> Here's the thing with how gatekeeper works, that application had already passed gatekeeper and will never be _fully_ validated ever again.
> If you zipped your modified Slack.app up, uploaded it to google drive, and downloaded it again. Gatekeeper would 100% reject that application, the ASAR file is included as part of the application signature. You can prove this by checking the "CodeResources" file in the apps signature.
> You can't re-distribute the app without gatekeeper completely shutting you down.
> Here's the thing with how gatekeeper works, that application had already passed gatekeeper and will never be _fully_ validated ever again.
> If you zipped your modified Slack.app up, uploaded it to google drive, and downloaded it again. Gatekeeper would 100% reject that application, the ASAR file is included as part of the application signature. You can prove this by checking the "CodeResources" file in the apps signature.
> You can't re-distribute the app without gatekeeper completely shutting you down.
[1]: https://news.ycombinator.com/item?id=20637738