I have an application that is being deployed outside of the AppStore using a PKG installer. Since our application has to be deployed outside the AppStore (for enterprise configuration requirements) we also need to handle updates outside the AppStore. I understand that SMJobBless function is now deprecated which seems to be how much open source software is implementing their privileged helpers namely Firefox.
However, since I am already deploying my software using a PKG installer why should I use SMJobBless or the new version SMAppService rather than adding additional functionality to my postinstall script that will set up a LaunchDaemon to handle my automatic updates?
The main issues that come to mind for me is that if a user were to delete our application rather than running the uninstall script the LaunchDaemon would still persist. Therefore we will likely need to handle that scenario and either have the LaunchDaemon recognize that and remove itself, or exit and do nothing.
Additionally, I would be missing out on the security benefits that a service like SMJobBless provides by only allowing my AuthorizedClient to execute the privileged helper.
On the other hand at least my LaunchDaemon would consistently work with older versions of macOS and I wouldn't be locked in to either supporting both SMJobBless and SMAppService or supporting only systems running macOS 13+.
What have other people done to handle automatic updates when they can't deploy through the AppStore? Is just creating a LaunchDaemon a common path? How do people typically handle removing the LaunchDaemon if their application is uninstalled?
