This made sense under the time constraints i was initially under. But it's probably better, until we fully support sideloading anyway, to assume we're not the only ones touching the XML file.
Additionally it would be nice if when writing for the first time we alert the user that we are going to overwrite the XML file and allow them to cancel the action.
If we hash the XML file and store it in the encrypted config blob we can track if we're the only ones touching the file. If not we can attempt a more complex xml merge and only alert the user if that, for whatever reason, fails.
This made sense under the time constraints i was initially under. But it's probably better, until we fully support sideloading anyway, to assume we're not the only ones touching the XML file.
Additionally it would be nice if when writing for the first time we alert the user that we are going to overwrite the XML file and allow them to cancel the action.
If we hash the XML file and store it in the encrypted config blob we can track if we're the only ones touching the file. If not we can attempt a more complex xml merge and only alert the user if that, for whatever reason, fails.