Suspicious Package: cool, free utility looks into .pkg files

I just downloaded a totally innocuous app to evaluate, NoteCase Pro, and after macOS gave me the standard warning that it came from an unidentified developer (not a big deal), I also got some pop-ups from a free QuickLook plugin (that I’d forgotten I’d installed) for examining Installer packages - Supicious Package from Randy Saldinger:

What a super little utility. It gave me specifics about the pkg file, let me look at the install files, and more:

I wish I knew more about the dev. This utility is free (not even a donation request!), and the dev’s only active internet presence seems to be his Instagram page.

Neat little utility.

1 Like

So what’s your point? That shell script looks pretty harmless and the only warning you got was that the package wasn’t signed.

The bash script is just opening the releasenotes by the way. However, for note taking applications there are many (well-known) alternatives. Don’t know why you’re installing this one.

Packages are easy to browse. Right click or ^click a package and choose Show Package Contents.


The package is revealed as the folder it is.

Or just change the extension on the package, which will make it a folder, then change it back.

That I was recommending a cool, free utility in the SOFTWARE forum. :face_with_monocle:


Yes, but they don’t let you easily view the contents via QuickLook, nor do they let you sift through all your .pkg files so easily.

Thanks for sharing!

In this case it seems like there’s not suspicious about the PKG, but it’s always nice to have something like this in your tool belt.