averello/macvim-mirror
1
0
Fork 0
mirror of https://github.com/macvim-dev/macvim.git synced 2026-05-28 00:21:57 +02:00
Code Issues Packages Projects Releases Wiki Activity

Force Sparkle updater to always verify update and to use signed appcast

Browse Source 
Sparkle 2.9 introduced the ability to verify appcast feeds using a
signature. Turn that on to prevent MITM attacks.

This requires the appcast on the server side to be re-generated with
signature at the end. This was done in
macvim-dev/macvim-dev.github.io#5.
This commit is contained in:
Yee Cheng Chin
2026-04-06 17:01:21 -07:00
parent 297476521e
commit 1224d0f586
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/MacVim/Info.plist
+4
View File
@@ -1311,6 +1311,10 @@
</array>
<key>MMWhatsNewURL</key>
<string>https://macvim.org/release-notes/whatsnew.html</string>
<key>SUVerifyUpdateBeforeExtraction</key>
<string>YES</string>
<key>SURequireSignedFeed</key>
<string>YES</string>
<key>SUEnableJavaScript</key>
<string>YES</string>
<key>SUFeedURL</key>