mirror of
https://github.com/outbackdingo/firezone.git
synced 2026-01-27 18:18:55 +00:00
c5deb7a839
Bumps the npm_and_yarn group in /rust/gui-client with 1 update: [@eslint/plugin-kit](https://github.com/eslint/rewrite/tree/HEAD/packages/plugin-kit). Updates `@eslint/plugin-kit` from 0.3.3 to 0.3.4 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/eslint/rewrite/releases"><code>@eslint/plugin-kit</code>'s releases</a>.</em></p> <blockquote> <h2>plugin-kit: v0.3.4</h2> <h2><a href="https://github.com/eslint/rewrite/compare/plugin-kit-v0.3.3...plugin-kit-v0.3.4">0.3.4</a> (2025-07-21)</h2> <h3>Bug Fixes</h3> <ul> <li>potential quadratic runtime in regular expression (<a href="https://redirect.github.com/eslint/rewrite/issues/240">#240</a>) (<a href="b283f64099">b283f64</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/eslint/rewrite/blob/main/packages/plugin-kit/CHANGELOG.md"><code>@eslint/plugin-kit</code>'s changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/eslint/rewrite/compare/plugin-kit-v0.3.3...plugin-kit-v0.3.4">0.3.4</a> (2025-07-21)</h2> <h3>Bug Fixes</h3> <ul> <li>potential quadratic runtime in regular expression (<a href="https://redirect.github.com/eslint/rewrite/issues/240">#240</a>) (<a href="b283f64099">b283f64</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="380c224871"><code>380c224</code></a> chore: release main (<a href="https://github.com/eslint/rewrite/tree/HEAD/packages/plugin-kit/issues/242">#242</a>)</li> <li><a href="17276ff19c"><code>17276ff</code></a> docs: Update README sponsors</li> <li><a href="b283f64099"><code>b283f64</code></a> fix: potential quadratic runtime in regular expression (<a href="https://github.com/eslint/rewrite/tree/HEAD/packages/plugin-kit/issues/240">#240</a>)</li> <li><a href="46cd5dab8f"><code>46cd5da</code></a> docs: Update README sponsors</li> <li><a href="9677965292"><code>9677965</code></a> docs: Update README sponsors</li> <li><a href="20799b5802"><code>20799b5</code></a> docs: Update README sponsors</li> <li>See full diff in <a href="https://github.com/eslint/rewrite/commits/plugin-kit-v0.3.4/packages/plugin-kit">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/firezone/firezone/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
gui-client
This crate houses a GUI client for Linux and Windows.
Setup (Ubuntu)
To compile natively for x86_64 Linux:
- Install rustup
- Install pnpm
sudo apt-get install build-essential curl file libayatana-appindicator3-dev librsvg2-dev libssl-dev libwebkit2gtk-4.1-dev libxdo-dev wget
Setup (Windows)
To compile natively for x86_64 Windows:
- Install rustup
- Install pnpm
Recommended IDE Setup
(From Tauri's default README)
Building
Builds are best started from the frontend tool pnpm. This ensures typescript
and css is compiled properly before bundling the application.
See the package.json script for more details as to what's
going on under the hood.
# Builds a release exe
pnpm build
# Linux:
# The release exe and deb package are up in the workspace.
stat ../target/release/firezone
stat ../target/release/bundle/deb/*.deb
# Windows:
# The release exe and MSI installer should be up in the workspace.
# The exe can run without being installed
stat ../target/release/Firezone.exe
stat ../target/release/bundle/msi/Firezone_0.0.0_x64_en-US.msi
Signing the Windows MSI in GitHub CI
The MSI is signed in GitHub CI using the firezone/firezone repository's
secrets. This was originally set up using these guides for inspiration:
- https://melatonin.dev/blog/how-to-code-sign-windows-installers-with-an-ev-cert-on-github-actions/
- https://support.globalsign.com/code-signing/code-signing-using-azure-key-vault
Renewing / issuing a new code signing certificate and associated Azure entities is outside the scope of this section. Use the guides above if this needs to be done.
Instead, you'll most likely simply need to rotate the Azure CodeSigning Application's client secret.
To do so, login to the Azure portal using your @firezoneprod.onmicrosoft.com account.
Try to access it via the following deep-link.
If that doesn't work:
- Go to the
Microsoft Entra IDservice - Click on
App Registrations - Make sure the tab
All applicationsis selected - Find and navigate to the
CodeSigningapp registration - Client on
client credentials - Click
New client secret - Note down the secret value. This should be entered into the GitHub repository's secrets as
AZURE_CLIENT_SECRET.
Running
From this dir:
# This will start the frontend tools in watch mode and then run `tauri dev`
pnpm dev
# You can call debug subcommands on the exe from this directory too
# e.g. this is equivalent to `cargo run -- debug hostname`
cargo tauri dev -- -- debug hostname
# The exe is up in the workspace
stat ../target/debug/Firezone.exe
The app's config and logs will be stored at
C:\Users\$USER\AppData\Local\dev.firezone.client.
Platform support
Ubuntu 22.04 and newer is supported.
Tauri says it should work on Windows 10, Version 1803 and up. Older versions may work if you manually install WebView2
x86_64 architecture is supported for Windows. aarch64 and x86_64 are supported for Linux.
Threat model
See Security