The unsigned GitHub Release build runs entirely in the KeyMapPlus app process. It uses Accessibility/Input Monitoring, CGEventTap, and CoreGraphics output. It does not include a privileged helper, DriverKit extension, virtual HID device, or background daemon.
- Only enabled single-tap rules without pass-through are suppressed immediately.
- Double-tap and triple-tap rules remain observable rather than immediately suppressed. Without a virtual HID device, delaying and replaying physical input reliably is not safe.
- Layer triggers are suppressed while the layer is active so a layer key does not leak to the foreground app.
- Events posted by KeyMapPlus carry an internal marker and are ignored by its own event tap to avoid output loops.
- Mapping stops or degrades while another app enables Secure Input, such as password prompts or some terminal applications.
- Accessibility and Input Monitoring permission are required and may need to be granted again after moving or rebuilding the unsigned app.
- Device-specific grabbing, exact hardware identity, and privileged event suppression are unavailable. CGEventTap reports session-level input rather than a physical HID device, so device-scoped rules cannot be guaranteed in this distribution mode. Device settings are metadata and detection aids only.
- An unsigned DMG requires the user to explicitly approve the app in Gatekeeper before first launch.