feat(updater): 增加应用自动更新入口#84
Closed
H-Chris233 wants to merge 1 commit into
Closed
Conversation
Issue Open-Less#33 requires users to control updates instead of being silently moved to a new version. The app now exposes a manual check beside the About version, prompts before installing, shows download/install state, and lets users choose whether to restart immediately. Release builds also publish the signed updater bundles and per-platform manifests needed by Tauri's updater while keeping unsigned manual CI runs usable for build validation. Constraint: Tauri updater requires signed artifacts and a public-key manifest Constraint: User requested no silent automatic updates Rejected: Startup background update check | violates the requested confirmation flow Rejected: Always requiring updater signing for workflow_dispatch | would break test builds without release secrets Confidence: high Scope-risk: moderate Directive: Do not reintroduce startup update checks without explicit product approval Tested: npm run build Tested: cargo check Tested: npm run tauri -- build --debug --no-bundle --ci Tested: git diff --check; node --check write-updater-manifest.mjs; bash -n build-mac.sh Not-tested: Live tagged GitHub Actions release run with updater signing secret Related: Open-Less#33
![sourcery-ai[bot]](https://avatars.githubusercontent.com/in/48477?s=60&v=4){kind=small}
There was a problem hiding this comment.
Sorry @H-Chris233, you have reached your weekly rate limit of 500000 diff characters.
Please try again later or upgrade to continue using Sourcery
appergb
pushed a commit
that referenced
this pull request
Apr 30, 2026
H-Chris233: closes #33。 实现 Tauri 内置 updater 集成: - Cargo: tauri-plugin-updater v2 - tauri.conf.json: 加 updater 配置(pubkey + endpoint 指向 GitHub Releases latest) - capabilities/default.json: 授予 updater:default 能力 - lib.rs: 注册 updater 插件 + restart_app 命令 - src/pages/Settings.tsx + i18n: 关于区域加'检查'按钮、检查/下载/安装/重启对话框流 - 新脚本 scripts/write-updater-manifest.mjs: release 侧从 build artifact 拉签名生成 manifest - workflow: TAURI_SIGNING_PRIVATE_KEY env + 各平台 build 时 createUpdaterArtifacts true 注意:下次 v*-tauri tag 必须配 TAURI_SIGNING_PRIVATE_KEY secret,否则 CI 硬失败。
Collaborator
|
本地 squash-merge 到 main 后 push(绕过 OAuth workflow scope 限制)。see commit a9c81e6。 |
appergb
pushed a commit
that referenced
this pull request
Apr 30, 2026
…attr 修复 Codex audit 对 main HEAD a9c81e6 的 2 条 HIGH + 把 macOS auto-update 的 "重启后 Gatekeeper 拦截"问题封死。 ## HIGH #2: 版本号不一致 PR #84 没顺手 bump 版本,main 仍自报 1.2.2,下次直接打 v1.2.3-tauri 会让 updater manifest 自报 1.2.2,已安装的 1.2.2 客户端永远拿不到 "有新版本"。 修:package.json + tauri.conf.json + Cargo.toml 全部改 1.2.3。 ## HIGH #1: updater pubkey 所有权 PR #84 使用的 pubkey 是外部贡献者本地生成的,appergb 不掌握对应 private key。 任何持有那把私钥的人都能签发更新 -> 客户端 OTA 装上恶意版本。 修: - 用 npx @tauri-apps/cli signer generate --ci 生成 appergb 自己的 keypair - 新 pubkey: F0FCDE68E08E6D4E (写入 tauri.conf.json plugins.updater.pubkey) - 私钥已通过 gh secret set TAURI_SIGNING_PRIVATE_KEY 配到 GitHub repo secret - 私钥本地副本只在 /tmp,不进 git,commit 后会清除 ## macOS auto-update 后 strip xattr restart_app 在 app.restart() 前对 .app bundle 跑 /usr/bin/xattr -cr。这是 Tauri auto-updater + 未公证应用的组合下唯一让"自动更新对用户零摩擦"的解法 — 否则 Gatekeeper 在重启时会拦说"OpenLess 已损坏",用户必须开终端 xattr 才能 继续用,违反 auto-update 的本意。 未来发版逻辑必须保留这一步。release-tauri.yml 上一次 PR (#83) 已经在 CI 侧 strip 过一次,本次在 client 侧重启时再 strip 一次,双保险覆盖 "下载 -> 解压 -> 安装 -> 重启"全链路。
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
摘要
Fixes #33。
本 PR 增加应用自动更新能力,让用户可以在应用内检查、下载并安装新版本,无需手动前往 Release 页面下载安装包。
当前实现采用“用户手动检查更新”的交互方式:在“关于”区域展示当前版本和“检查”按钮。用户点击后,如果没有新版本则提示当前已是最新版本;如果发现新版本,则弹窗询问是否现在更新。确认更新后显示下载进度,下载并安装完成后再询问是否现在重启应用。
同时保留 release 侧签名更新包和 manifest 生成逻辑,因为 Tauri updater 依赖签名包与 manifest 才能完成更新校验和安装。
修复 / 新增 / 改进
在“关于”区域的当前版本旁新增“检查”按钮。
点击“检查”后执行更新检查:
点击“现在更新”后:
点击“现在重启”后:
点击“稍后手动重启”后:
保留 release 侧更新包签名与 manifest 生成逻辑:
兼容
不包含:
对现有用户 / 本地环境 / 构建流程的影响:
测试计划
命令:
npm run build结果:通过
证据路径:本地构建输出
命令:
cargo check结果:通过,仅有既有 warnings
证据路径:本地检查输出
命令:
npm run tauri -- build --debug --no-bundle --ci结果:通过
证据路径:本地构建输出,已验证 Tauri 配置和权限可以实际构建
命令:
git diff --check结果:通过
证据路径:本地命令输出
备注
本 PR 实现的是用户主动触发的应用内更新流程,不是后台静默更新。安装完成后仍保留重启确认,避免在用户未确认的情况下直接重启应用。
@appergb