Mar 20, 2015 at 4:19 PM
Edited Mar 20, 2015 at 4:20 PM
This is an amazing library and is very simple to implement!
I would like to suggest a new argument where the hash of the file to download could be manually embedded into the xml like so.
In this example my hash is an SHA-256 format.
So the purpose of doing this would be that the file could be verified before actually installing using code something like this. (see link)
This would allow for better manual handling and security of the download/update process.
Especially in the way of generic installers that might just be named "Setup.exe" and could even be inadvertently overridden.
For my usage of the library I have a small program that does the following.
Check for update, if there is an update then check if the file exists locally.
If the file exists locally check its hash, if the hash matches install the update silently.
if the file does not exist or the hash does not match, download and verify the file.
Finally I would also suggest that the UpdateInfoEventArgs provide that exact path that the download would be written to, for easier manual download handling.