Skip to content

chore(deps): bump github.com/sparkle-project/sparkle from 2.7.1 to 2.8.0 #97

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot wants to merge 1 commit into from
Closed

chore(deps): bump github.com/sparkle-project/sparkle from 2.7.1 to 2.8.0 #97

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Sep 22, 2025

Bumps github.com/sparkle-project/sparkle from 2.7.1 to 2.8.0.

Release notes

Sourced from github.com/sparkle-project/sparkle's releases.

2.8.0 UI Refresh and Tahoe Improvements

Changes:

  • UI modernization and macOS Tahoe support
    • Modernize update alert and release notes UI (#2737) (Zorg, Noah Nuebling, Cykelero, Daniel Jalkut, Peter Nowell)
    • Update retrieving app icon to work better in Tahoe (#2742) (Zorg)
    • Improve retrieval of main app icon for authorization dialog (#2743) (Zorg)
  • Delta updates
    • Improve bsdiff performance by preventing excessive iterations when processing similar data blocks (#2693) (Will Fairclough)
    • Fix an issue while searching a cloneable file for delta updates (#2748, #2753) (Vincent Bénony, Zorg)
    • Add support for relative URLs for delta updates (#2741) (jj)
  • Localization
    • Set STRINGS_FILE_OUTPUT_ENCODING build setting to "binary" (#2712) (Nicolas Kick)
    • Move all localizations to main Sparkle.strings (#2760) (Zorg)
  • Synchronize updater settings with user defaults to fix out-of-sync UI state (#2728) (Zorg)
  • Document and better enforce main thread only requirement for using Sparkle methods (#2746, #2754, #2768)) (Sebastien Marchand, Zorg)
  • Make -[SPUUserDriver showUpdateInFocus] optional (#2717) (Zorg)
  • Add private module map for framework (#2722) (Zorg)
  • Workaround a corner case in which the bundle path of a running application contains Contents/MacOS/Executable (#2726, #2747) (Jeremy Huddleston Sequoia, Zorg)
  • Disable false dependency scan analysis warnings when building Sparkle from source (#2762) (Daniel Jalkut)
  • Refactor the logic for avoiding re-sending the system profile more frequently than once a week (#2720) (Daniel Jalkut)
  • Remove deprecated interactive package installer type (#2767) (Zorg)

Sparkle 2.8 introduces a refreshed UI update to the software update window and includes compatibility improvements for macOS 26 Tahoe. Thanks to all of those that contributed to the design of the update window (#2737).

Discussion

2.8.0-beta.3

Changes:

  • UI modernization and macOS Tahoe support
    • Modernize update alert and release notes UI (#2737) (Zorg, Noah Nuebling, Cykelero, Daniel Jalkut, Peter Nowell)
    • Update retrieving app icon to work better in Tahoe (#2742) (Zorg)
    • Improve retrieval of main app icon for authorization dialog (#2743) (Zorg)
  • Delta updates
    • Improve bsdiff performance by preventing excessive iterations when processing similar data blocks (#2693) (Will Fairclough)
    • Fix an issue while searching a cloneable file for delta updates (#2748, #2753) (Vincent Bénony, Zorg)
    • Add support for relative URLs for delta updates (#2741) (jj)
  • Localization
    • Set STRINGS_FILE_OUTPUT_ENCODING build setting to "binary" (#2712) (Nicolas Kick)
    • Move all localizations to main Sparkle.strings (#2760) (Zorg)
  • Synchronize updater settings with user defaults to fix out-of-sync UI state (#2728) (Zorg)
  • Document and better enforce main thread only requirement for using Sparkle methods (#2746, #2754) (Sebastien Marchand, Zorg)
  • Make -[SPUUserDriver showUpdateInFocus] optional (#2717) (Zorg)
  • Add private module map for framework (#2722) (Zorg)
  • Workaround a corner case in which the bundle path of a running application contains Contents/MacOS/Executable (#2726, #2747) (Jeremy Huddleston Sequoia, Zorg)
  • Disable false dependency scan analysis warnings when building Sparkle from source (#2762) (Daniel Jalkut)
  • Refactor the logic for avoiding re-sending the system profile more frequently than once a week (#2720) (Daniel Jalkut)

2.8.0 beta 3 specifically includes a crash fix from 2.7.3 and important security fixes from 2.7.2.

... (truncated)

Commits
  • 9a1d2a1 Update Package management files for version 2.8.0
  • f800572 Update CHANGELOG for 2.8.0
  • f37e511 Update internal & security documentation (#2771)
  • 65898f2 Add main thread / reentrancy safety checks for showing feed (#2768)
  • 65bff87 Remove interactive package installer type (#2767)
  • 488fd7d Update Package management files for version 2.8.0-beta.3
  • 86d11fd Update CHANGELOG and Carthage file for 2.7.3
  • 167db6f Double quote team identifiers in designated requirement strings (#2766)
  • f1ecf8e Update CHANGELOG with false dependency scan fix
  • ba41d1b Update Package management files for version 2.8.0-beta.2
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump github.com/sparkle-project/sparkle from 2.7.1 to 2.8.0
158e378 
Bumps [github.com/sparkle-project/sparkle](https://github.com/sparkle-project/Sparkle) from 2.7.1 to 2.8.0.
- [Release notes](https://github.com/sparkle-project/Sparkle/releases)
- [Commits](sparkle-project/Sparkle@2.7.1...2.8.0)

---
updated-dependencies:
- dependency-name: github.com/sparkle-project/sparkle
  dependency-version: 2.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Sep 22, 2025

Labels

The following labels could not be found: dependencies, swift. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot bot requested a review from K9i-0 as a code owner September 22, 2025 00:45
@dependabot dependabot bot mentioned this pull request Sep 22, 2025
Closed
@github-actions
Copy link

github-actions bot commented Sep 22, 2025

❌ Version Update Required

This PR is merging to develop but the version in Info.plist has not been updated.

Current version: 0.7.15
PR version: 0.7.15

Please update the version number in Info.plist before this PR can be merged.

How to update:

  1. Edit Info.plist
  2. Update both CFBundleShortVersionString and CFBundleVersion values to the same version
  3. Commit and push the changes

Or use the update script:

./scripts/update-version.sh patch  # or minor/major

The version should follow semantic versioning (x.y.z format).

@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Nov 24, 2025

Superseded by #104.

@dependabot dependabot bot closed this Nov 24, 2025
@dependabot dependabot bot deleted the dependabot/swift/github.com/sparkle-project/sparkle-2.8.0 branch November 24, 2025 00:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@K9i-0 K9i-0 Awaiting requested review from K9i-0 K9i-0 is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant