Update Fleet-maintained apps#48305
Conversation
Generated automatically with cmd/maintained-apps.
There was a problem hiding this comment.
Claude Code Review
This repository is configured for manual code reviews. Comment @claude review to trigger a review and subscribe this PR to future pushes, or @claude review once for a one-time review.
Tip: disable this comment in your organization's Code Review settings.
Script Diff Resultsee/maintained-apps/outputs/a-better-finder-rename/darwin.json=== Install Script (no changes) ===
=== Uninstall Script (no changes) ===ee/maintained-apps/outputs/adobe-acrobat-reader/windows.json=== Install Script (no changes) ===
=== Uninstall Script (no changes) ===ee/maintained-apps/outputs/arc/darwin.json=== Install Script (no changes) ===
=== Uninstall Script (no changes) ===ee/maintained-apps/outputs/bitwarden/darwin.json=== Install Script (no changes) ===
=== Uninstall Script (no changes) ===ee/maintained-apps/outputs/citrix-workspace/darwin.json=== Install // fe7ba180 -> f4f3e7be ===
--- /tmp/old.LF2DIR 2026-06-25 20:36:13.841421909 +0000
+++ /tmp/new.XDKpbE 2026-06-25 20:36:13.841421909 +0000
@@ -96,5 +96,5 @@
# install pkg files
quit_and_track_application 'com.citrix.receiver.nomas'
-sudo installer -pkg "$TMPDIR/CitrixWorkspaceAppUniversal26.03.0.49.pkg" -target /
+sudo installer -pkg "$TMPDIR/CitrixWorkspaceAppUniversal26.03.11.41.pkg" -target /
relaunch_application 'com.citrix.receiver.nomas'
=== Uninstall // ed152120 -> a1c686b5 ===
--- /tmp/old.C2FBUy 2026-06-25 20:36:13.874422082 +0000
+++ /tmp/new.VEq32c 2026-06-25 20:36:13.874422082 +0000
@@ -210,6 +210,7 @@
remove_launchctl_service 'com.citrix.devicetrust.launchagent'
remove_launchctl_service 'com.citrix.ReceiverHelper'
remove_launchctl_service 'com.citrix.ReceiverUninstallHelper'
+remove_launchctl_service 'com.citrix.ReceiverUpdaterHelper'
remove_launchctl_service 'com.citrix.safariadapter'
remove_launchctl_service 'com.citrix.ServiceRecords'
remove_launchctl_service 'com.citrix.UninstallMonitor'
@@ -231,6 +232,8 @@
forget_pkg 'com.citrix.ICAClientcwa'
remove_pkg_files 'com.citrix.ICAClienthdx'
forget_pkg 'com.citrix.ICAClienthdx'
+remove_pkg_files 'com.citrix.receiver.bcr'
+forget_pkg 'com.citrix.receiver.bcr'
trash $LOGGED_IN_USER '~/Library/Application Support/Citrix Receiver'
trash $LOGGED_IN_USER '~/Library/Application Support/Citrix Workspace'
trash $LOGGED_IN_USER '~/Library/Application Support/Citrix'ee/maintained-apps/outputs/claude/darwin.json=== Install Script (no changes) ===
=== Uninstall Script (no changes) ===ee/maintained-apps/outputs/codex-app/darwin.json=== Install Script (no changes) ===
=== Uninstall Script (no changes) ===ee/maintained-apps/outputs/copilot-money/darwin.json=== Install Script (no changes) ===
=== Uninstall Script (no changes) ===ee/maintained-apps/outputs/firefox/darwin.json=== Install Script (no changes) ===
=== Uninstall Script (no changes) ===ee/maintained-apps/outputs/firefox/windows.json=== Install Script (no changes) ===
=== Uninstall Script (no changes) ===ee/maintained-apps/outputs/github/darwin.json=== Install Script (no changes) ===
=== Uninstall Script (no changes) ===ee/maintained-apps/outputs/granola/darwin.json=== Install Script (no changes) ===
=== Uninstall Script (no changes) ===ee/maintained-apps/outputs/iina/darwin.json=== Install Script (no changes) ===
=== Uninstall Script (no changes) ===ee/maintained-apps/outputs/libreoffice/darwin.json=== Install Script (no changes) ===
=== Uninstall Script (no changes) ===ee/maintained-apps/outputs/modern-csv/darwin.json=== Install Script (no changes) ===
=== Uninstall Script (no changes) ===ee/maintained-apps/outputs/webex/windows.json=== Install Script (no changes) ===
=== Uninstall Script (no changes) ===ee/maintained-apps/outputs/workflowy/darwin.json=== Install Script (no changes) ===
=== Uninstall Script (no changes) === |
WalkthroughThis PR updates maintained-app release metadata across multiple Darwin and Windows JSON entries. Each affected entry bumps the recorded version, changes the patched version-comparison target, updates the installer URL, and refreshes the checksum. The Citrix Workspace entry also updates the release entry and replaces the install and uninstall script reference contents. Possibly related PRs
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Actionable comments posted: 1
🧹 Nitpick comments (1)
ee/maintained-apps/outputs/citrix-workspace/darwin.json (1)
20-20: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick winInstall directly from
$INSTALLER_PATH.Line 20 hard-codes the versioned pkg basename even though Fleet already passes the downloaded file path in
$INSTALLER_PATH. Using that variable removes the need to replace the script ref on every Citrix version bump and avoids basename-coupling.Suggested fix
-APPDIR="/Applications/" -TMPDIR=$(dirname "$(realpath "$INSTALLER_PATH")") +APPDIR="/Applications/" @@ -sudo installer -pkg "$TMPDIR/CitrixWorkspaceAppUniversal26.03.11.41.pkg" -target / +sudo installer -pkg "$INSTALLER_PATH" -target /🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@ee/maintained-apps/outputs/citrix-workspace/darwin.json` at line 20, The install step is still hard-coding the Citrix pkg filename instead of using the downloaded installer path provided by $INSTALLER_PATH. Update the package install command in the script to use $INSTALLER_PATH (or a path derived from it) rather than the versioned CitrixWorkspaceAppUniversal26.03.11.41.pkg basename, while keeping the existing quit_and_track_application and relaunch_application flow unchanged.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@ee/maintained-apps/outputs/citrix-workspace/darwin.json`:
- Line 19: The non-sudo path in remove_launchctl_service is using the current
process context, so when this uninstall runs as root it removes LaunchAgents
from /var/root instead of the console user’s domain. Update
remove_launchctl_service to unload and delete plist files for the logged-in user
captured in LOGGED_IN_USER, and make sure the launchctl/remove logic targets
that user domain rather than relying on HOME/current context.
---
Nitpick comments:
In `@ee/maintained-apps/outputs/citrix-workspace/darwin.json`:
- Line 20: The install step is still hard-coding the Citrix pkg filename instead
of using the downloaded installer path provided by $INSTALLER_PATH. Update the
package install command in the script to use $INSTALLER_PATH (or a path derived
from it) rather than the versioned CitrixWorkspaceAppUniversal26.03.11.41.pkg
basename, while keeping the existing quit_and_track_application and
relaunch_application flow unchanged.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Run ID: 4f4a296c-6f40-47bf-979d-2e136c78a2c3
📒 Files selected for processing (17)
ee/maintained-apps/outputs/a-better-finder-rename/darwin.jsonee/maintained-apps/outputs/adobe-acrobat-reader/windows.jsonee/maintained-apps/outputs/arc/darwin.jsonee/maintained-apps/outputs/bitwarden/darwin.jsonee/maintained-apps/outputs/citrix-workspace/darwin.jsonee/maintained-apps/outputs/claude/darwin.jsonee/maintained-apps/outputs/codex-app/darwin.jsonee/maintained-apps/outputs/copilot-money/darwin.jsonee/maintained-apps/outputs/firefox/darwin.jsonee/maintained-apps/outputs/firefox/windows.jsonee/maintained-apps/outputs/github/darwin.jsonee/maintained-apps/outputs/granola/darwin.jsonee/maintained-apps/outputs/iina/darwin.jsonee/maintained-apps/outputs/libreoffice/darwin.jsonee/maintained-apps/outputs/modern-csv/darwin.jsonee/maintained-apps/outputs/webex/windows.jsonee/maintained-apps/outputs/workflowy/darwin.json
| "refs": { | ||
| "ed152120": "#!/bin/bash\n\n# variables\nLOGGED_IN_USER=$(scutil <<< \"show State:/Users/ConsoleUser\" | awk '/Name :/ { print $3 }')\n# functions\n\nexpand_pkgid_and_map() {\n local PKGID=\"$1\"\n local FUNC=\"$2\"\n if [[ \"$PKGID\" == *\"*\" ]]; then\n local prefix=\"${PKGID%\\*}\"\n echo \"Expanding wildcard for PKGID: $PKGID\"\n for receipt in $(pkgutil --pkgs | grep \"^${prefix}\"); do\n echo \"Processing $receipt\"\n \"$FUNC\" \"$receipt\"\n done\n else\n \"$FUNC\" \"$PKGID\"\n fi\n}\n\nforget_pkg() {\n local PKGID=\"$1\"\n expand_pkgid_and_map \"$PKGID\" forget_receipt\n}\n\nforget_receipt() {\n local PKGID=\"$1\"\n sudo pkgutil --forget \"$PKGID\"\n}\n\nquit_application() {\n local bundle_id=\"$1\"\n local timeout_duration=10\n\n # check if the application is running\n local app_running\n app_running=$(osascript -e \"application id \\\"$bundle_id\\\" is running\" 2>/dev/null)\n if [[ \"$app_running\" != \"true\" ]]; then\n return\n fi\n\n local console_user\n console_user=$(stat -f \"%Su\" /dev/console)\n if [[ -z \"$console_user\" || \"$console_user\" == \"root\" || \"$console_user\" == \"loginwindow\" ]]; then\n echo \"Not logged into a non-root GUI; skipping quitting application ID '$bundle_id'.\"\n return\n fi\n\n echo \"Quitting application '$bundle_id'...\"\n\n # try to quit the application within the timeout period\n local quit_success=false\n SECONDS=0\n while (( SECONDS < timeout_duration )); do\n if osascript -e \"tell application id \\\"$bundle_id\\\" to quit\" >/dev/null 2>&1; then\n if ! pgrep -f \"$bundle_id\" >/dev/null 2>&1; then\n echo \"Application '$bundle_id' quit successfully.\"\n quit_success=true\n break\n fi\n fi\n sleep 1\n done\n\n if [[ \"$quit_success\" = false ]]; then\n echo \"Application '$bundle_id' did not quit.\"\n fi\n}\n\n\nremove_launchctl_service() {\n local service=\"$1\"\n local booleans=(\"true\" \"false\")\n local plist_status\n local paths\n local should_sudo\n\n echo \"Removing launchctl service ${service}\"\n\n for should_sudo in \"${booleans[@]}\"; do\n plist_status=$(launchctl list \"${service}\" 2>/dev/null)\n\n if [[ $plist_status == \\{* ]]; then\n if [[ $should_sudo == \"true\" ]]; then\n sudo launchctl remove \"${service}\"\n else\n launchctl remove \"${service}\"\n fi\n sleep 1\n fi\n\n paths=(\n \"/Library/LaunchAgents/${service}.plist\"\n \"/Library/LaunchDaemons/${service}.plist\"\n )\n\n # if not using sudo, prepend the home directory to the paths\n if [[ $should_sudo == \"false\" ]]; then\n for i in \"${!paths[@]}\"; do\n paths[i]=\"${HOME}${paths[i]}\"\n done\n fi\n\n for path in \"${paths[@]}\"; do\n if [[ -e \"$path\" ]]; then\n if [[ $should_sudo == \"true\" ]]; then\n sudo rm -f -- \"$path\"\n else\n rm -f -- \"$path\"\n fi\n fi\n done\n done\n}\n\nremove_pkg_files() {\n local PKGID=\"$1\"\n expand_pkgid_and_map \"$PKGID\" remove_receipt_files\n}\n\nremove_receipt_files() {\n local PKGID=\"$1\"\n local PKGINFO VOLUME INSTALL_LOCATION FULL_INSTALL_LOCATION\n\n echo \"pkgutil --pkg-info-plist \\\"$PKGID\\\"\"\n PKGINFO=$(pkgutil --pkg-info-plist \"$PKGID\")\n VOLUME=$(echo \"$PKGINFO\" | awk '/<key>volume<\\/key>/ {getline; gsub(/.*<string>|<\\/string>.*/, \"\"); print}')\n INSTALL_LOCATION=$(echo \"$PKGINFO\" | awk '/<key>install-location<\\/key>/ {getline; gsub(/.*<string>|<\\/string>.*/, \"\"); print}')\n\n if [ -z \"$INSTALL_LOCATION\" ] || [ \"$INSTALL_LOCATION\" = \"/\" ]; then\n FULL_INSTALL_LOCATION=\"$VOLUME\"\n else\n FULL_INSTALL_LOCATION=\"$VOLUME/$INSTALL_LOCATION\"\n FULL_INSTALL_LOCATION=$(echo \"$FULL_INSTALL_LOCATION\" | sed 's|//|/|g')\n fi\n\n echo \"sudo pkgutil --only-files --files \\\"$PKGID\\\" | sed \\\"s|^|${FULL_INSTALL_LOCATION}/|\\\" | tr '\\\\\\\\n' '\\\\\\\\0' | /usr/bin/sudo -u root -E -- /usr/bin/xargs -0 -- /bin/rm -rf\"\n sudo pkgutil --only-files --files \"$PKGID\" | sed \"s|^|/${INSTALL_LOCATION}/|\" | tr '\\n' '\\0' | /usr/bin/sudo -u root -E -- /usr/bin/xargs -0 -- /bin/rm -rf\n\n echo \"sudo pkgutil --only-dirs --files \\\"$PKGID\\\" | sed \\\"s|^|${FULL_INSTALL_LOCATION}/|\\\" | grep '\\\\.app$' | tr '\\\\\\\\n' '\\\\\\\\0' | /usr/bin/sudo -u root -E -- /usr/bin/xargs -0 -- /bin/rm -rf\"\n sudo pkgutil --only-dirs --files \"$PKGID\" | sed \"s|^|${FULL_INSTALL_LOCATION}/|\" | grep '\\.app$' | tr '\\n' '\\0' | /usr/bin/sudo -u root -E -- /usr/bin/xargs -0 -- /bin/rm -rf\n\n root_app_dir=$(\n sudo pkgutil --only-dirs --files \"$PKGID\" \\\n | sed \"s|^|${FULL_INSTALL_LOCATION}/|\" \\\n | grep 'Applications' \\\n | awk '{ print length, $0 }' \\\n | sort -n \\\n | head -n1 \\\n | cut -d' ' -f2-\n )\n if [ -n \"$root_app_dir\" ]; then\n echo \"sudo rmdir -p \\\"$root_app_dir\\\" 2>/dev/null || :\"\n sudo rmdir -p \"$root_app_dir\" 2>/dev/null || :\n fi\n}\n\ntrash() {\n local logged_in_user=\"$1\"\n local target_file=\"$2\"\n local timestamp=\"$(date +%Y-%m-%d-%s)\"\n local rand=\"$(jot -r 1 0 99999)\"\n\n # replace ~ with /Users/$logged_in_user\n if [[ \"$target_file\" == ~* ]]; then\n target_file=\"/Users/$logged_in_user${target_file:1}\"\n fi\n\n local trash=\"/Users/$logged_in_user/.Trash\"\n\n # If the target contains glob characters, expand it and move each match.\n if [[ \"$target_file\" == *[*?[]* ]]; then\n local file file_name\n local matched=false\n local i=0\n # compgen -G expands the (quoted) pattern itself, so paths containing\n # spaces glob correctly; reading line by line keeps each match intact.\n while IFS= read -r file; do\n [[ -n \"$file\" ]] || continue\n [[ -e \"$file\" || -L \"$file\" ]] || continue\n matched=true\n i=$((i + 1))\n file_name=\"$(basename \"$file\")\"\n echo \"removing $file.\"\n # The per-match counter keeps matches that share a basename from\n # overwriting each other in the trash.\n mv -f \"$file\" \"$trash/${file_name}_${timestamp}_${rand}_${i}\"\n done < <(compgen -G \"$target_file\" 2>/dev/null)\n if [[ \"$matched\" == false ]]; then\n echo \"$target_file doesn't exist.\"\n fi\n return\n fi\n\n local file_name=\"$(basename \"${target_file}\")\"\n\n if [[ -e \"$target_file\" ]]; then\n echo \"removing $target_file.\"\n mv -f \"$target_file\" \"$trash/${file_name}_${timestamp}_${rand}\"\n else\n echo \"$target_file doesn't exist.\"\n fi\n}\n\nremove_launchctl_service 'com.citrix.AuthManager_Mac'\nremove_launchctl_service 'com.citrix.ctxusbd'\nremove_launchctl_service 'com.citrix.CtxWorkspaceHelperDaemon'\nremove_launchctl_service 'com.citrix.ctxworkspaceupdater'\nremove_launchctl_service 'com.citrix.devicetrust.launchagent'\nremove_launchctl_service 'com.citrix.ReceiverHelper'\nremove_launchctl_service 'com.citrix.ReceiverUninstallHelper'\nremove_launchctl_service 'com.citrix.safariadapter'\nremove_launchctl_service 'com.citrix.ServiceRecords'\nremove_launchctl_service 'com.citrix.UninstallMonitor'\nquit_application 'Citrix.ServiceRecords'\nquit_application 'com.citrix.CitrixReceiverLauncher'\nquit_application 'com.citrix.receiver.nomas'\nquit_application 'com.citrix.ReceiverHelper'\nremove_pkg_files 'com.citrix.common'\nforget_pkg 'com.citrix.common'\nremove_pkg_files 'com.citrix.devicetrust.client'\nforget_pkg 'com.citrix.devicetrust.client'\nremove_pkg_files 'com.citrix.devicetrust.client.ica'\nforget_pkg 'com.citrix.devicetrust.client.ica'\nremove_pkg_files 'com.citrix.enterprisebrowserinstaller'\nforget_pkg 'com.citrix.enterprisebrowserinstaller'\nremove_pkg_files 'com.citrix.ICAClient'\nforget_pkg 'com.citrix.ICAClient'\nremove_pkg_files 'com.citrix.ICAClientcwa'\nforget_pkg 'com.citrix.ICAClientcwa'\nremove_pkg_files 'com.citrix.ICAClienthdx'\nforget_pkg 'com.citrix.ICAClienthdx'\ntrash $LOGGED_IN_USER '~/Library/Application Support/Citrix Receiver'\ntrash $LOGGED_IN_USER '~/Library/Application Support/Citrix Workspace'\ntrash $LOGGED_IN_USER '~/Library/Application Support/Citrix'\ntrash $LOGGED_IN_USER '~/Library/Application Support/com.citrix.CitrixReceiverLauncher'\ntrash $LOGGED_IN_USER '~/Library/Application Support/com.citrix.HdxRtcEngine'\ntrash $LOGGED_IN_USER '~/Library/Application Support/com.citrix.receiver*'\ntrash $LOGGED_IN_USER '~/Library/Application Support/com.citrix.ReceiverUpdater'\ntrash $LOGGED_IN_USER '~/Library/Caches/com.citrix.receiver*'\ntrash $LOGGED_IN_USER '~/Library/HTTPStorages/com.citrix.CitrixReceiverLauncher'\ntrash $LOGGED_IN_USER '~/Library/HTTPStorages/com.citrix.receiver*'\ntrash $LOGGED_IN_USER '~/Library/Logs/Citrix Workspace'\ntrash $LOGGED_IN_USER '~/Library/Preferences/com.citrix.AuthManager.plist'\ntrash $LOGGED_IN_USER '~/Library/Preferences/com.citrix.CitrixReceiverLauncher.plist'\ntrash $LOGGED_IN_USER '~/Library/Preferences/com.citrix.HdxRtcEngine.plist'\ntrash $LOGGED_IN_USER '~/Library/Preferences/com.citrix.receiver*.plist'\ntrash $LOGGED_IN_USER '~/Library/Preferences/com.citrix.Receiver*.plist'\ntrash $LOGGED_IN_USER '~/Library/Saved Application State/com.citrix.receiver.nomas.savedState'\ntrash $LOGGED_IN_USER '~/Library/WebKit/com.citrix.receiver.nomas'\n", | ||
| "fe7ba180": "#!/bin/bash\n\n# variables\nAPPDIR=\"/Applications/\"\nTMPDIR=$(dirname \"$(realpath \"$INSTALLER_PATH\")\")\n# functions\n\nquit_and_track_application() {\n local bundle_id=\"$1\"\n local var_name=\"APP_WAS_RUNNING_$(echo \"$bundle_id\" | tr '.-' '__')\"\n local timeout_duration=10\n\n # check if the application is running\n local app_running\n app_running=$(osascript -e \"application id \\\"$bundle_id\\\" is running\" 2>/dev/null)\n if [[ \"$app_running\" != \"true\" ]]; then\n eval \"export $var_name=0\"\n return\n fi\n\n local console_user\n console_user=$(stat -f \"%Su\" /dev/console)\n if [[ -z \"$console_user\" || \"$console_user\" == \"root\" || \"$console_user\" == \"loginwindow\" ]]; then\n echo \"Not logged into a non-root GUI; skipping quitting application ID '$bundle_id'.\"\n eval \"export $var_name=0\"\n return\n fi\n\n # App was running, mark it for relaunch\n eval \"export $var_name=1\"\n echo \"Application '$bundle_id' was running; will relaunch after installation.\"\n\n echo \"Quitting application '$bundle_id'...\"\n\n # try to quit the application within the timeout period\n local quit_success=false\n SECONDS=0\n while (( SECONDS < timeout_duration )); do\n if osascript -e \"tell application id \\\"$bundle_id\\\" to quit\" >/dev/null 2>&1; then\n if ! pgrep -f \"$bundle_id\" >/dev/null 2>&1; then\n echo \"Application '$bundle_id' quit successfully.\"\n quit_success=true\n break\n fi\n fi\n sleep 1\n done\n\n if [[ \"$quit_success\" = false ]]; then\n echo \"Application '$bundle_id' did not quit.\"\n fi\n}\n\n\nrelaunch_application() {\n local bundle_id=\"$1\"\n local var_name=\"APP_WAS_RUNNING_$(echo \"$bundle_id\" | tr '.-' '__')\"\n local was_running\n\n # Check if the app was running before installation\n eval \"was_running=\\$$var_name\"\n if [[ \"$was_running\" != \"1\" ]]; then\n return\n fi\n\n local console_user\n console_user=$(stat -f \"%Su\" /dev/console)\n if [[ -z \"$console_user\" || \"$console_user\" == \"root\" || \"$console_user\" == \"loginwindow\" ]]; then\n echo \"Not logged into a non-root GUI; skipping relaunching application ID '$bundle_id'.\"\n return\n fi\n\n echo \"Relaunching application '$bundle_id'...\"\n\n # Launch the app in the logged-in user's GUI session. Apps launched by root\n # won't register with the user's Dock/GUI, so run 'open' as the console user.\n # Use 'launchctl asuser' to bootstrap into the console user's Mach namespace\n # and GUI session — 'sudo -u' alone doesn't do this, which can cause\n # LSOpenURLsWithRole() failures even when 'open' exits 0.\n local open_status=0\n if [[ $EUID -eq 0 ]]; then\n local console_uid\n console_uid=$(id -u \"$console_user\")\n /bin/launchctl asuser \"$console_uid\" sudo -u \"$console_user\" open -b \"$bundle_id\" >/dev/null 2>&1 || open_status=$?\n else\n open -b \"$bundle_id\" >/dev/null 2>&1 || open_status=$?\n fi\n\n if [[ $open_status -eq 0 ]]; then\n echo \"Application '$bundle_id' relaunched successfully.\"\n else\n echo \"Failed to relaunch application '$bundle_id'.\"\n fi\n}\n\n\n# install pkg files\nquit_and_track_application 'com.citrix.receiver.nomas'\nsudo installer -pkg \"$TMPDIR/CitrixWorkspaceAppUniversal26.03.0.49.pkg\" -target /\nrelaunch_application 'com.citrix.receiver.nomas'\n" | ||
| "a1c686b5": "#!/bin/bash\n\n# variables\nLOGGED_IN_USER=$(scutil <<< \"show State:/Users/ConsoleUser\" | awk '/Name :/ { print $3 }')\n# functions\n\nexpand_pkgid_and_map() {\n local PKGID=\"$1\"\n local FUNC=\"$2\"\n if [[ \"$PKGID\" == *\"*\" ]]; then\n local prefix=\"${PKGID%\\*}\"\n echo \"Expanding wildcard for PKGID: $PKGID\"\n for receipt in $(pkgutil --pkgs | grep \"^${prefix}\"); do\n echo \"Processing $receipt\"\n \"$FUNC\" \"$receipt\"\n done\n else\n \"$FUNC\" \"$PKGID\"\n fi\n}\n\nforget_pkg() {\n local PKGID=\"$1\"\n expand_pkgid_and_map \"$PKGID\" forget_receipt\n}\n\nforget_receipt() {\n local PKGID=\"$1\"\n sudo pkgutil --forget \"$PKGID\"\n}\n\nquit_application() {\n local bundle_id=\"$1\"\n local timeout_duration=10\n\n # check if the application is running\n local app_running\n app_running=$(osascript -e \"application id \\\"$bundle_id\\\" is running\" 2>/dev/null)\n if [[ \"$app_running\" != \"true\" ]]; then\n return\n fi\n\n local console_user\n console_user=$(stat -f \"%Su\" /dev/console)\n if [[ -z \"$console_user\" || \"$console_user\" == \"root\" || \"$console_user\" == \"loginwindow\" ]]; then\n echo \"Not logged into a non-root GUI; skipping quitting application ID '$bundle_id'.\"\n return\n fi\n\n echo \"Quitting application '$bundle_id'...\"\n\n # try to quit the application within the timeout period\n local quit_success=false\n SECONDS=0\n while (( SECONDS < timeout_duration )); do\n if osascript -e \"tell application id \\\"$bundle_id\\\" to quit\" >/dev/null 2>&1; then\n if ! pgrep -f \"$bundle_id\" >/dev/null 2>&1; then\n echo \"Application '$bundle_id' quit successfully.\"\n quit_success=true\n break\n fi\n fi\n sleep 1\n done\n\n if [[ \"$quit_success\" = false ]]; then\n echo \"Application '$bundle_id' did not quit.\"\n fi\n}\n\n\nremove_launchctl_service() {\n local service=\"$1\"\n local booleans=(\"true\" \"false\")\n local plist_status\n local paths\n local should_sudo\n\n echo \"Removing launchctl service ${service}\"\n\n for should_sudo in \"${booleans[@]}\"; do\n plist_status=$(launchctl list \"${service}\" 2>/dev/null)\n\n if [[ $plist_status == \\{* ]]; then\n if [[ $should_sudo == \"true\" ]]; then\n sudo launchctl remove \"${service}\"\n else\n launchctl remove \"${service}\"\n fi\n sleep 1\n fi\n\n paths=(\n \"/Library/LaunchAgents/${service}.plist\"\n \"/Library/LaunchDaemons/${service}.plist\"\n )\n\n # if not using sudo, prepend the home directory to the paths\n if [[ $should_sudo == \"false\" ]]; then\n for i in \"${!paths[@]}\"; do\n paths[i]=\"${HOME}${paths[i]}\"\n done\n fi\n\n for path in \"${paths[@]}\"; do\n if [[ -e \"$path\" ]]; then\n if [[ $should_sudo == \"true\" ]]; then\n sudo rm -f -- \"$path\"\n else\n rm -f -- \"$path\"\n fi\n fi\n done\n done\n}\n\nremove_pkg_files() {\n local PKGID=\"$1\"\n expand_pkgid_and_map \"$PKGID\" remove_receipt_files\n}\n\nremove_receipt_files() {\n local PKGID=\"$1\"\n local PKGINFO VOLUME INSTALL_LOCATION FULL_INSTALL_LOCATION\n\n echo \"pkgutil --pkg-info-plist \\\"$PKGID\\\"\"\n PKGINFO=$(pkgutil --pkg-info-plist \"$PKGID\")\n VOLUME=$(echo \"$PKGINFO\" | awk '/<key>volume<\\/key>/ {getline; gsub(/.*<string>|<\\/string>.*/, \"\"); print}')\n INSTALL_LOCATION=$(echo \"$PKGINFO\" | awk '/<key>install-location<\\/key>/ {getline; gsub(/.*<string>|<\\/string>.*/, \"\"); print}')\n\n if [ -z \"$INSTALL_LOCATION\" ] || [ \"$INSTALL_LOCATION\" = \"/\" ]; then\n FULL_INSTALL_LOCATION=\"$VOLUME\"\n else\n FULL_INSTALL_LOCATION=\"$VOLUME/$INSTALL_LOCATION\"\n FULL_INSTALL_LOCATION=$(echo \"$FULL_INSTALL_LOCATION\" | sed 's|//|/|g')\n fi\n\n echo \"sudo pkgutil --only-files --files \\\"$PKGID\\\" | sed \\\"s|^|${FULL_INSTALL_LOCATION}/|\\\" | tr '\\\\\\\\n' '\\\\\\\\0' | /usr/bin/sudo -u root -E -- /usr/bin/xargs -0 -- /bin/rm -rf\"\n sudo pkgutil --only-files --files \"$PKGID\" | sed \"s|^|/${INSTALL_LOCATION}/|\" | tr '\\n' '\\0' | /usr/bin/sudo -u root -E -- /usr/bin/xargs -0 -- /bin/rm -rf\n\n echo \"sudo pkgutil --only-dirs --files \\\"$PKGID\\\" | sed \\\"s|^|${FULL_INSTALL_LOCATION}/|\\\" | grep '\\\\.app$' | tr '\\\\\\\\n' '\\\\\\\\0' | /usr/bin/sudo -u root -E -- /usr/bin/xargs -0 -- /bin/rm -rf\"\n sudo pkgutil --only-dirs --files \"$PKGID\" | sed \"s|^|${FULL_INSTALL_LOCATION}/|\" | grep '\\.app$' | tr '\\n' '\\0' | /usr/bin/sudo -u root -E -- /usr/bin/xargs -0 -- /bin/rm -rf\n\n root_app_dir=$(\n sudo pkgutil --only-dirs --files \"$PKGID\" \\\n | sed \"s|^|${FULL_INSTALL_LOCATION}/|\" \\\n | grep 'Applications' \\\n | awk '{ print length, $0 }' \\\n | sort -n \\\n | head -n1 \\\n | cut -d' ' -f2-\n )\n if [ -n \"$root_app_dir\" ]; then\n echo \"sudo rmdir -p \\\"$root_app_dir\\\" 2>/dev/null || :\"\n sudo rmdir -p \"$root_app_dir\" 2>/dev/null || :\n fi\n}\n\ntrash() {\n local logged_in_user=\"$1\"\n local target_file=\"$2\"\n local timestamp=\"$(date +%Y-%m-%d-%s)\"\n local rand=\"$(jot -r 1 0 99999)\"\n\n # replace ~ with /Users/$logged_in_user\n if [[ \"$target_file\" == ~* ]]; then\n target_file=\"/Users/$logged_in_user${target_file:1}\"\n fi\n\n local trash=\"/Users/$logged_in_user/.Trash\"\n\n # If the target contains glob characters, expand it and move each match.\n if [[ \"$target_file\" == *[*?[]* ]]; then\n local file file_name\n local matched=false\n local i=0\n # compgen -G expands the (quoted) pattern itself, so paths containing\n # spaces glob correctly; reading line by line keeps each match intact.\n while IFS= read -r file; do\n [[ -n \"$file\" ]] || continue\n [[ -e \"$file\" || -L \"$file\" ]] || continue\n matched=true\n i=$((i + 1))\n file_name=\"$(basename \"$file\")\"\n echo \"removing $file.\"\n # The per-match counter keeps matches that share a basename from\n # overwriting each other in the trash.\n mv -f \"$file\" \"$trash/${file_name}_${timestamp}_${rand}_${i}\"\n done < <(compgen -G \"$target_file\" 2>/dev/null)\n if [[ \"$matched\" == false ]]; then\n echo \"$target_file doesn't exist.\"\n fi\n return\n fi\n\n local file_name=\"$(basename \"${target_file}\")\"\n\n if [[ -e \"$target_file\" ]]; then\n echo \"removing $target_file.\"\n mv -f \"$target_file\" \"$trash/${file_name}_${timestamp}_${rand}\"\n else\n echo \"$target_file doesn't exist.\"\n fi\n}\n\nremove_launchctl_service 'com.citrix.AuthManager_Mac'\nremove_launchctl_service 'com.citrix.ctxusbd'\nremove_launchctl_service 'com.citrix.CtxWorkspaceHelperDaemon'\nremove_launchctl_service 'com.citrix.ctxworkspaceupdater'\nremove_launchctl_service 'com.citrix.devicetrust.launchagent'\nremove_launchctl_service 'com.citrix.ReceiverHelper'\nremove_launchctl_service 'com.citrix.ReceiverUninstallHelper'\nremove_launchctl_service 'com.citrix.ReceiverUpdaterHelper'\nremove_launchctl_service 'com.citrix.safariadapter'\nremove_launchctl_service 'com.citrix.ServiceRecords'\nremove_launchctl_service 'com.citrix.UninstallMonitor'\nquit_application 'Citrix.ServiceRecords'\nquit_application 'com.citrix.CitrixReceiverLauncher'\nquit_application 'com.citrix.receiver.nomas'\nquit_application 'com.citrix.ReceiverHelper'\nremove_pkg_files 'com.citrix.common'\nforget_pkg 'com.citrix.common'\nremove_pkg_files 'com.citrix.devicetrust.client'\nforget_pkg 'com.citrix.devicetrust.client'\nremove_pkg_files 'com.citrix.devicetrust.client.ica'\nforget_pkg 'com.citrix.devicetrust.client.ica'\nremove_pkg_files 'com.citrix.enterprisebrowserinstaller'\nforget_pkg 'com.citrix.enterprisebrowserinstaller'\nremove_pkg_files 'com.citrix.ICAClient'\nforget_pkg 'com.citrix.ICAClient'\nremove_pkg_files 'com.citrix.ICAClientcwa'\nforget_pkg 'com.citrix.ICAClientcwa'\nremove_pkg_files 'com.citrix.ICAClienthdx'\nforget_pkg 'com.citrix.ICAClienthdx'\nremove_pkg_files 'com.citrix.receiver.bcr'\nforget_pkg 'com.citrix.receiver.bcr'\ntrash $LOGGED_IN_USER '~/Library/Application Support/Citrix Receiver'\ntrash $LOGGED_IN_USER '~/Library/Application Support/Citrix Workspace'\ntrash $LOGGED_IN_USER '~/Library/Application Support/Citrix'\ntrash $LOGGED_IN_USER '~/Library/Application Support/com.citrix.CitrixReceiverLauncher'\ntrash $LOGGED_IN_USER '~/Library/Application Support/com.citrix.HdxRtcEngine'\ntrash $LOGGED_IN_USER '~/Library/Application Support/com.citrix.receiver*'\ntrash $LOGGED_IN_USER '~/Library/Application Support/com.citrix.ReceiverUpdater'\ntrash $LOGGED_IN_USER '~/Library/Caches/com.citrix.receiver*'\ntrash $LOGGED_IN_USER '~/Library/HTTPStorages/com.citrix.CitrixReceiverLauncher'\ntrash $LOGGED_IN_USER '~/Library/HTTPStorages/com.citrix.receiver*'\ntrash $LOGGED_IN_USER '~/Library/Logs/Citrix Workspace'\ntrash $LOGGED_IN_USER '~/Library/Preferences/com.citrix.AuthManager.plist'\ntrash $LOGGED_IN_USER '~/Library/Preferences/com.citrix.CitrixReceiverLauncher.plist'\ntrash $LOGGED_IN_USER '~/Library/Preferences/com.citrix.HdxRtcEngine.plist'\ntrash $LOGGED_IN_USER '~/Library/Preferences/com.citrix.receiver*.plist'\ntrash $LOGGED_IN_USER '~/Library/Preferences/com.citrix.Receiver*.plist'\ntrash $LOGGED_IN_USER '~/Library/Saved Application State/com.citrix.receiver.nomas.savedState'\ntrash $LOGGED_IN_USER '~/Library/WebKit/com.citrix.receiver.nomas'\n", |
There was a problem hiding this comment.
🎯 Functional Correctness | 🟠 Major | ⚡ Quick win
Unload and delete LaunchAgents in the console user’s domain.
Line 19’s remove_launchctl_service non-sudo branch still uses the current process context (launchctl remove + $HOME). When this uninstall runs as root, it targets /var/root instead of /Users/$LOGGED_IN_USER, so the added Citrix user LaunchAgents are left behind.
Suggested fix
remove_launchctl_service() {
local service="$1"
+ local console_uid
+ console_uid=$(id -u "$LOGGED_IN_USER")
local booleans=("true" "false")
local plist_status
local paths
local should_sudo
@@
- if [[ $plist_status == \{* ]]; then
+ if [[ $plist_status == \{* ]]; then
if [[ $should_sudo == "true" ]]; then
sudo launchctl remove "${service}"
else
- launchctl remove "${service}"
+ /bin/launchctl asuser "$console_uid" launchctl remove "${service}"
fi
sleep 1
fi
- paths=(
- "/Library/LaunchAgents/${service}.plist"
- "/Library/LaunchDaemons/${service}.plist"
- )
-
- # if not using sudo, prepend the home directory to the paths
- if [[ $should_sudo == "false" ]]; then
- for i in "${!paths[@]}"; do
- paths[i]="${HOME}${paths[i]}"
- done
- fi
+ if [[ $should_sudo == "true" ]]; then
+ paths=(
+ "/Library/LaunchAgents/${service}.plist"
+ "/Library/LaunchDaemons/${service}.plist"
+ )
+ else
+ paths=(
+ "/Users/$LOGGED_IN_USER/Library/LaunchAgents/${service}.plist"
+ )
+ fi🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@ee/maintained-apps/outputs/citrix-workspace/darwin.json` at line 19, The
non-sudo path in remove_launchctl_service is using the current process context,
so when this uninstall runs as root it removes LaunchAgents from /var/root
instead of the console user’s domain. Update remove_launchctl_service to unload
and delete plist files for the logged-in user captured in LOGGED_IN_USER, and
make sure the launchctl/remove logic targets that user domain rather than
relying on HOME/current context.
|
Closing in favor of #48308. |
Automated ingestion of latest Fleet-maintained app data.
Summary by CodeRabbit