Correct, the code I’ve written is specifically for OS X, maybe if I explain how it works, Joris can use that information to provide a full x-plat kit (in native Xojo code).
I start with a version simple update format, a sample file can be found here.
http://www.ohanaware.com/appwrapper/AppWrapper.v7Update
In the file it contains the following:
signature - which a hash of the entire file contents.
beginUpdate - which is used to signal update information follows.
build - which ties into the non-release version (so it's a simple comparison).
releaseDate - the date the update was released.
minOS - contains the required OS for this update.
architecture - the architectures it will run on.
displayVersion - Human readable version i.e 3.0 Beta 1
changes - a list of changes (URLEncoded)
downloadSize - a human readable string i.e. 8 MB
fileSiganture - a hash of the update file.
Each file may contain multiple versions, with the latest always appearing at the top.
When it’s time to check, my app uses a HTTPSocket to download the update file, then processes it into an array of objects and scans each object to see if it’s newer than the current version and meets the architecture, minOS requirements, then it will add it to the list of available updates.
it then displays all the available update information, but only offers the option to download the latest available update.
When the user choose to update, it then uses the same HTTPSocket to download the update file to it’s Application Support folder.
Once it’s downloaded, if launches the update file (I’m using the Apple Installer package for updates) and quits the current application.
Using the Apple installer, will locate and replace the current version with the newer version, asking admin credentials if required.
In the future I intend to update it to verify the code signature of the package (at the moment it verifies a hash of the file against the fileSignature (but that can be hacked if someone figures out which hashing method I’m using and the salting string. However having the app on the machine verify the code signature of the installer will ensure the highest level of security (IMHO).
I also want to get my app to clean up the installer, if it was used successfully, a bit more design is required.
I hope that this helps.