You must log in or # to comment.
Why should the update procedure for an application be handled by the application itself rather than a package manager? Let app devs focus on their app and repository maintainers on update manifests.
Well, in this case I think it’s a remnant of n++ predating any package manager on windows. I do think that an embedded self-updater is better than having to download a new version through the browser.
It wasn’t entirely clear to me if the compromise effects those of us who installed it though scoop/winget, as the package manager should pull directly from the correct source, so the compromised updater shouldnt matter. Reinstalled to be sure.