Catch-22: Why SilentKnight 2.8 and Skint 1.06 can’t auto-update

If you’re still running SilentKnight version 2.7 or Skint version 1.05 and are wondering why they aren’t offering you updates to versions 2.8 and 1.06 respectively, I offer my profound apologies and a reason: Catch-22. If you’re not familiar with Joseph Heller’s satirical war novel Catch-22, which coined the term, it’s succinctly described by The Idioms as “a paradoxical situation from which an individual cannot escape because of conflicting restrictions”. In this case, it’s actually a double Catch-22.

When my apps check whether there’s an update available, they look it up in a property list taken from my Github files, containing an array of small dictionaries. Each gives the name of the app, its current version, and the URL from where its Zip archive can be downloaded, on this blog. In addition to checking the version, my apps each check that the start of the URL comes from this blog, to prevent anyone from hijacking an update.

Since I began using this method a few years ago, those URLs have all started with the path to media files in this blog,
eclecticlightdotcom.files.wordpress.com/

For some reason, WordPress has recently changed that completely, and media files now appear in the path
eclecticlight.co/wp-content/uploads/
with its completely different domain.

The reason why auto-update for those latest updates is broken is that the path returned by the Github property list doesn’t match that expected, so the app assumes it has been hijacked, and goes no further. The code won’t put you at risk by offering a download from a site that it doesn’t recognise as being a legitimate source.

So here’s the first Catch-22: I don’t know the URL for any of the archives containing my apps until after I have built, notarized, and uploaded them to this blog. So I can’t change the path expected by the app, as doing so would require me to build, notarize and upload a new version, which couldn’t then assume the previous path was correct.

The second Catch-22 is that I can’t change the path retrospectively in those recent versions of SilentKnight and Skint, so those versions will always fail to auto-update. When I change the code in those apps for the next version, that can’t correct the problem in the previous version, so the next update will also not auto-update.

I apologise that what had been a simple, secure and robust system has been rendered completely useless by those two Catch-22s. I will be updating both apps again, probably next week once I’ve had a chance to check them thoroughly against macOS 15. Sadly, as those updates still can’t escape the Catch-22s, it may be a while before you see any benefit.

SilentKnight version 2.8 for macOS Catalina and later is now available from here: silentknight208
from Downloads above, and from its Product Page.

Skint version 1.06 for macOS Monterey and later is now available from here: skint106
from Downloads above, and from its Product Page.

The good news, and there really has to be some good news somewhere, is that this change in WordPress doesn’t affect any previous updates, whose paths remain unchanged (for the time being at least). However, as I update each app in future, I will have to build in support for the new domain and path for future updates. I’m so looking forward to that.

I’m very grateful to Al and others who informed me of these problems.