For those distributing Mac apps outside the Mac App Store, how are you planning to support updating and sandboxing? I'm guessing most people's answers for the time being is that they're not, but I hope that eventually non-MAS apps could be sandboxed just like MAS apps.

To use Sparkle, your app would need network access, which could be granted, as well as the ability to overwrite itself in Applications. Currently you could do this with the com.apple.security.temporary-exception.files.absolute-path.read-write entitlement, but that's not a good solution. It will likely go away, and even if it doesn't there's little point in sandboxing an app if you're going to give it full filesystem read-write access as well as network access.

Has anyone already gone down this path and found a good solution? I ask because I try to keep my MAS build and my non-MAS build as identical as possible, and I'm currently looking at having my MAS build sandboxed and my non-MAS build not.

In a conversation started by @chockenberry on twitter, @andy_matuschak responded favorably to creating an XPC service for Sparkle.

I have a pull request open on GitHub that actually creates the XPC service. Hopefully, this will get incorporated into Sparkle soon.

We actually have two versions of our app: one for our own web site and one for the app store.

I recommend using Sam Deane's approach which you can find in his GitHub repository. It works well for us.

Not yet.

As of 1.15 Sparkle does not support sandboxing, and the patch that is floating around has a vulnerability that allows complete bypass of sandbox security.