Skip to content

Commit 1224d0f

Browse files
ychinychin
committed
Force Sparkle updater to always verify update and to use signed appcast
Sparkle 2.9 introduced the ability to verify appcast feeds using a signature. Turn that on to prevent MITM attacks. This requires the appcast on the server side to be re-generated with signature at the end. This was done in macvim-dev/macvim-dev.github.io#5.
1 parent 2974765 commit 1224d0f

File tree

1 file changed

+4
-0
lines changed

1 file changed

+4
-0
lines changed

src/MacVim/Info.plist

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1311,6 +1311,10 @@
13111311
</array>
13121312
<key>MMWhatsNewURL</key>
13131313
<string>https://macvim.org/release-notes/whatsnew.html</string>
1314+
<key>SUVerifyUpdateBeforeExtraction</key>
1315+
<string>YES</string>
1316+
<key>SURequireSignedFeed</key>
1317+
<string>YES</string>
13141318
<key>SUEnableJavaScript</key>
13151319
<string>YES</string>
13161320
<key>SUFeedURL</key>

0 commit comments

Comments
 (0)