Suspicious Package For Mac (Version 4.4) Latest 2024

Suspicious Package Overview

You can get important information on the package files that you download with Suspicious File. What files does the OS X Installer install? ? … What scripts are run during the installation, and what do they do? … You may be able to tell who really created the package ?. You may be genuinely suspicious about a package that you have downloaded. You might be curious to know what a package can do. You may want to know what files are scattered on your computer after a package has been installed. A Suspicious Package allows you to view the contents of an installer package. It’s free.

The Suspicious package is both an OS X application and a Quick Look plug-in.

TunnelBear For Mac

What’s new in version 4.4 For Mac

  • It can be used to show launch information for executables and bundles that are code-signed. It displays the code signing identity as well as any launch restrictions that are explicit and will limit the launch of the component on macOS 14 (Sonoma).
  • Support for Beyond Compare in the File > Compare Packages command. You can configure this via Suspicious Package > Preferences> Compare > Compare Packages With.
  • Thanks to Frank Winterpil, who made this possible.
  • Thanks to Olivier Prompt, who has been maintaining this for many years.
  • You can copy the key value, or a property list that contains only the item in XML, by control-clicking on the item when you use File > Show item as Property List. If the value of a data type is pure, you can either copy it into a hexadecimal string or export it into a new document.
  • Recent search terms are now preserved when using File > Display Item as a property list on Info.plist, File > Display Entitlements For Item, or File > Display Entitlements For All Executables.
  • The Package Info tab now correctly displays the “mixed Apple Silicon/Intel support” for certain packages that contain executables with older Intel architecture (or PowerPC architecture, which is even older) support.
  • A bug was fixed where Kaleidscope 4, which is the latest version, might not have been able to be selected by suspicious package > Preferences> Compare > Compare Packages using. Version 4 would have worked if you had previously configured Kaleidscope 3, but the suspicious package got confused as version 4 has a separate bundle identifier. It should now correctly recognise versions 4 and/or 3. (In either case, Suspicious Package uses /usr/local/bin/ksdiff to initiate a comparison, and it’s up to that tool to choose which app to talk to.)
  • The entitlements of certain executables weren’t properly displayed. DER-format entitlements containing dictionary values could not be correctly decoded.
  • When previewing macOS Full Installer packages, avoid triggering the macOS warning that “a suspicious package would like to gain access to data from other applications.” The suspicious package was not trying to access data from any other apps than its Quick Look Preview extension. It didn’t matter whether you allowed it or not. It was annoying, though!
  • Suspicious Package now makes sure that when exporting an item, it will ensure all files can be read and written by the current user, regardless of any permissions set up in the package. This was done for directories, mainly so the item could be removed easily after inspection. However, a non-writable file can cause other subtle issues. For example, you may not be able to remove the quarantine attribute or possibly trigger the app translocation behaviour. The suspicious package has always ignored ownership specified by the package when exporting. This is one of many reasons why exporting does not work.
  • If you wish to view the package in the Finder without opening it, use File > Show Package (Cmd/Option-R).
  • Removed support for macOS 11 (Big Sur).


LicenseApp Requirements
Size: 6.6 MB
Developer’s website:
Intel 64
Apple Silicon
macOS 12 or later
Preview contents of installer packages.

✍ Write your thoughts in our old-fashioned comment

Rating: 3.5 out of 5.

Leave a Comment