It looks safe...
> On Feb 10, 2016, at 07:39, diede...@tenhorses.com wrote:
>
> You can do that in the terminal, I found this terminal command online:
>
> find /Applications -name Sparkle.framework | awk -F'/' '{print $3}' | awk
> -F'.' '{print $1}'
This finds all files named Sparkle.framework in your applications folder and
pipes the path as a string to awk, which tokenizes the string first on '/' and
prints the 3rd token which is piped to awk again which this time tokenizes on
'.' (This is stripping of '.app') and prints the first token, the application
name.
Sandor
>
> This returns:
> Cornerstone
> Sequel Pro
>
> on my Mac Book Pro...
>
> Important note: I did not come up with this myself and was a bit nervous
> running it in the terminal.
>
> Any Linux guru's on this list that can say whether the above command is OK
> to run in all circumstances?
>
>
>
>
>>
>> On 10 Feb 2016, at 13:59, diede...@tenhorses.com wrote:
>> tell them how they can find out which apps use
>> Sparkle??
>>
>>
>> On 10 Feb 2016, at 13:59, diede...@tenhorses.com wrote:
>> tell them how they can find out which apps use
>> Sparkle??
>>
>>
>> I was thinking of writing a script for this, checking for SUFeedURL for
>> every .app bundle, but
>>
>> i. is there already an easy way to check which apps use Sparkle?
>>
>> ii. I donât see an easy way for users to tell what version of Sparkle is
>> installed in an app.Â
>> Does anyone know where the Sparkle version number is hidden in the bundle?
>>
>> ii. given what Roland and Ken both say downthread, vis:
>>
>> If the release notes are via a separate URL and that URL is HTTP rather
>> than HTTPS, then the attacker can spoof it
>>
>> it looks like just checking the SUFeedURL for http or https wonât be
>> enough to determine if the app is safe for any app running older versions
>> than Sparkle 1.13. Of course, we should all update to the latest version,
>> but I have one app that has to be 10.6 compatible and that canât use
>> anything but an  ***old*** version of Sparkle. The app cast and release
>> notes are both https so Iâm assuming this is secure (at least regarding
>> this particular issueâ¦).Â
>>
>>
>>
>> Best
>>
>>
>> Phil
>> _______________________________________________
>>
>> Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)
>>
>> Please do not post admin requests or moderator comments to the list.
>> Contact the moderators at cocoa-dev-admins(at)lists.apple.com
>>
>> Help/Unsubscribe/Update your Subscription:
>> https://lists.apple.com/mailman/options/cocoa-dev/diederik%40tenhorses.com
>>
>> This email sent to diede...@tenhorses.com
>
> _______________________________________________
>
> Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)
>
> Please do not post admin requests or moderator comments to the list.
> Contact the moderators at cocoa-dev-admins(at)lists.apple.com
>
> Help/Unsubscribe/Update your Subscription:
> https://lists.apple.com/mailman/options/cocoa-dev/admin.szatmari.net%40gmail.com
>
> This email sent to admin.szatmari....@gmail.com
_______________________________________________
Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com
This email sent to arch...@mail-archive.com
