I've removed some duplications in the code, but functionally identical to the last version.
Again, I'll point out that this is only going to show you apps in /Applications, and it's not going to find those that hide the appcast url in the binary (DriveDx, for one, but there are others). Bear in mind that it's a script that shows Sparkle apps that are definitely insecure, and doesn't imply that all the other apps that use Sparkle on your mac are secure. #script version 1.41 set x to (path to startup disk) as text set defaultAppsFolder to "/Applications" set plistContents to "" set pathToAppFolder to x & "Applications:" set infoFilePath to "Contents:info.plist" set theApp to "" set sparkleAppsList to {} set theAppList to do shell script "find " & defaultAppsFolder & " -name Sparkle.framework | awk -F'/' '{print $3}'" set theAppList to paragraphs of theAppList repeat with i from 1 to number of items in theAppList set theApp to text of item i of theAppList set this_item to item i of theAppList set f to pathToAppFolder & this_item & ":" & infoFilePath as string tell application "System Events" if exists property list file f then set thePlist to contents of property list file f set theValue to value of thePlist try if exists SUFeedURL of theValue then set thisSUFeedURL to SUFeedURL of theValue as text if thisSUFeedURL contains "http:" then set theResultString to "Application : " & my theApp & " : " & thisSUFeedURL as text set end of my sparkleAppsList to theResultString & " " end if end if end try end if end tell end repeat display dialog "The following apps do not use secure https connections for the Sparkle updater: " & sparkleAppsList as string buttons "OK" default button "OK" with title "Sparkle Framework Vulnerability Check" #EOF _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com