sparkle-project · zorgiepoo · Sep 14, 2025 · Sep 14, 2025
diff --git a/documentation/package-updates/index.md b/documentation/package-updates/index.md
@@ -5,7 +5,7 @@ title: Package Updates
 ---
 ## Package Updates
 
-Package installation allows Sparkle to update your application by downloading and installing a package, `pkg`, or multi-package, `mpkg` usually without user interaction except for asking for an administrator password.
+Package installation allows Sparkle to update your application by downloading and installing a package, `pkg`, or multi-package, `mpkg` without user interaction except for asking for an administrator password.
 
 Note package installation should only be used for apps with very custom installation needs that cannot be satisfied by distributing a regular app bundle. For Sparkle, the downsides of using package updates are:
 
@@ -17,6 +17,8 @@ Note package installation should only be used for apps with very custom installa
 
 Applications that [install daemons](https://developer.apple.com/documentation/servicemanagement/smappservice) or [install system extensions](https://developer.apple.com/documentation/systemextensions/installing-system-extensions-and-drivers) do not need to distribute package installers.
 
+As of Sparkle 2.7.3, installing package updates may not work in development builds of apps where Sparkle's helper tools are not usually re-signed. If this is the case, please [test Sparkle](/documentation#6-test-sparkle-out) either from a notarized version of your app, or from a version that was installed by your package installer.
+
 ### Bare Package Installation
 
 Sparkle supports serving and signing flat `*.pkg` or `*.mpkg` packages directly without having to zip or archive them. This method requires users from old versions of your application to be using [Sparkle 1.26 or later](/documentation/upgrading/). If you have users running older versions of Sparkle, you can expedite migration by [switching to a new appcast](/documentation/publishing/#upgrading-to-newer-features), or use [Archived Package Installation](#archived-package-installation) until the majority of your users update.
@@ -28,13 +30,3 @@ This method is the recommended way of serving package based updates because it a
 A package installation occurs when Sparkle finds a `*.pkg` or `*.mpkg` file in the root of the download archive (e.g, from within a `.zip`).
 
 **Note**: For Sparkle 2, you must also add `sparkle:installationType="package"` to your appcast item's `enclosure` for updating archived packages.
-
-### Interactive Archived UI Installation
-
-**Warning**: This type of installation is deprecated and may be removed one day. Please don't use it for future updates to your application.
-
-An interactive installation occurs when Sparkle finds a `*.sparkle_interactive.pkg` or `*.sparkle_interactive.mpkg` file in the root of the download archive.
-
-The package will be installed using macOS's built-in GUI installer. The installation will require user to manually click through the steps, so we don't recommend this type of installation. You must also archive your package update (e.g, in a `.zip`) to get this behavior.
-
-**Note**: For Sparkle 2, you must also add `sparkle:installationType="interactive-package"` to your appcast item's `enclosure` for updating interactive packages.
diff --git a/documentation/security-and-reliability/index.md b/documentation/security-and-reliability/index.md
@@ -7,8 +7,11 @@ title: Update Improvements
 
 These are a list of *major* security and reliability improvements in Sparkle, or reasons why developers should consider upgrading Sparkle. Note this list is missing many other minor improvements that the [latest production release](//github.com/{{ site.github_username }}/Sparkle/releases) of Sparkle may have.
 
+If you have any security concerns, please report them through the [Security tab on GitHub](https://github.com/sparkle-project/Sparkle/security).
+
 | Version         | Changes                                                                                                                                  |
 | --------------- | -------------------------------------------------------------------------------------------------------------------------------------- |
+| 2.7.3           | Fixes a security issue that allows attacker to gain access to TCC protected files using the Downloader XPC Service (#2763). Fixes an issue that allows an attacker to execute an arbitrary package installation through the Installer XPC Service with a shown authorization prompt, or through a race condition (#2763). Specific details about these local exploits can be found in [this discussion](https://github.com/sparkle-project/Sparkle/discussions/2764).
 | 2.6.4           | Fixes a security issue that allows an attacker to replace an existing signed update with another payload, which bypasses Sparkle's (Ed)DSA signing checks ([#2550](https://github.com/sparkle-project/Sparkle/pull/2550)); updating is strongly recommended and a fix is also backported to 1.27.3. Fixes an issue for sandboxed apps that enable the Downloader XPC Service from conflicting with each other and presenting a system dialog that "Downloader" differs from previously opened versions affecting macOS 14 and later ([#2511](https://github.com/sparkle-project/Sparkle/pull/2511)). Performs a Gatekeeper scan for signed app updates on macOS 14.4 and later so users don't see a system "Verifying..." dialog when an app update is relaunched ([#2505](https://github.com/sparkle-project/Sparkle/pull/2505)). |
 | 2.5.2           | Fixes a rare corruption issue resulting in missing files in the installed bundle, which Gatekeeper may reject ([#2479](https://github.com/sparkle-project/Sparkle/pull/2479)). Adopts macOS 14 Sonoma's cooperative app activation APIs instead of using `-[NSApplication activateIgnoringOtherApps:]` which was deprecated in macOS 14 (mainly impacts background/dockless running apps) ([#2409](https://github.com/sparkle-project/Sparkle/pull/2409)). Fixes updates not installing when executed from a Sparkle CLI utility as root (sudo) user on macOS 14 Sonoma (impacts few out-of-app updaters) ([#2432](https://github.com/sparkle-project/Sparkle/pull/2432)).  |
 | 2.4.2           | Fixes `NSKeyedUnarchiver` decoding warning of appcast item that contains delta updates ([#2383](https://github.com/sparkle-project/Sparkle/pull/2383)). Hardens verification of passing the update's download to Sparkle's Autoupdate helper ([#2392](https://github.com/sparkle-project/Sparkle/pull/2392)). |

diff --git a/documentation/upgrading/index.md b/documentation/upgrading/index.md
@@ -12,6 +12,8 @@ Sparkle 2.7 introduces a new format for delta updates, which preserves the creat
 
 [Custom version comparators](/documentation/api-reference/Protocols/SPUUpdaterDelegate.html#/c:objc(pl)SPUUpdaterDelegate(im)versionComparatorForUpdater:) have been deprecated. Please use an increasing (numerical `x`, `x.y`, or `x.y.z`) `CFBundleVersion` / `sparkle:version` instead and disjoint them from more human presentable `CFBundleShortVersionString` / `sparkle:shortVersionString` if needed.
 
+As of 2.7.3, package updates may need to be tested with a production build of your app, rather than a development one. Please see [package updates](/documentation/package-updates) for more information.
+
 ## Upgrading to Sparkle 2.6
 
 Sparkle 2.6 no longer sandboxes the Downloader XPC Service by default. If you enabled this XPC Service, please see the updated [sandboxing guide](/documentation/sandboxing) for more information.