Downloader differs from previously opened versions #1414
Description
Configuration
- Keka version: 1.3.7 (5302)
- macOS version: 14.4 (23E214)
Describe the bug
Due to a sandboxing issue new to macOS Sonoma and due to this app and other apps using Sparkle's Downloader XPC Service, users may see a one-time system warning dialog when checking for updates about "Downloader" differs from previously opened versions.
It looks like Keka wants to use the Sparkle's Downloader XPC Service from following Sparkle's sandboxing guide because the app is not entitled with an outgoing network connection (com.apple.security.network.client) entitlement. So there are a couple ways to fix this issue:
- Keka can update to Sparkle 2.6.0 or later (which disables sandboxing for the Downloader XPC Service by default to avoid conflicts) (easiest way for most apps, but Keka is very unusual in trying to support an older deployment target that both Sparkle and Xcode for building apps no longer supports)
- Keka can re-compile their current version of Sparkle with a custom
XPC_SERVICE_BUNDLE_ID_PREFIX - Keka can enable the outgoing network connection (
com.apple.security.network.client) entitlement on its app instead of enabling the Downloader XPC Service as there are other drawbacks with using the downloader service (e.g. Sparkle can't use WebKit 2).
See sparkle-project/Sparkle#2514 and the updated sandboxing guide for more information on the issue.
[edit]: Updated to include 3rd option of not using downloader service.