plugins-workspace icon indicating copy to clipboard operation
plugins-workspace copied to clipboard
verified publisher icon tauri-apps

updater: allow accepting invalid TLS certs/hostnames via config

Open christian-leingang opened this issue 2 months ago • 8 comments

Problem: updater fails when contacting servers with self-signed or internal TLS certs and error message is generic.

Solution: add two plugin config flags dangerousAcceptInvalidCerts and dangerousAcceptInvalidHostnames and builder methods to override them. These mirror http-plugin and reqwest's danger_accept_invalid_certs and danger_accept_invalid_hostnames.

Security: these settings are dangerous and should only be used in trusted environments or testing.

christian-leingang avatar Oct 23 '25 14:10 christian-leingang

Package Changes Through fce85ba1ac869e6466c5170b7a17d2faf5670dcd

There are 26 changes which include barcode-scanner with patch, barcode-scanner-js with patch, biometric with patch, biometric-js with patch, clipboard-manager with patch, clipboard-manager-js with patch, deep-link with patch, deep-link-js with patch, dialog with patch, dialog-js with patch, fs with patch, fs-js with patch, geolocation with patch, geolocation-js with patch, haptics with patch, haptics-js with patch, nfc with patch, nfc-js with patch, notification with patch, notification-js with patch, opener with patch, opener-js with patch, shell with patch, shell-js with patch, updater with minor, updater-js with minor

Planned Package Versions

The following package releases are the planned based on the context of changes in this pull request.

package current next
api-example 2.0.36 2.0.37
api-example-js 2.0.32 2.0.33
deep-link-example-js 2.2.6 2.2.7
barcode-scanner 2.4.0 2.4.1
barcode-scanner-js 2.4.0 2.4.1
biometric 2.3.0 2.3.1
biometric-js 2.3.0 2.3.1
clipboard-manager 2.3.0 2.3.1
clipboard-manager-js 2.3.0 2.3.1
deep-link 2.4.3 2.4.4
deep-link-js 2.4.3 2.4.4
fs 2.4.2 2.4.3
fs-js 2.4.2 2.4.3
dialog 2.4.0 2.4.1
dialog-js 2.4.0 2.4.1
geolocation 2.3.0 2.3.1
geolocation-js 2.3.0 2.3.1
opener 2.5.0 2.5.1
opener-js 2.5.0 2.5.1
haptics 2.3.0 2.3.1
haptics-js 2.3.0 2.3.1
http 2.5.2 2.5.3
http-js 2.5.2 2.5.3
nfc 2.3.1 2.3.2
nfc-js 2.3.1 2.3.2
notification 2.3.1 2.3.2
notification-js 2.3.1 2.3.2
persisted-scope 2.3.2 2.3.3
shell 2.3.1 2.3.2
shell-js 2.3.1 2.3.2
single-instance 2.3.4 2.3.5
updater 2.9.0 2.10.0
updater-js 2.9.0 2.10.0

Add another change file through the GitHub UI by following this link.

Read about change files or the docs at github.com/jbolda/covector

github-actions[bot] avatar Oct 24 '25 08:10 github-actions[bot]

Would resolve the error (Issue 2579) caused by strict TLS certificate validation.

christian-leingang avatar Oct 24 '25 09:10 christian-leingang

Thanks for the PR! would you mind adding a small changefile as well? There are some examples in the .changes dir :)

FabianLars avatar Oct 24 '25 09:10 FabianLars

argh, i just noticed that we export the Config struct which means that this is a breaking change........

Before thinking about alternative implementations, let us wait a few days and see how the discussions about an early v3 release we're currently having goes.

FabianLars avatar Oct 24 '25 11:10 FabianLars

Thanks, I understand. I’ll wait for the v3 discussion and follow whatever the outcome is. If you prefer not to introduce a breaking change now, I can revert the Config edits and keep the functionality available only via the UpdaterBuilder (which should be non-breaking). Tell me which you’d like and I’ll update the PR accordingly.

christian-leingang avatar Oct 28 '25 15:10 christian-leingang

yeah, give us a few days to see if the v3 discussion is going anywhere. The UpdaterBuilder idea would be a good alternative indeed though a bit unfortunate that we'd then have 2 places for dangerous settings.

FabianLars avatar Oct 28 '25 16:10 FabianLars

@FabianLars Just checking in on this since it's been a few weeks—how is the v3 discussion coming along?

If that timeline is still uncertain, would you prefer I switch this PR to the UpdaterBuilder approach (non-breaking) so we can get it merged into v2? I'm happy to do that if it helps unblock this.

christian-leingang avatar Nov 18 '25 12:11 christian-leingang

The discussion died before my comment apparently.

I also just realized that this Config object isn't actually used anywhere so perhaps we can be sneaky and just do this breaking change without anyone noticing.

The last hurdle is that i'm currently blocking updater releases, see https://github.com/tauri-apps/plugins-workspace/issues/3108 - maybe i'll revert those changes first before merging new ones, we'll see :/

FabianLars avatar Nov 18 '25 12:11 FabianLars