@tsteur We are actually ignoring all files starting with . on update. Those file won't be deleted if they exist.
The reason for ignoring is actually the glob(*) we are using. It doesn't catch hidden files. This can actually be fixed and I will prepare a PR for it.

@tsteur regarding the other part of this issue. I wouldn't start trying to sync/remove other parts. Guess we had a good reason not to do that. To circumvent we have similar issues in the future we could create a github action, that automatically checks the changes in a PR. And if a file is deleted, that wouldn't be caught by the updater we could add a comment on the PR to check if an update script is provided to remove those files.
Guess it should be quite simple to do that. Just something like git log {BASESHA}..{PRSHA} --diff-filter=D --summary | grep "delete mode" and then go through the list and check if it is in certain directories or not...
Or would you prefer another approach?

Would that action run on the archive repository? As we might delete a file from root directory in the script that builds the release? And it would run in this repository?

could maybe also a regular test run the above command so it runs as part of the tests?

No, that action would run in this repository for all pull request.
I don't yet have a good idea how to write a test for that. We would actually need to build a release. Download the latest release, perform an update, and check if the file integrity check complains about anything. Imho that sounds a bit oversized for a normal test. It might possibly be something I could implement it #17594 and let a release fail if the integrity check complains 🤔

👍 OK. I was hoping we could just run git log {BASESHA}..{PRSHA} --diff-filter=D --summary | grep "delete mode" in a regular test but maybe something like that doesn't work

A user noticed this issue:
"The one thing I want to see improved? The ... file checks during the update. Every ... time the updater nags me about supposedly unexpected files that I'm supposed to manually delete before I can continue. each. .... Just. These are files that Matomo put in there himself during the last update, why are they unexpected? And if they suddenly bother you, why doesn't the updater delete the ... itself or at least offer me a button that I can use to do this conveniently so that I don't have to log in to the server myself? I updated Matomo two days ago and of course had to delete files manually again. Now I get another mail about an update to 4.7.1, and of course I have to delete a few other files manually. Get your build process on track or teach the updater not to be such a chump"