Verify Packages with Disk Image Verification
On this page
The MongoDB release team digitally signs MongoDB Compass packages to certify that packages are a valid and unaltered MongoDB release. Before you install MongoDB Compass, you can use the digital signature to validate the package.
This page describes how to verify .dmg packages on macOS.
Before you Begin
If you don't have MongoDB Compass installed, download the MongoDB Compass binary from the Download Center.
Steps
To verify the MongoDB Compass package, run:
codesign -dv --verbose=4 <path_to_compass_executable>
If the package is signed by MongoDB, the output includes the following information:
Authority=Developer ID Application: MongoDB, Inc. (4XWMY46275) Authority=Developer ID Certification Authority Authority=Apple Root CA