Take it a step further maybe. Why have the user set up updating at all? Suppose they've downloaded an app form the developer's website and installed it. When the app first runs, it calls a special API in the OS to register its "update feed" URL that provides the update info in a predefined format. The rest is then managed by the OS itself. It refetches these URLs as needed, shows notifications, installs updates, and, most importantly, provides the user with a central place somewhere in the settings to control all this.
I don't know much about the money/license part UX because I've never paid for software myself. But developers probably won't want to delegate licensing to the OS because this would make it all too easy to crack — it would only take one very simple patch to disable license checks altogether system-wide.
edit: Sparkle already uses a standardized feed format (https://sparkle-project.org/documentation/publishing/). So basically the only thing that's left is to move the update checking and installation logic to the OS as opposed to every app containing a copy of it.
This is a much better idea than the parent. It would be great if MacOS included a default package manager and apps registered themselves like this. My only concern would be malware taking advantage of this and somehow figuring out how to persistently register itself. I'm sure there's a fix but I haven't quickly come to a solution in the 10 seconds that I've thought about it.
I absolutely would have expected that the API exists to do this w/o human intervention. And given Windows, A way to do it via Group Policy & Active Directory.
I'm a strong believer, however, in making sure the user has visibility and control into it, so both methods (manually add/remote/check status & API) ought to be available.
I don't think that's good enough, unfortunately. People just dismiss the dialogues or malware distributors just learn to provide instructions to bypass any consent dialogues. The benefit of the App Store is that it's impossible to install malware through it. Unless you can provide the better experience while still delivering on that point, it's not much better. As I mentioned above, it's better for techie people but not for the average user and certainly not good enough for my mother to use.
If you put it that way, then sure it more or less necessitates a walled garden and some trusted party that verifies everything (according to its own standards). But then I'm skeptical of this nanny approach. IMO it's okay for technology to require education. After all, locked-down devices have only been a thing for the last 10 years or so. Computers used to be open by default, and operating systems were much less secure in terms of what applications were allowed to do, yet somehow, people survived that.
It's like governments. It can be a surveillance state ruled by a dictator where everything is regulated and everyone is spied on for the sake of "safety". Or it can be something that offers all the freedom you could possibly want, including the freedom to shoot yourself into the foot, both literally and metaphorically.
Sure, but that's what PCs and Linux are for. Macs, macOS, and iOS are not for that purpose. They're meant to be straight-forward and immediately usable as opposed to customizable.
When I was younger, I would probably have loved an Android phone but my 2 attempts with Android phones (like the Nexus) recently were terrible compared to my iPhone. I was constantly messing with things to try and get them working, I had to stop tasks and apps constantly in the app manager (and even had to download a different app manager), and was constantly waiting for things. Now, I care more about just being able to pick up my phone and know that it works to do what I want to do at any given point. I'm done messing with things.
I don't know much about the money/license part UX because I've never paid for software myself. But developers probably won't want to delegate licensing to the OS because this would make it all too easy to crack — it would only take one very simple patch to disable license checks altogether system-wide.
edit: Sparkle already uses a standardized feed format (https://sparkle-project.org/documentation/publishing/). So basically the only thing that's left is to move the update checking and installation logic to the OS as opposed to every app containing a copy of it.