Because .aar support is new and not a widely used format, require validating them before extraction for now (similar to delta based updates). This also means this archive format cannot presently be used for key rotation. Strengthening the validation later will be harder to do if people start to rely on the format, so better to try this now than later.
[ ] My change requires changes to generate_appcast, generate_keys, or sign_update
Testing
I tested and verified my change by using one or multiple of these methods:
[x] Sparkle Test App
[ ] Unit Tests
[ ] My own app
[x] Other (please specify)
Tested aar extraction only works when updating aar archived app when signature is valid with sparkle-cli
Tested policy for updating zipped based app is still the same (more lax).
Because .aar support is new and not a widely used format, require validating them before extraction for now (similar to delta based updates). This also means this archive format cannot presently be used for key rotation. Strengthening the validation later will be harder to do if people start to rely on the format, so better to try this now than later.
Related to #2586
Misc Checklist
Testing
I tested and verified my change by using one or multiple of these methods:
Tested aar extraction only works when updating aar archived app when signature is valid with sparkle-cli Tested policy for updating zipped based app is still the same (more lax).
macOS version tested: 14.5 (23F79)