electron-updater
Advanced tools
Comparing version 5.0.0-alpha.0 to 5.0.0-alpha.1
@@ -41,2 +41,11 @@ /// <reference types="node" /> | ||
/** | ||
* Web installer files might not have signature verification, this switch prevents to load them unless it is needed. | ||
* | ||
* Currently false to prevent breaking the current API, but it should be changed to default true at some point that | ||
* breaking changes are allowed. | ||
* | ||
* @default false | ||
*/ | ||
disableWebInstaller: boolean; | ||
/** | ||
* The current application version. | ||
@@ -138,2 +147,3 @@ */ | ||
readonly cancellationToken: CancellationToken; | ||
readonly disableWebInstaller?: boolean; | ||
} | ||
@@ -140,0 +150,0 @@ /** @private */ |
@@ -49,2 +49,11 @@ "use strict"; | ||
this.allowDowngrade = false; | ||
/** | ||
* Web installer files might not have signature verification, this switch prevents to load them unless it is needed. | ||
* | ||
* Currently false to prevent breaking the current API, but it should be changed to default true at some point that | ||
* breaking changes are allowed. | ||
* | ||
* @default false | ||
*/ | ||
this.disableWebInstaller = false; | ||
this._channel = null; | ||
@@ -371,2 +380,3 @@ this.downloadedUpdateHelper = null; | ||
cancellationToken, | ||
disableWebInstaller: this.disableWebInstaller, | ||
}).catch(e => { | ||
@@ -373,0 +383,0 @@ throw errorHandler(e); |
@@ -32,2 +32,8 @@ "use strict"; | ||
const isWebInstaller = packageInfo != null && packageFile != null; | ||
if (isWebInstaller && downloadUpdateOptions.disableWebInstaller) { | ||
throw builder_util_runtime_1.newError(`Unable to download new version ${downloadUpdateOptions.updateInfoAndProvider.info.version}. Web Installers are disabled`, "ERR_UPDATER_WEB_INSTALLER_DISABLED"); | ||
} | ||
if (!isWebInstaller && !downloadUpdateOptions.disableWebInstaller) { | ||
this._logger.warn("disableWebInstaller is set to false, you should set it to true if you do not plan on using a web installer. This will default to true in a future version."); | ||
} | ||
if (isWebInstaller || (await this.differentialDownloadInstaller(fileInfo, downloadUpdateOptions, destinationFile, provider))) { | ||
@@ -34,0 +40,0 @@ await this.httpExecutor.download(fileInfo.url, destinationFile, downloadOptions); |
@@ -52,6 +52,21 @@ "use strict"; | ||
if (data.Status === 0) { | ||
const name = builder_util_runtime_1.parseDn(data.SignerCertificate.Subject).get("CN"); | ||
if (publisherNames.includes(name)) { | ||
resolve(null); | ||
return; | ||
const subject = builder_util_runtime_1.parseDn(data.SignerCertificate.Subject); | ||
let match = false; | ||
for (const name of publisherNames) { | ||
const dn = builder_util_runtime_1.parseDn(name); | ||
if (dn.size) { | ||
// if we have a full DN, compare all values | ||
const allKeys = Array.from(dn.keys()); | ||
match = allKeys.every(key => { | ||
return dn.get(key) === subject.get(key); | ||
}); | ||
} | ||
else if (name === subject.get("CN")) { | ||
logger.warn(`Signature validated using only CN ${name}. Please add your full Distinguished Name (DN) to publisherNames configuration`); | ||
match = true; | ||
} | ||
if (match) { | ||
resolve(null); | ||
return; | ||
} | ||
} | ||
@@ -58,0 +73,0 @@ } |
{ | ||
"name": "electron-updater", | ||
"version": "5.0.0-alpha.0", | ||
"version": "5.0.0-alpha.1", | ||
"description": "Cross platform updater for electron applications", | ||
@@ -5,0 +5,0 @@ "main": "out/main.js", |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
411030
3752