Lucas Nogueira
b82e2b5cf7
feat(core): configure HTTP scope using glob patterns
2022-01-31 10:30:32 -03:00
Lucas Nogueira
de35f4b624
fix(core): use std::env::temp_dir instead of fixed /tmp
2022-01-31 10:30:27 -03:00
Lucas Nogueira
ff37a715ab
fix(core): remove $APP from fs scope default
2022-01-31 10:30:10 -03:00
Lucas Nogueira
645b5a8b8a
chore: fix clippy warnings and tests
2022-01-31 10:30:05 -03:00
Lucas Nogueira
dc8ae7485e
fix: put eprintln usage behind #[cfg(debug_assertions)]
2022-01-31 10:29:56 -03:00
Lucas Nogueira
696dca58a9
refactor(core): remove BaseDirectory::Current variant
2022-01-26 16:48:31 -03:00
Lucas Nogueira
c80e8b6886
fix: fs-read-file allowlist usage
2022-01-26 16:47:42 -03:00
chip
10314cd5cf
feat(core): add argument parsing on shell scope ( #44 )
...
* feat: initial implementation
* feat: arg parser
* refactor: move codegen to context struct
* feat: regex validation
* fix tests
* fix: support magic argument value `-`
* feat: support value regex starting with `-`
* refactor: shell_scope mod, add happy path tests
* wip: scope command arguments
* wip: commands
* add better scoped errors and pattern matching
* add documentation to scoped command items
* support using the new shell scope for open
* use the proper items in tauri::scope during codegen
* shell-open uses ScopeError::Validation also
* use shell scoping for sidecar commands
* fix: cli.rs build
* fix: validation when arg list is empty
* require args in a non-fixed, non-empty config list
Co-authored-by: Chip Reed <chip@chip.sh>
2022-01-26 16:43:24 -03:00
Lucas Nogueira
ec8661f18e
fix: do not enforce updater's pubkey field when active is false
2022-01-17 10:48:03 -03:00
Lucas Nogueira
487441c991
fix: update dev dependencies
2022-01-17 10:47:54 -03:00
chip
d5d6d2abc1
Isolation Pattern ( #43 )
...
Co-authored-by: Ngo Iok Ui (Wu Yu Wei) <wusyong9104@gmail.com>
Co-authored-by: Lucas Fernandes Nogueira <lucas@tauri.studio>
2022-01-17 10:46:14 -03:00
Lucas Nogueira
c077f44927
feat: force endpoint URL to use https on release [TRI-015] ( #41 )
2022-01-09 16:40:22 -03:00
Lucas Nogueira
d95cc83105
feat: enforce updater public key [TRI-015] ( #42 )
2022-01-09 16:37:03 -03:00
Lucas Nogueira
b43019a2b0
fix: shell allowlist scope
2022-01-09 16:31:40 -03:00
chip
2e212e1eac
use our current_exe implementation in more places ( #39 )
2022-01-09 16:30:25 -03:00
david
be096623bf
feat(updater): refactor in-memory ( #37 )
...
* refactor: updater archive is now fully validated from memory
Signed-off-by: David Lemarier <david@lemarier.ca>
* fix CI
Signed-off-by: David Lemarier <david@lemarier.ca>
* make clippy happy
Signed-off-by: David Lemarier <david@lemarier.ca>
* update documentation and fmt
Signed-off-by: David Lemarier <david@lemarier.ca>
* cleanup and add final doc
Signed-off-by: David Lemarier <david@lemarier.ca>
* fmt
Signed-off-by: David Lemarier <david@lemarier.ca>
* make clippy happy
Signed-off-by: David Lemarier <david@lemarier.ca>
* remove unwanted clone
Signed-off-by: David Lemarier <david@lemarier.ca>
* [ci skip] cleanup
Signed-off-by: David Lemarier <david@lemarier.ca>
* run `http_updater_complete_process` on all platforms
Signed-off-by: David Lemarier <david@lemarier.ca>
* fix CI: `cargo test --all-features` on core tests
Signed-off-by: David Lemarier <david@lemarier.ca>
* fix appimage build
Signed-off-by: David Lemarier <david@lemarier.ca>
* update
Signed-off-by: David Lemarier <david@lemarier.ca>
* chore(deps) Update dependency @types/imagemin to v8 (#2635 )
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Lucas Nogueira <lucas@tauri.studio>
Co-authored-by: lucasfernog <lucasfernog@users.noreply.github.com>
Co-authored-by: Ngo Iok Ui (Wu Yu Wei) <wusyong9104@gmail.com>
Co-authored-by: david <david@lemarier.ca>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: chip <chip@chip.sh>
Co-authored-by: David Von Edge <david.vonedge@smiths.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Amr Bashir <48618675+amrbashir@users.noreply.github.com>
Co-authored-by: Lucas Fernandes Nogueira <lucas@tauri.studio>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Elvinas Predkelis <elvinas.predkelis@gmail.com>
Co-authored-by: edgex004 <edgex004@gmail.com>
Co-authored-by: Barry Simons <linuxuser586@gmail.com>
Co-authored-by: Kris Scott <kscott91@gmail.com>
Co-authored-by: grey4owl <66082492+grey4owl@users.noreply.github.com>
Co-authored-by: cybai <cyb.ai.815@gmail.com>
Co-authored-by: Lucas Nogueira <lucasfernandesnog@gmail.com>
Co-authored-by: Robert Buchanan <robbie.buchanan@ioneyed.com>
Co-authored-by: Kasper <kasperkh.kh@gmail.com>
Co-authored-by: Manuel Quarneti <manuelquarneti@gmail.com>
Co-authored-by: Stef Kors <stef.kors@gmail.com>
Co-authored-by: David D <1168397+davedbase@users.noreply.github.com>
Co-authored-by: Adilson Schmitt Junior <adilsonschj@gmail.com>
Co-authored-by: Bill Avery <wravery@users.noreply.github.com>
Co-authored-by: Julien Kauffmann <90217528+jkauffmann-legion@users.noreply.github.com>
Co-authored-by: Andrea Giammarchi <andrea.giammarchi@gmail.com>
Co-authored-by: ThisSeanZhang <46880100+ThisSeanZhang@users.noreply.github.com>
Co-authored-by: Jonas Kruckenberg <iterpre@protonmail.com>
* Revert "chore(deps) Update dependency @types/imagemin to v8 (#2635 )"
This reverts commit c0285e873d
2022-01-09 16:30:14 -03:00
Lucas Nogueira
24fa21c9b7
fix: build with all features
2022-01-09 16:29:56 -03:00
Lucas Fernandes Nogueira
4d89f60d77
refactor(core): prevent path traversal [TRI-012] ( #35 )
2022-01-09 16:28:56 -03:00
Lucas Fernandes Nogueira
d4db95e716
feat(core): shell execute API scope [TRI-002] ( #36 )
...
* feat(core): shell execute API scope [TRI-002]
* fix tests
* also check with empty extension
* lockfile
2022-01-09 16:28:22 -03:00
Lucas Nogueira
eae311e6e2
fix(core): ipc and tests
2022-01-09 16:27:57 -03:00
Lucas Nogueira
766c4f2c57
refactor: unify fs read and write cmds for binary/text data [TRI-009] ( #34 )
2022-01-09 16:24:44 -03:00
Lucas Fernandes Nogueira
bf5667f21c
fix(core): resolve symbolic links on current_exe calls [TRI-048] ( #33 )
2022-01-09 16:21:21 -03:00
Ngo Iok Ui (Wu Yu Wei)
804a8b53da
Add note about local storage on stronghold plugin ( #32 )
2022-01-09 16:21:10 -03:00
Lucas Fernandes Nogueira
6ad702920f
feat(core): allowlist tests [TRI-028] ( #28 )
2022-01-09 16:20:55 -03:00
chip
fa21fe9ca6
fix typo in current_binary docs ( #31 )
2022-01-09 16:20:48 -03:00
chip
5f3487d0c4
Resolve symlinks during tauri::api::process::current_binary [TRI-047] ( #29 )
...
* create integration test for tauri process restart
most notably, this integration test is entirely self-contained and
should successfully run with a regular `cargo test`.
* cargo fmt
* canonicalize the current_binary path to resolve links
* add licensing metadata to restart test cargo project
* remove use statements for simpler restart test binary code
* allow windows to fail creating the symlink due to permissions
* provide an overload of information on current_binary
* add nested symlinking to the restart test
* user -> attacker
* grammar (i think)
2022-01-09 16:20:32 -03:00
Lucas Nogueira
6feb5a0c50
refactor(core): api feature flags, documentation ( #26 )
2022-01-09 16:20:13 -03:00
Lucas Fernandes Nogueira
85df94f2b0
feat(core): config for fixed webview2 runtime version path ( #27 )
2022-01-09 16:16:45 -03:00
Lucas Nogueira
a62faf2085
fix(covector): remove empty change file
2022-01-09 16:16:36 -03:00
Lucas Fernandes Nogueira
0ad1c6515f
feat(core): add http allowlist scope [TRI-008] ( #24 )
2022-01-09 16:16:12 -03:00
Lucas Nogueira
239bba5666
refactor(core): check notification permission on the Rust endpoint [TRI-017] ( #23 )
2022-01-09 16:15:47 -03:00
Lucas Nogueira
a48b8b18d4
feat(core): validate callbacks and event names [TRI-038] [TRI-020] ( #21 )
2022-01-09 16:12:29 -03:00
Lucas Nogueira
2f3a582c69
feat(cli.rs): strip release binaries [TRI-031] ( #22 )
2022-01-09 15:46:43 -03:00
Lucas Nogueira
153a6a44b3
fix(cli.rs): build on windows
2022-01-09 15:41:51 -03:00
Lucas Nogueira
5687b7fdcd
refactor: use macros to match core commands with allowlist conditionals [TRI-028] ( #20 )
2022-01-09 15:41:28 -03:00
Lucas Nogueira
828b9ee54c
fix: build failing on env validation on windows/macos
2022-01-09 15:20:14 -03:00
Lucas Nogueira
ae60a6e892
fix: use default values for scopes on serde
2022-01-09 15:19:08 -03:00
Lucas Nogueira
4fa5ec9606
chore: cleanup repo lockfiles and gitignores
2022-01-09 15:18:14 -03:00
Lucas Nogueira
9b4c47c4f8
refactor(build): use cargo_toml instead of toml_edit for perf [TRI-023]
2022-01-09 14:59:06 -03:00
Lucas Nogueira
63921fada4
refactor: change tauri::api::open with argument to an enum [TRI-022] ( #19 )
2022-01-09 14:58:38 -03:00
Lucas Fernandes Nogueira
eed017287f
feat(core): add shell > sidecar allowlist and process feature flag [TRI-037] ( #18 )
2022-01-09 14:57:43 -03:00
Lucas Fernandes Nogueira
6fbd6dba52
feat(core): validate AppImage execution when env vars are set [TRI-041] ( #17 )
2022-01-09 14:57:29 -03:00
Lucas Nogueira
8259cd64c2
feat(core): inject CSP on data URLs [TRI-049] ( #16 )
2022-01-09 14:57:12 -03:00
Lucas Fernandes Nogueira
d4017d505c
chore: remove eprintln! usage on release [TRI-051] ( #15 )
2022-01-09 14:49:17 -03:00
Lucas Nogueira
d660cab38d
feat: enhance allowlist configuration [TRI-027] ( #11 )
2022-01-09 14:48:55 -03:00
Lucas Nogueira
2a7bf6d912
refactor(examples): improve security when rendering HTML strings [TRI-003] ( #14 )
2022-01-09 14:35:30 -03:00
Lucas Fernandes Nogueira
680554de3e
feat: validate window label [TRI-021] ( #13 )
2022-01-09 14:30:43 -03:00
Lucas Fernandes Nogueira
d42ccfb34f
feat: add clipboard flag to WebviewAttributes [TRI-032] ( #12 )
2022-01-09 14:30:31 -03:00
Lucas Nogueira
7920ff14e6
feat: scope the fs API and the asset protocol [TRI-026] [TRI-010] [TRI-011] ( #10 )
2022-01-09 14:30:04 -03:00
Lucas Nogueira
3420aa5031
refactor: IPC handler [TRI-019] ( #9 )
...
Co-authored-by: Lucas Nogueira <lucas@tauri.studio>
2022-01-09 14:17:29 -03:00
