn't change the fact that iOS is not that system, and that if GPLv3 code
gets into iOS then, according to the terms of that license, owners of
_existing devices_ would need to be allowed to replace the code. And the only
way to do that is to release the root signing keys. You can't say "well they
could design a future device to allow this", because that hypothetical future
device isn't what we have today.

------
Twirrim
OpenSSL098-64.50.6

 _sigh_

What do we have to do to get Apple to actually update OpenSSL? It's beyond
ridiculous. They're shipping the OS with a version of OpenSSL that is
completely unsupported, and doesn't support newer security features.

~~~
strmpnk
I believe Apple has adopted the BoringSSL fork that Google started. I bet this
code is there for legacy reasons.

~~~
alwillis
Apple wrote their own SSL/TLS stack a while ago; they haven't used OpenSSL for
quite a while:
[https://developer.apple.com/security/](https://developer.apple.com/security/)

------
ryanbigg
A little disappointed to see that they're still shipping Ruby 2.0; a version
shipped 4 years ago. I would hope that they would update this soon to keep up
to date with the language and security patches

~~~
developer2
Never expect Apple to ship anything recent. Anything outside of their own
"core system" that depends on 3rd party packages is likely to be 2, 3, 8 years
out of date. Software like brew and macports aren't only popular for "extra"
software; they're popular for replacing bundled software that is severely out-
of-date. Last time I started from scratch, that included updating git and php
from versions so old that it was laughable. Let us be thankful that these
alternatives exist.

~~~
DonaldPShimoda
Just to be clear, though, this isn't because Apple isn't interested in
updating things. It's specifically because much of that software moved to
GPLv3, and Apple won't include any software with that license. (The internal
documentation is very clear about that haha.)

------
pstuart
Sure would be nice if they could upgrade bash to 4.x

~~~
saagarjha
If I remember correctly it’s because newer versions of Bash use GPLv3 which
Apple doesn’t want to have to deal with.

~~~
astrodust
Need a BSD or MIT licensed bash work-alike, but that is not a fun project to
undertake.

~~~
skrause
Why not drop bash completely and make zsh the default shell? Apple has been
shipping zsh for a very long time already...

~~~
kitotik
IIRC csh was the default pre OS 10.2 days.

I previously thought zsh fit the Apple ethos and aesthetic the best with its
nice completions and clean(er) syntax.

Now I wish they’d start shipping fish as it provides such a nice experience
out of the box, and is gplv2

~~~
jolux
fish should be the default shell on macOS, possibly with a cool custom theme.
then again it might turn off some of the hardcore bearded UNIX people who use
it.

~~~
moondev
Fish is not 100% bash compatible so that would break scripts everywhere

~~~
stephenr
Only scripts that are sourced by the active shell

Edit: to clarify, any shell script that is executed will define its own shell
to execute with (the #! line).

There _may_ be some issues if scripts have declared their shell as /bin/sh but
they use bashisms, and then /bin/sh isn't provided by bash anymore, but
honestly that's not necessarily related.

The discussion here is about changing the default login shell for interactive
user accounts to fish.

If they did this though, it would be nice if they would use dash for /bin/sh,
but I'm not sure how that's licenced - possibly gpl3 too?

------
donatj
What is the WTF project?

~~~
withzombies
Webkit's Web Template Framework
[https://github.com/WebKit/webkit/tree/master/Source/WTF/wtf](https://github.com/WebKit/webkit/tree/master/Source/WTF/wtf)

------
0x006A
why don't they ship python3?

~~~
Crontab
Personally, this is why I would prefer that UNIX vendors/distributions not
include advanced languages like Python, Perl, Lua, and Ruby. It seems like it
ends up causing more issues than it solves.

~~~
thomastjeffery
> this is why...

The version difference?

That's quite easy to work around. Just name your python 3 binary "python3".

------
MurrayHill1980
uucp?

------
orionblastar
Apple done lost their minds!

I remember when Darwin was binary ISOs, and then it just became source code
and you had to hunt all over the Internet for ISOs as Apple didn't make them
anymore and then anyone that did you suspect of putting a trojan in the
binary.

I assume this MacOS Source is the parts of MacOS that go back into BSD Unix
that Apple promises to share with the free and open source communities?

Anyone tried compiling the source code yet to see if it works and can be made
into a binary ISO file?

~~~
wahern
[http://www.puredarwin.org/](http://www.puredarwin.org/)

~~~
kitotik
As someone who heavily tinkered with opendarwin, its great to see this still
has a heartbeat :)

Would be nice to get a base docker image going instead of using VM
though...might add this to the side project list!

~~~
yjftsjthsd-h
I don't think that would work; Darwin includes the XNU kernel, so it wouldn't
make sense to run it in Docker, which is containers under a Linux kernel. A VM
_is_ the right solution here.

