When Mac OS X was designed, it switched to the bundle structure inherited from NeXTSTEP. Instead of this multitude of resources, apps consisted of a hierarchy of directories containing files of executable code, and those with what had in Mac OS been supporting resources. Those app bundles came to adopt a standard form, shown below.
↫ Howard Oakley
A short, but nonetheless informative overview of the structure of a macOS application. I’m sure most people on OSNews are aware that a macOS application is a bundle, which is effectively a glorified directory containing a variety of files and subdirectories that together make up the application. I haven’t used macOS in a while, but I think you can right-click on an application and open it as a folder to dig around inside of it.
I’m trying to remember from my days as a Mac OS X user – 15-20 years ago – if there was ever a real need to do so, but I’m sure there were a few hacks you could do by messing around with the files inside of application bundles. These days, perhaps with all the code-signing, phoning-home to Apple, and other security trickery going on, such acts are quite frowned upon. Does making any otherwise harmless changes inside an application bundle set off a ton of alarm bells in macOs these days?
I don’t know about ARM-era macOS, but, according to this StackExchange Q&A, the files within a bundle are signed individually and Mac OS 10.11 was when Gatekeeper started requiring that developers sign all the executables in the bundle. (They cite Apple’s macOS Code Signing In Depth.)
That fits with what I’ve experienced on the hand-me-down iMac I run 10.13 on. When I was installing open-source apps on it to try to give myself more reason to care about something that couldn’t run classic Mac OS and presented an inferior alternative to how I use Linux, I found that some of them were specifically designed so that you added files to folders stored inside the bundle to extend them so that the “just drag it to the trash to uninstall” property was preserved.
However, I’m not sure if any of them involved adding files that Gatekeeper would recognize as code or if they were all things like graphical assets, Lua scripts, etc.