Skip to content

Work around broken MAS installs on recent macOS#560

Open
moreaki wants to merge 1 commit into
mangerlahn:mainfrom
moreaki:fix/issue-514-mas-external-workaround
Open

Work around broken MAS installs on recent macOS#560
moreaki wants to merge 1 commit into
mangerlahn:mainfrom
moreaki:fix/issue-514-mas-external-workaround

Conversation

@moreaki

@moreaki moreaki commented Mar 15, 2026

Copy link
Copy Markdown

Summary

This is an intermediate workaround for #514.

Latest currently handles Mac App Store updates by:

  • detecting MAS apps via the presence of an App Store receipt
  • checking the App Store metadata via MacAppStoreUpdateCheckerOperation
  • performing the update in-app via MacAppStoreUpdateOperation, which uses CKPurchaseController to start the CommerceKit install flow

That built-in install path now fails on recent macOS releases. The user-visible result is the PKInstallErrorDomain Code=201 failure discussed in #514, and in some cases damaged or duplicated apps after repeated retries.

What this PR changes

For affected macOS versions, Latest now stops offering the built-in MAS update action and falls back to opening the app's App Store page instead.

The workaround is applied as a lower-bound gate, not just for the exact versions first reported in the issue:

  • 14.8.2+
  • 15.7.2+
  • 26.1+

That means later patch/minor releases on those branches, and future major releases after 26, also use the external App Store fallback until we have a proper replacement install path.

Why broaden the gate

The current evidence suggests those versions are the start of Apple's new PackageKit behavior, not isolated broken releases:

  • Apple's security notes for macOS Sonoma 14.8.2, Sequoia 15.7.2, and Tahoe 26.1 all include the same PackageKit fix (CVE-2025-43411) described as adding entitlement checks.
  • The mas project hit the same breakage and converged on the same lower bounds for its workaround.

Given that, a narrower "only these exact versions" check would likely miss later releases that keep the same restriction.

Verification

Built successfully with:

xcodebuild build -project Latest.xcodeproj -scheme Latest -destination 'platform=macOS' CODE_SIGNING_ALLOWED=NO CODE_SIGNING_REQUIRED=NO CODE_SIGN_IDENTITY=''

I also tried a focused OSVersionTest run, but the existing test target still fails to resolve the private CommerceKit and StoreFoundation module dependencies, so I could not run that test bundle in this environment.

Follow-up for the real fix

This is only a mitigation. The proper fix should replace the broken install step rather than redirecting users to the App Store.

The likely shape is:

  • keep CommerceKit only for the download step
  • preserve the downloaded .pkg and sibling receipt before storedownloadd removes them
  • install the pkg through a privileged helper using /usr/sbin/installer -pkg ... -target /
  • restore the captured receipt into App.app/Contents/_MASReceipt/receipt
  • set receipt ownership to root:wheel
  • refresh metadata afterwards, for example with mdimport

References

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant