Skip to content

Nudge downloads the wrong update in minor updates workflow, can cause Macs to do major upgrade instead. #430

New issue
New issue
Closed
Closed
Nudge downloads the wrong update in minor updates workflow, can cause Macs to do major upgrade instead.#430
Labels
bugSomething isn't workinghelp wantedExtra attention is needed
@Tomfr06

Description

@Tomfr06
Tomfr06
opened on Dec 16, 2022

When using Nudge to encourage users to do a minor update (let's say 12.6.2), Nudge will make use of "softwareupdate --list --all" to get the list of updates available.
It will then parse list and try and download this update.
However, there seems to be an issue with the collection of the "updateLabel" used to do the download:

Example:
Taking what a 12.6.1 systems gets today:

  • Label: Safari16.2MontereyAuto-16.2
    Title: Safari, Version: 16.2, Size: 130909KiB, Recommended: YES,
  • Label: macOS Monterey 12.6.2-21G320
    Title: macOS Monterey 12.6.2, Version: 12.6.2, Size: 1508533K, Recommended: YES, Action: restart,
  • Label: macOS Ventura 13.1-22C65
    Title: macOS Ventura 13.1, Version: 13.1, Size: 3878650K, Recommended: YES, Action: restart,

Nudge uses a 'for' loop goes through the list of the available updates.
It updates the updateLabel value for each Label:

nudge/Nudge/Utilities/SoftwareUpdate.swift

Lines 107 to 112 in 5fd6bed

var updateLabel = ""
for update in softwareupdateList.components(separatedBy: "\n") {
if update.contains("Label:") {
updateLabel = update.components(separatedBy: ": ")[1]
}
}

At the end of the loops the updateLabel value is the one of the last update in the list (macOS Ventura 13.1-22C65), not the one of the targeted update (macOS Monterey 12.6.2-21G320).

Then, a check is made that the list of updates contains the target one and if it does, the download is initiated using the "updateLabel" which isn't necessarily the right one.

nudge/Nudge/Utilities/SoftwareUpdate.swift

Lines 114 to 118 in 5fd6bed

if softwareupdateList.contains(requiredMinimumOSVersion) && updateLabel.isEmpty == false {
softwareupdateListLog.notice("softwareupdate found \(updateLabel, privacy: .public) available for download - attempting download")
let task = Process()
task.launchPath = "/usr/sbin/softwareupdate"
task.arguments = ["--download", "\(updateLabel)"]

On completion of the download, macOS prepares the update.
If the user doesn't visit Software Update but just reboots for another reason, macOS will apply the wrong update (or upgrade in this example).
However if the user goes to Software Update panel in System Preferences, and click Update Now on Monterey 12.6.2 update, macOS will download/prepare the right update and apply it properly.

Issue affects only Intel Macs, as Nudge doesn't attempt to download minor updates on Apple Silicon Macs:

nudge/Nudge/Utilities/SoftwareUpdate.swift

Lines 46 to 49 in 5fd6bed

if Utils().getCPUTypeString() == "Apple Silicon" && Utils().requireMajorUpgrade() == false {
softwareupdateListLog.debug("\("Apple Silicon devices do not support automated softwareupdate downloads for minor updates. Please use MDM for this functionality.", privacy: .public)")
return
}

Current workaround: set Nudge "softwareUpdate" to disabled to prevent the use of Software Update.

See attached log, Nudge is configured to go for 12.6.2 but downloads 13.1
NudgeDebugLog.txt

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't workinghelp wantedExtra attention is needed

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions