Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Skip safe atomic swap if update has custom update security policy #2593

Merged
merged 2 commits into from
Jun 29, 2024
Merged

Skip safe atomic swap if update has custom update security policy #2593

merged 2 commits into from
Jun 29, 2024

Conversation

zorgiepoo
Copy link
Member

@zorgiepoo zorgiepoo commented Jun 29, 2024
edited
Loading

Fixes #2591

Misc Checklist

  • My change requires a documentation update on Sparkle's website repository
  • My change requires changes to generate_appcast, generate_keys, or sign_update

Testing

Also we emit a warning if the app has a NSUpdateSecurityPolicy when checking if the updater is configured correctly.

I tested and verified my change by using one or multiple of these methods:

  • Sparkle Test App
  • Unit Tests
  • My own app
  • Other (please specify)

Workflows:

  • Tested old notarized app (no NSUpdateSecurityPolicy) updating to new notarized app (no NSUpdateSecurityPolicy) (regular workflow)
  • Tested old notarized app (setapp-like NSUpdateSecurityPolicy) updating to new notarized app (no NSUpdateSecurityPolicy) -- atomic swap works without prompt
  • Tested old notarized app (no NSUpdateSecurityPolicy) updating to new notarized app (setapp-like NSUpdateSecurityPolicy) -- no atomic swap
  • Tested old notarized app (setapp-like NSUpdateSecurityPolicy) updating to new notarized app (setapp-like NSUpdateSecurityPolicy) -- no atomic swap
  • Tested warnings are logged whenever app adopts NSUpdateSecurityPolicy

macOS version tested: 14.5 (23F79)

@zorgiepoo zorgiepoo added this to the 2.6.4 milestone Jun 29, 2024
@zorgiepoo zorgiepoo merged commit a4badef into 2.x Jun 29, 2024
2 checks passed
@zorgiepoo zorgiepoo deleted the ignore-custom-update-security-policy branch June 29, 2024 22:15
@zorgiepoo zorgiepoo mentioned this pull request Jun 29, 2024
Closed
zorgiepoo added a commit that referenced this pull request Jun 29, 2024
@zorgiepoo
Skip safe atomic swap if update has custom update security policy (#2593
b8986f6 
)

Also emit a warning when checking if the updater is configured correctly.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
2.6.4
Development

Successfully merging this pull request may close these issues.

App modification prompt when new downloaded update overrides NSUpdateSecurityPolicy
1 participant
@zorgiepoo