feat: add in-app auto-update via Wails v3 updater and installer packaging#72
Conversation
…ging - Add updater.go with Wails v3 app.Updater integration (GitHub provider) - CheckForUpdate(), TriggerUpdate(), RestartApp() exposed to frontend - 4-hour periodic background update checks - Graceful error handling (check failures logged, not shown to user) - Replace old CheckForUpdates() in app.go with new updater flow - Update App.tsx with 5-stage update UI: available → downloading (progress bar) → verifying → ready → restart - Add CSS for progress bar, green restart button with pulse animation - Update release.yml CI/CD: - macOS: DMG installer via create-dmg + bare binary for auto-update - Windows: NSIS installer generation - SHA256SUMS checksum file for download verification - Add golang.org/x/mod dependency (used by Wails updater semver)
- Add prefers-reduced-motion to update button animation - Fix update progress bar border-radius - Add CheckForUpdate and App trigger timeouts - Improve updater.go initialization error logging - Fix UpdateStatus typing and checking state in App.tsx - Update Windows NSIS configuration to user context for updates - Refine artifact generation, verification, and artifact upload paths
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Organization UI Review profile: ASSERTIVE Plan: Pro Plus Run ID: 📒 Files selected for processing (2)
📝 WalkthroughSummary by CodeRabbit
ウォークスルー
変更内容Wails v3 アップデータへの置き換え
CI リリースワークフロー改善
シーケンス図sequenceDiagram
participant User
participant Frontend
participant App
participant WailsUpdater
participant GitHub
User->>Frontend: アプリ起動
Frontend->>App: CheckForUpdate()
App->>WailsUpdater: Check(ctx, 10s)
WailsUpdater->>GitHub: 最新リリース取得
GitHub-->>WailsUpdater: リリース情報
WailsUpdater-->>App: 結果
App-->>Frontend: UpdateStatus{state: available}
User->>Frontend: 更新ボタンをクリック
Frontend->>App: TriggerUpdate()
App->>WailsUpdater: DownloadAndInstall(ctx, 5min)
WailsUpdater-->>Frontend: wails:updater:verifying
WailsUpdater-->>Frontend: wails:updater:installing
WailsUpdater-->>Frontend: wails:updater:ready
App-->>Frontend: UpdateStatus{state: ready}
User->>Frontend: 再起動ボタンをクリック
Frontend->>App: RestartApp()
App->>WailsUpdater: Restart(ctx, 10s)
WailsUpdater-->>App: done
App-->>Frontend: UpdateStatus{state: restarting}
推定レビュー工数🎯 4 (Complex) | ⏱️ ~60 minutes 関連する可能性のある PR
🚥 Pre-merge checks | ✅ 4 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Actionable comments posted: 3
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
.github/workflows/release.yml (1)
9-19: 🧹 Nitpick | 🔵 Trivial | ⚡ Quick winワークフローレベルで明示的な permissions ブロックの追加を推奨
buildジョブには明示的なpermissionsブロックがありません。最小権限の原則に従い、ワークフローレベルでpermissions: {}を設定し、必要なジョブのみで権限を明示的に付与することで、セキュリティ体制が強化されます。🔒 ワークフローレベルの permissions 追加例
on: release: types: [published] +permissions: {} + jobs: build: + permissions: + contents: read strategy: matrix:🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In @.github/workflows/release.yml around lines 9 - 19, The workflow file is missing an explicit permissions block at the workflow level, which violates the principle of least privilege. Add a `permissions: {}` block at the workflow level (before the `build` job definition) to remove all default permissions, and then explicitly grant only the necessary permissions to individual jobs like `build` that actually require them, such as `contents: write` if the job needs to write artifacts or create releases.Source: Linters/SAST tools
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In @.github/workflows/release.yml:
- Around line 236-241: The SHA256SUMS generation in the Generate SHA256SUMS step
is outputting file paths with `./` prefixes (e.g., `./ExifFrame-darwin-arm64`),
which will cause checksum verification failures when the Wails updater compares
filenames. Modify the find command that generates SHA256SUMS to strip the `./`
prefix from the output paths. This can be accomplished by piping the sha256sum
output through sed to remove the leading `./` characters, ensuring that the file
paths in SHA256SUMS match the actual artifact filenames without directory
prefixes.
In `@frontend/src/App.tsx`:
- Around line 358-360: The catch block for the update check promise is resetting
the stage to 'idle' which suppresses the error from appearing in the UI. Modify
the catch handler to instead set stage to 'error' and provide an appropriate
errorMessage value (similar to how the status.state === 'error' branch handles
errors). This ensures that when the RPC call fails, the error state is properly
communicated to the user instead of being hidden.
- Around line 770-776: The TriggerUpdate() and RestartApp() methods return an
UpdateStatus object with a state property indicating success or error, rather
than rejecting the Promise on failure. Currently, the code only handles Promise
rejection in the catch block, but when the backend returns an error state, the
Promise resolves successfully and the UI remains stuck in the downloading or
restarting state. Add proper handling after the TriggerUpdate() call (and
similarly for RestartApp() around line 806) to check the returned UpdateStatus
object's state property and update the UI state to display the error message
when state equals "error", rather than relying solely on the catch block for
error handling.
---
Outside diff comments:
In @.github/workflows/release.yml:
- Around line 9-19: The workflow file is missing an explicit permissions block
at the workflow level, which violates the principle of least privilege. Add a
`permissions: {}` block at the workflow level (before the `build` job
definition) to remove all default permissions, and then explicitly grant only
the necessary permissions to individual jobs like `build` that actually require
them, such as `contents: write` if the job needs to write artifacts or create
releases.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: ASSERTIVE
Plan: Pro Plus
Run ID: ad9b90c6-f577-42ac-a08e-d906125d8271
⛔ Files ignored due to path filters (1)
go.sumis excluded by!**/*.sum
📒 Files selected for processing (9)
.github/workflows/release.ymlapp.gobuild/windows/installer/project.nsifrontend/src/App.cssfrontend/src/App.tsxgo.modmain.goupdater.goversion.go
💤 Files with no reviewable changes (1)
- app.go
- Fix SHA256SUMS prefix issue with sed - Improve App.tsx update error handling in catch block and Promise resolutions - Apply workflow-level permissions minimizing permissions for build job
wails v3のオートアップデート機能とインストーラによるインストールを実装
resolved #61