I came across a post by an unhappy (former) user: Do not use Duplicacy on macOS
He posted something similar here but he asked me to delete his account. After I did that all his posts as well as the entire thread were gone.
The main criticism seems to be that private directories can’t be backed up even if you whitelist the web GUI in the Full Disk Access list because it is the CLI that does the actual backup. However, this is not the case in my tests on my mac running 10.15.5. I have no problem backing up directories like
~/Libraries/Mail or using the
-vss option after adding the web GUI to the list. And they would all fail otherwise.
There is no official doc from Apple on Full Disk Access, but the closest one I can find seems to confirm that Full Disk Access is inheritable by child processes: The Rules for Full Disk Access | Apple Developer Forums
…whitelisting a certain .app will enable its main executable and any child processes…
Does any macOS user still have problems accessing those private directories after enabling the web GUI with Full Disk Access?
Another criticism was that he didn’t know where the CLI is downloaded from and felt unsafe. The CLI is actually downloaded from the github release page using github’s API, so it is as safe as manually downloading and running the binaries from the same page.