Sparkle 2.6.4

This fixes a security vulnerability in Sparkle that allows an attacker
to replace an existing signed update with another payload. The security
fix is also backported to Sparkle 1.27.3 which is updated as well, as
MacVim legacy builds (macOS 10.9 - 10.12) still use Sparkle 1.

Sparkle 2.6.4 also contains misc macOS 14 Sonoma improvements, better
signing error logging, and Norwegian locale.

src/MacVim/Sparkle_1.framework/Versions/A/PrivateHeaders/SUUnarchiver.h

@@ -14,7 +14,7 @@ NS_ASSUME_NONNULL_BEGIN
 
 @interface SUUnarchiver : NSObject
 
-+ (nullable id <SUUnarchiverProtocol>)unarchiverForPath:(NSString *)path updatingHostBundlePath:(nullable NSString *)hostPath decryptionPassword:(nullable NSString *)decryptionPassword;
++ (nullable id <SUUnarchiverProtocol>)unarchiverForPath:(NSString *)path extractionDirectory:(NSString *)extractionDirectory updatingHostBundlePath:(nullable NSString *)hostPath decryptionPassword:(nullable NSString *)decryptionPassword;
 
 @end
 

src/MacVim/Sparkle_1.framework/Versions/A/Resources/Autoupdate.app/Contents/Info.plist

@@ -3,7 +3,7 @@
 <plist version="1.0">
 <dict>
 	<key>BuildMachineOSBuild</key>
-	<string>20G224</string>
+	<string>20G1427</string>
 	<key>CFBundleDevelopmentRegion</key>
 	<string>English</string>
 	<key>CFBundleExecutable</key>
@@ -17,15 +17,15 @@
 	<key>CFBundlePackageType</key>
 	<string>APPL</string>
 	<key>CFBundleShortVersionString</key>
-	<string>1.27.1</string>
+	<string>1.27.3</string>
 	<key>CFBundleSignature</key>
 	<string>????</string>
 	<key>CFBundleSupportedPlatforms</key>
 	<array>
 		<string>MacOSX</string>
 	</array>
 	<key>CFBundleVersion</key>
-	<string>1.106</string>
+	<string>1.108</string>
 	<key>DTCompiler</key>
 	<string>com.apple.compilers.llvm.clang.1_0</string>
 	<key>DTPlatformBuild</key>

src/MacVim/Sparkle_1.framework/Versions/A/Resources/Autoupdate.app/Contents/_CodeSignature/CodeResources

@@ -14,7 +14,7 @@
 		</data>
 		<key>Resources/SUStatus.nib/keyedobjects-101300.nib</key>
 		<data>
-		CIAIcdXrd5aOBmKYYDM7NGmuxGA=
+		SiFXlXTmWast/yQTJlQK/gow9KA=
 		</data>
 		<key>Resources/SUStatus.nib/keyedobjects.nib</key>
 		<data>
@@ -306,10 +306,10 @@
 		<dict>
 			<key>cdhash</key>
 			<data>
-			lxj3mKIQ39AVZEK38pWMaPSGxUs=
+			jcgrdSsUMQkioU+tnNnArvH9zhI=
 			</data>
 			<key>requirement</key>
-			<string>cdhash H"e3eb91f77d0b03312e38c12fa726c22d3d36648e" or cdhash H"9718f798a210dfd0156442b7f2958c68f486c54b" or cdhash H"3041d686c9337dbc22180e5a50a1619b4300b495" or cdhash H"73d14270b04c7bd6598431fd41162ed85684fb94"</string>
+			<string>cdhash H"31003bffc16925050e7b3eec5a71e47aea92b6bb" or cdhash H"8dc82b752b14310922a14fad9cd9c0aef1fdce12" or cdhash H"7cde26d750c3500632450bbf9fc399e9505d6d77" or cdhash H"ed209ddb228af02e920489579656ecb9bcd8f2a6"</string>
 		</dict>
 		<key>Resources/AppIcon.icns</key>
 		<dict>
@@ -337,11 +337,11 @@
 		<dict>
 			<key>hash</key>
 			<data>
-			CIAIcdXrd5aOBmKYYDM7NGmuxGA=
+			SiFXlXTmWast/yQTJlQK/gow9KA=
 			</data>
 			<key>hash2</key>
 			<data>
-			zQHRg9w5HHkCzf82YkWsfd9mPEYj66NGhFY/cgUMYfQ=
+			QBTzPQLOP3aTBwOvzRY3uQufCdu8zbfov3VSHe17clo=
 			</data>
 		</dict>
 		<key>Resources/SUStatus.nib/keyedobjects.nib</key>

src/MacVim/Sparkle_1.framework/Versions/A/Resources/Info.plist

@@ -3,7 +3,7 @@
 <plist version="1.0">
 <dict>
 	<key>BuildMachineOSBuild</key>
-	<string>20G224</string>
+	<string>20G1427</string>
 	<key>CFBundleDevelopmentRegion</key>
 	<string>en</string>
 	<key>CFBundleExecutable</key>
@@ -17,15 +17,15 @@
 	<key>CFBundlePackageType</key>
 	<string>FMWK</string>
 	<key>CFBundleShortVersionString</key>
-	<string>1.27.1</string>
+	<string>1.27.3</string>
 	<key>CFBundleSignature</key>
 	<string>????</string>
 	<key>CFBundleSupportedPlatforms</key>
 	<array>
 		<string>MacOSX</string>
 	</array>
 	<key>CFBundleVersion</key>
-	<string>1.106</string>
+	<string>1.108</string>
 	<key>DTCompiler</key>
 	<string>com.apple.compilers.llvm.clang.1_0</string>
 	<key>DTPlatformBuild</key>

src/MacVim/Sparkle_1.framework/Versions/A/_CodeSignature/CodeResources

@@ -6,15 +6,15 @@
 	<dict>
 		<key>Resources/Autoupdate.app/Contents/Info.plist</key>
 		<data>
-		xMl5OCmMwZLchLLBvFniL3UGpQg=
+		APH2qFljfERSsboMjpVlWT+nji0=
 		</data>
 		<key>Resources/Autoupdate.app/Contents/MacOS/Autoupdate</key>
 		<data>
-		Xh3f5c6UVUet4LOzqMAxSsi06RY=
+		SAop2eA8dwRnGqOWulHH6Q45RKI=
 		</data>
 		<key>Resources/Autoupdate.app/Contents/MacOS/fileop</key>
 		<data>
-		Z8uMzhhHc0lVnot4JL4EQfpdQ5w=
+		R/zR8NlGb2u/BGEuHBCyZVMGSGQ=
 		</data>
 		<key>Resources/Autoupdate.app/Contents/PkgInfo</key>
 		<data>
@@ -35,7 +35,7 @@
 		</dict>
 		<key>Resources/Autoupdate.app/Contents/Resources/SUStatus.nib/keyedobjects-101300.nib</key>
 		<data>
-		CIAIcdXrd5aOBmKYYDM7NGmuxGA=
+		SiFXlXTmWast/yQTJlQK/gow9KA=
 		</data>
 		<key>Resources/Autoupdate.app/Contents/Resources/SUStatus.nib/keyedobjects.nib</key>
 		<data>
@@ -322,31 +322,31 @@
 		</dict>
 		<key>Resources/Autoupdate.app/Contents/_CodeSignature/CodeResources</key>
 		<data>
-		2CatU/wPMXBy/+ajlp8cX1CywS8=
+		HP5CEjx7ata/M+Do4iOU9fZIdAs=
 		</data>
 		<key>Resources/Base.lproj/SUAutomaticUpdateAlert.nib/keyedobjects-101300.nib</key>
 		<data>
-		+PUiZqV0kcPMMR6WwambfDA6STU=
+		enExLNBqtGVvGiViA9tZNb5sh0U=
 		</data>
 		<key>Resources/Base.lproj/SUAutomaticUpdateAlert.nib/keyedobjects.nib</key>
 		<data>
 		l5KRdkey8A+be1W07Fhr06if6cs=
 		</data>
 		<key>Resources/Base.lproj/SUUpdateAlert.nib/keyedobjects-101300.nib</key>
 		<data>
-		jg0SpUpZa/1peRpoYp6+v/ithH8=
+		dhd1KRbgC3wWMgKQAH2bUv4NzR0=
 		</data>
 		<key>Resources/Base.lproj/SUUpdateAlert.nib/keyedobjects.nib</key>
 		<data>
 		/BoStF/H4BviBJjwr/Esla9j4+w=
 		</data>
 		<key>Resources/Base.lproj/SUUpdatePermissionPrompt.nib/keyedobjects-101300.nib</key>
 		<data>
-		ifsXBmLgFXn4+bfNKu2TSJuDgbk=
+		C6VP+IdQFCmu0u9kNLCPCHhPeFs=
 		</data>
 		<key>Resources/Base.lproj/SUUpdatePermissionPrompt.nib/keyedobjects-110000.nib</key>
 		<data>
-		2Gie18ZNjl7WVt54B7GyyQb5ERU=
+		zJczBFAceq79V6N4zsHQ0jHG+4w=
 		</data>
 		<key>Resources/Base.lproj/SUUpdatePermissionPrompt.nib/keyedobjects.nib</key>
 		<data>
@@ -358,7 +358,7 @@
 		</data>
 		<key>Resources/Info.plist</key>
 		<data>
-		iakg1al5zrNEUK7XxXQQNXrTv94=
+		RS0ZFFUIG4zo1VDi17oHVWsv7gU=
 		</data>
 		<key>Resources/ReleaseNotesColorStyle.css</key>
 		<data>
@@ -370,7 +370,7 @@
 		</data>
 		<key>Resources/SUStatus.nib/keyedobjects-101300.nib</key>
 		<data>
-		k36WOdUrtEn21zSSNQbriMrgMgk=
+		ZyUvTYdNLAWy/PjxfPiiDg3JY+c=
 		</data>
 		<key>Resources/SUStatus.nib/keyedobjects.nib</key>
 		<data>
@@ -1688,44 +1688,44 @@
 		<dict>
 			<key>hash</key>
 			<data>
-			7mTpmnTkJ97DZQQzK/hdl2aZmXU=
+			ajT4ff8G6Thho0/bbP0uDAHGHdY=
 			</data>
 			<key>hash2</key>
 			<data>
-			SQYAanTtlyX15CJapj5tDbhBEMtgQ7ZNdmpSij0+tD4=
+			wlmoqVhU3pHlFe3p0F0ITa5VCxeEUBfmjb46ivnvA/A=
 			</data>
 		</dict>
 		<key>Resources/Autoupdate.app/Contents/Info.plist</key>
 		<dict>
 			<key>hash</key>
 			<data>
-			xMl5OCmMwZLchLLBvFniL3UGpQg=
+			APH2qFljfERSsboMjpVlWT+nji0=
 			</data>
 			<key>hash2</key>
 			<data>
-			hq1xiVfZ/dkAKpJsokJZv6+qa2CplO8a0x6Sal1Wlq0=
+			Sz+/xc8t+koUfqNpZLI4c4OGxuvTqEevGWJhYWueA64=
 			</data>
 		</dict>
 		<key>Resources/Autoupdate.app/Contents/MacOS/Autoupdate</key>
 		<dict>
 			<key>hash</key>
 			<data>
-			Xh3f5c6UVUet4LOzqMAxSsi06RY=
+			SAop2eA8dwRnGqOWulHH6Q45RKI=
 			</data>
 			<key>hash2</key>
 			<data>
-			X/DhnhKKb8ZCKxUdk+xEePvWCvLWKcO+KhLddonk6yA=
+			r8Vo8NjSqT655ZzaVGyvqwoUzGCk14tMYRgA0zrV3O0=
 			</data>
 		</dict>
 		<key>Resources/Autoupdate.app/Contents/MacOS/fileop</key>
 		<dict>
 			<key>hash</key>
 			<data>
-			Z8uMzhhHc0lVnot4JL4EQfpdQ5w=
+			R/zR8NlGb2u/BGEuHBCyZVMGSGQ=
 			</data>
 			<key>hash2</key>
 			<data>
-			ayIog7gbgPcRVj1b71ihXE18zb4isImC8H/JCybO7I0=
+			TqRxhjW2mndGB4Z0q6KvMSSdIOMVUBC9BvHp1Uh8lLI=
 			</data>
 		</dict>
 		<key>Resources/Autoupdate.app/Contents/PkgInfo</key>
@@ -1767,11 +1767,11 @@
 		<dict>
 			<key>hash</key>
 			<data>
-			CIAIcdXrd5aOBmKYYDM7NGmuxGA=
+			SiFXlXTmWast/yQTJlQK/gow9KA=
 			</data>
 			<key>hash2</key>
 			<data>
-			zQHRg9w5HHkCzf82YkWsfd9mPEYj66NGhFY/cgUMYfQ=
+			QBTzPQLOP3aTBwOvzRY3uQufCdu8zbfov3VSHe17clo=
 			</data>
 		</dict>
 		<key>Resources/Autoupdate.app/Contents/Resources/SUStatus.nib/keyedobjects.nib</key>
@@ -2192,22 +2192,22 @@
 		<dict>
 			<key>hash</key>
 			<data>
-			2CatU/wPMXBy/+ajlp8cX1CywS8=
+			HP5CEjx7ata/M+Do4iOU9fZIdAs=
 			</data>
 			<key>hash2</key>
 			<data>
-			07Q9DrRpRG7orHj7tGlGHlyrWkzelfML2ETtRA9TwsE=
+			zd6sCH2br+oLsZP2E37vON1TlnttYf2U7ou6XqT5Rnc=
 			</data>
 		</dict>
 		<key>Resources/Base.lproj/SUAutomaticUpdateAlert.nib/keyedobjects-101300.nib</key>
 		<dict>
 			<key>hash</key>
 			<data>
-			+PUiZqV0kcPMMR6WwambfDA6STU=
+			enExLNBqtGVvGiViA9tZNb5sh0U=
 			</data>
 			<key>hash2</key>
 			<data>
-			m6YLhvnt3oM2jkMhtfnupR9RXiLn/duJshuEzkMMedQ=
+			wzndEMuV5g8jHWLd23T5pvy+02xAggsAsTWAxsevOP4=
 			</data>
 		</dict>
 		<key>Resources/Base.lproj/SUAutomaticUpdateAlert.nib/keyedobjects.nib</key>
@@ -2225,11 +2225,11 @@
 		<dict>
 			<key>hash</key>
 			<data>
-			jg0SpUpZa/1peRpoYp6+v/ithH8=
+			dhd1KRbgC3wWMgKQAH2bUv4NzR0=
 			</data>
 			<key>hash2</key>
 			<data>
-			bAAkLmGNmcoNHcH4x0LCSfI8tjM9/8ya6bkUl7Fs3xU=
+			OCP5+Ypoj3FHeZJvj1YLVvMPVlrZZvRorOqfhozHEcc=
 			</data>
 		</dict>
 		<key>Resources/Base.lproj/SUUpdateAlert.nib/keyedobjects.nib</key>
@@ -2247,22 +2247,22 @@
 		<dict>
 			<key>hash</key>
 			<data>
-			ifsXBmLgFXn4+bfNKu2TSJuDgbk=
+			C6VP+IdQFCmu0u9kNLCPCHhPeFs=
 			</data>
 			<key>hash2</key>
 			<data>
-			W5Srt+BlX58g+VoB//fCuPhairG6hBwps5MfqaiwNEQ=
+			TzvyWrJ90EvDvBmtLQphRUg8jR0FxxZmY21nk+oRjvI=
 			</data>
 		</dict>
 		<key>Resources/Base.lproj/SUUpdatePermissionPrompt.nib/keyedobjects-110000.nib</key>
 		<dict>
 			<key>hash</key>
 			<data>
-			2Gie18ZNjl7WVt54B7GyyQb5ERU=
+			zJczBFAceq79V6N4zsHQ0jHG+4w=
 			</data>
 			<key>hash2</key>
 			<data>
-			gyZ+SfRu/T6s7A3fJiM4g0liFhhsj6F6CneZcwEB/Yo=
+			Gb2JTsRS4eYP5jbowuoSlJ6hH9rEeBhc7ucBAf1HqT8=
 			</data>
 		</dict>
 		<key>Resources/Base.lproj/SUUpdatePermissionPrompt.nib/keyedobjects.nib</key>
@@ -2291,11 +2291,11 @@
 		<dict>
 			<key>hash</key>
 			<data>
-			iakg1al5zrNEUK7XxXQQNXrTv94=
+			RS0ZFFUIG4zo1VDi17oHVWsv7gU=
 			</data>
 			<key>hash2</key>
 			<data>
-			FykLYIr7WHEKuvk/j0ppYuw0ucbYGSA2P26AvMFkcOE=
+			bBvW8TPcX9o58zioHTrcUxS4T5WQbPHt91HyeTIvM80=
 			</data>
 		</dict>
 		<key>Resources/ReleaseNotesColorStyle.css</key>
@@ -2324,11 +2324,11 @@
 		<dict>
 			<key>hash</key>
 			<data>
-			k36WOdUrtEn21zSSNQbriMrgMgk=
+			ZyUvTYdNLAWy/PjxfPiiDg3JY+c=
 			</data>
 			<key>hash2</key>
 			<data>
-			I9zAB0ikX42ZWrttz6HzDKagizXM403yHbS1c+rxLAU=
+			5mYEWwucRT5mF4QJqhlejqV0DwtIW5Ve68yW9GGOu1Y=
 			</data>
 		</dict>
 		<key>Resources/SUStatus.nib/keyedobjects.nib</key>

src/MacVim/Sparkle_2.framework/Versions/B/Headers/SPUStandardUpdaterController.h

@@ -28,10 +28,10 @@ NS_ASSUME_NONNULL_BEGIN
 /**
  A controller class that instantiates a `SPUUpdater` and allows binding UI to its updater settings.
  
- This class can be instantiated in a nib or created programatically using `-initWithUpdaterDelegate:userDriverDelegate:` or `-initWithStartingUpdater:updaterDelegate:userDriverDelegate:`.
+ This class can be instantiated in a nib or created programmatically using `-initWithUpdaterDelegate:userDriverDelegate:` or `-initWithStartingUpdater:updaterDelegate:userDriverDelegate:`.
  
  The controller's updater targets the application's main bundle and uses Sparkle's standard user interface.
- Typically, this class is used by sticking it as a custom NSObject subclass in an Interface Builder nib (probably in MainMenu) but it works well programatically too.
+ Typically, this class is used by sticking it as a custom NSObject subclass in an Interface Builder nib (probably in MainMenu) but it works well programmatically too.
  
  The controller creates an `SPUUpdater` instance using a `SPUStandardUserDriver` and allows hooking up the check for updates action and handling menu item validation.
  It also allows hooking up the updater's and user driver's delegates.
@@ -71,7 +71,7 @@ SU_EXPORT @interface SPUStandardUpdaterController : NSObject
  
  You cannot call this initializer directly. You must instantiate a `SPUStandardUpdaterController` inside of a nib (typically the MainMenu nib) to use it.
  
- To create a `SPUStandardUpdaterController` programatically, use `-initWithUpdaterDelegate:userDriverDelegate:` or `-initWithStartingUpdater:updaterDelegate:userDriverDelegate:` instead.
+ To create a `SPUStandardUpdaterController` programmatically, use `-initWithUpdaterDelegate:userDriverDelegate:` or `-initWithStartingUpdater:updaterDelegate:userDriverDelegate:` instead.
  */
 - (instancetype)init NS_UNAVAILABLE;
 

src/MacVim/Sparkle_2.framework/Versions/B/Headers/SPUUpdater.h

@@ -52,7 +52,7 @@ SU_EXPORT @interface SPUUpdater : NSObject
  
  Related: See `SPUStandardUpdaterController` which wraps a `SPUUpdater` instance and is suitable for instantiating inside of nib files.
  
- @param hostBundle The bundle that should be targetted for updating.
+ @param hostBundle The bundle that should be targeted for updating.
  @param applicationBundle The application bundle that should be waited for termination and relaunched (unless overridden). Usually this can be the same as hostBundle. This may differ when updating a plug-in or other non-application bundle.
  @param userDriver The user driver that Sparkle uses for user update interaction.
  @param delegate The delegate for `SPUUpdater`.
@@ -114,7 +114,7 @@ SU_EXPORT @interface SPUUpdater : NSObject
  to ask the user's permission to check for updates automatically and `automaticallyChecksForUpdates` is `NO`.
  If you want to reset the updater's cycle after an updater setting change, see `resetUpdateCycle` or `resetUpdateCycleAfterShortDelay` instead.
  
- This is meant for programmatically initating a check for updates in the background without the user initiating it.
+ This is meant for programmatically initiating a check for updates in the background without the user initiating it.
  This check will not show UI if no new updates are found.
  
  If a new update is found, the updater's user driver may handle showing it at an appropriate (but not necessarily immediate) time.
@@ -307,7 +307,7 @@ SU_EXPORT @interface SPUUpdater : NSObject
  
  Note if Sparkle is being used to update another application, the bundle information retrieved is from the main application performing the updating.
  
- This default implementation can be overrided.
+ This default implementation can be overridden.
  */
 @property (nonatomic, copy) NSString *userAgentString;