fix: abort install if target app is running; resolve target path once#304
Closed
MarshallOfSound wants to merge 1 commit into
Closed
fix: abort install if target app is running; resolve target path once#304MarshallOfSound wants to merge 1 commit into
MarshallOfSound wants to merge 1 commit into
Conversation
beb8a21 to
4c38c41
Compare
3d7a29f to
c3372e4
Compare
6469f67 to
fa1d01a
Compare
c3372e4 to
cef4bab
Compare
[upstream] electron/patches/squirrel.mac/fix_abort_installation_attempt_at_the_final_mile_if_the_app_is.patch [upstream] electron/patches/squirrel.mac/fix_resolve_target_bundle_path_once_at_start_of_install.patch The first patch closes a race between ShipIt launching and performing the atomic rename by checking running applications immediately before the move. The second resolves the target bundle URL once up front, rejects requests whose path traverses symlinks, and threads the canonical URL through the rest of the chain so every step operates on the location validation saw. Adapted: guard the running-app check with a nil bundleIdentifier check (NSRunningApplication throws when passed nil; existing fixtures use nil intentionally). Adds specs for: install rejected when targetBundleURL is a symlink; install aborted with SQRLInstallerErrorAppStillRunning while the target app is running.
fa1d01a to
b4ce0d2
Compare
cef4bab to
0674b38
Compare
This was referenced May 3, 2026
MarshallOfSound
added a commit
that referenced
this pull request
May 3, 2026
Upstreams the remaining `electron/patches/squirrel.mac/` patches into this repo so Electron can eventually drop them. Six commits, **8 files, +537/−51**, **63 → 74 tests**. | Commit | Upstreams | Tests added | |---|---|---| | `feat: SquirrelMacEnableDirectContentsWrite` | `feat_add_new_squirrel_mac_bundle_installation_method_behind_flag` | parent-dir-untouched e2e | | `fix: abort install if app running; resolve target path once` | `fix_abort_installation_attempt_at_the_final_mile_if_the_app_is` + `fix_resolve_target_bundle_path_once_at_start_of_install` | symlink-target rejected, abort-if-running | | `feat: ElectronSquirrelPreventDowngrades` | `feat_add_ability_to_prevent_version_downgrades` | `+isVersionAllowedForUpdate:from:` units | | `refactor: harden ShipIt launch` | `refactor_use_posix_spawn_instead_of_nstask…` + `fix_trigger_shipit_mach_service_after_smjobsubmit…` + `chore_turn_off_launchapplicationaturl_deprecation…` | (existing remote-ShipIt spec exercises new path) | | `refactor: non-deprecated NSKeyedArchiver` | `refactor_use_non-deprecated_nskeyedarchiver_apis` | `SQRLInstallerOwnedBundle` round-trip | | `fix: prune orphaned staged updates` | `fix_clean_up_orphaned_staged_updates_before_downloading_new_update` | unit prune + e2e bounded-count; replaces `xit` | Fixes #124. Fixes #196. Fixes #264. > [!NOTE] > Two adaptations should be backported to Electron's patches: > - `SQRLUpdater.m`: `BOOL launchPrivileged = !targetWritable` in the original `direct-contents-write` patch shadowed the outer var — it was a dead store > - `SQRLInstaller.m`: `runningApplicationsWithBundleIdentifier:` throws on `nil`; guarded it Replaces the stacked #303 / #304 / #305 / #306 / #307 / #309. #302 (strict codesign validation) stays separate — it touches only `SQRLCodeSignature.m`.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Stacked on #303.
Upstreams
fix_abort_installation_attempt_at_the_final_mile_if_the_app_is.patch+fix_resolve_target_bundle_path_once_at_start_of_install.patch. Two new specs (symlink-target rejected, abort-if-running).Note
Guarded
runningApplicationsWithBundleIdentifier:with a nil check (throws on nil; existing fixtures use nil). Should be backported to Electron's patch.Part of upstreaming
electron/patches/squirrel.mac/into this repo.Fixes #124.