Is the firewall prompt on every update still an issue?

[rzfzr]

Squirrel version(s) "electron-builder-squirrel-windows": "^23.1.0", "electron-squirrel-startup": "^1.0.0",

Description I switched to squirrel in order to use electron's autoUpdater, however the firewall exception prompt at every single update is an issue.

Reading this (#1045) gives me the impression that it should be solved...

The security alert is for the \local\app\app-0.0.0.X\app.exe , not for the \local\app\app.exe, as you can see in the image:

Application signing would solve this? Or is #951 our best solution at the moment?

It would being able to trust either the author or the root directory.

Related: #951, #868, #1052, #798

[caesay]

Firewall prompts (and many other problems) are still present in Squirrel.Windows due to the app exe moving between versions. Windows was not designed for apps to run this way. In Clowd.Squirrel, a fork, this has been solved by having the app run from a current directory similar to #951, however in the fork we have handled many complex edge cases. It was a lot of work! This change is currently available in v3 which is a pre-release. See here for more info: https://github.com/clowd/Clowd.Squirrel/issues/24

I see you're also using electron, and there has been some effort to build a Clowd.Squirrel electron forge maker which supports the fork so electron users can also switch over easily. Although I wouldn't say it's ready to use yet, within a couple of months v3 and the maker should be ready for production apps.

[rzfzr]

Thanks for the help, maker-clowd.squirrel looks interesting, I'll give a try soon as my options are running out.

For anybody else reading, pre-allowing the root directory in firewall is not an option.

I'll just try enabling the used ports next

[rzfzr]

Ok, I just found out that I can disallow access or neglect the prompt, it makes no difference to my app, all network functions as usual, autoUpdate works well too, if I could just not trigger the prompt, that'd be great for me

[anaisbetts]

@rzfzr If you don't want to trigger the prompt, only open the socket on localhost instead of 0.0.0.0. The prompt is triggered by opening incoming ports on a non-localhost network interface

[fredluetkemeier]

@anaisbetts Is this configurable? If so, where? I'm using @electron-forge/maker-squirrel and don't see the option to change this.

[rzfzr]

@fredluetkemeier I believe she means whenever you do open a socket or your app code, if you don't then you shouldn't get the prompt(?) Either way I do need access for outside localhost ips...