lp:~speck/sparkle/scheduled_updaterDidNotFindUpdate
- Get this branch:
- bzr branch lp:~speck/sparkle/scheduled_updaterDidNotFindUpdate
Branch merges
- No reviews requested
Related bugs
Bug #275463: SUScheduledUpdateDriver doesn't call updaterDidNotFindUpdate | High | Fix Committed |
Related blueprints
Branch information
Recent revisions
- 318. By Andy Matuschak
-
Fixes 271378
Sparkle is now willing to install a bundle in the archive with the same bundle identifier as the running app as a fallback strategy.
Thanks to Jim Turner for the patch.
- 317. By Andy Matuschak
-
Fixes 272211
Sparkle is now installing .pkgs by launching Installer.app with open instead of NSWorkspace; the latter resulted in strange window ordering. Thanks to Peter Speck for the patch.
- 312. By Andy Matuschak
-
Fixes 268756
When determining LSUIElement status, Sparkle now asks the process manager instead of checking Info.plist; this'll support apps that change their LSUIElement status at runtime.
- 311. By Andy Matuschak
-
Fixes 268723
Now forcing a DSA signature check if the client provides a public key with the app.
- 310. By Andy Matuschak
-
More security tidbits!
This patch prevents malicious downgrades, which are still possible with DSA validation: suppose there's some (signed) version with a security hole. A malicious attacker could serve an appcast with that version's URL and DSA signature, but a higher version number, forcing the user to "upgrade" to the version with the security hole.
While I was at it, I fixed a bug that should have completely stopped .pkg installation from working since 1.5b1. Why didn't I hear anything about that? Does anyone actually use .pkgs? It still needs testing to be sure it works.
Branch metadata
- Branch format:
- Branch format 6
- Repository format:
- Bazaar pack repository format 1 (needs bzr 0.92)