Windows tauri build fixes#10
Open
ManahilAlam wants to merge 5 commits into
Open
Conversation
Baseline commit of the project as extracted from zip, plus fixes made this session to get it compiling on Windows with Tauri v2 / current Rust stable, and two security fixes from a follow-up review: - Fix 9 compile errors across p2p.rs, stack.rs, cloud.rs, config.rs (borrow/type errors from Tokio, tokio::process::Child::id() typing, a dangling-temporary borrow, missing sha2::Digest import, and a Borrow<str> mismatch on Map::get_mut). - p2p.rs/sandbox.rs: derive the DHT keypair from the persisted per-instance identity instead of a fresh random keypair on every launch, so node identity (and domain ownership) survives restarts. - git.rs/github.rs: stop embedding the GitHub token in the clone URL (which persisted it in plaintext into .git/config); pass it via an in-memory git2 credential callback instead. Co-Authored-By: Claude Sonnet 5 <noreply@anthropic.com>
# Conflicts: # README.md # ROADMAP.md # packaging/wsl/Dockerfile # packaging/wsl/build-wsl-distro.sh # packaging/wsl/dweb-wsl-rootfs.tar.gz # packaging/wsl/import-dweb-wsl.ps1 # packaging/wsl/install.sh # src-tauri/src/cloud.rs # src-tauri/src/config.rs # src-tauri/src/git.rs # src-tauri/src/github.rs # src-tauri/src/p2p.rs # src-tauri/src/sandbox.rs # src-tauri/src/stack.rs # start-server.sh
Documents the 9 compile errors fixed to build on Windows with Tauri v2 and current Rust stable, plus two follow-up fixes: persistent P2P node identity (was re-randomized every launch) and a GitHub token that was leaking into .git/config in plaintext during repo import. Co-Authored-By: Claude Sonnet 5 <noreply@anthropic.com>
Rewritten for a reader without Rust/project background — each fix now has a plain-English "what was broken" explanation, a one-sentence summary, and (for the two security fixes) how the fix was verified. Co-Authored-By: Claude Sonnet 5 <noreply@anthropic.com>
.claude/settings.local.json and .claude/scheduled_tasks.lock are local session state (file paths, session IDs) that got swept in by an overly-broad `git add .` on the initial checkpoint commit. They aren't part of the project and shouldn't be shared in the PR. Co-Authored-By: Claude Sonnet 5 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Fixes the Windows build for Tauri v2 with current Rust stable — the project
did not compile at all before this PR (9 compile errors across 4 files).
Also includes two follow-up fixes found during a post-build review: the P2P
node identity was being regenerated randomly on every launch instead of
persisting, and a GitHub OAuth token was leaking into
.git/configinplaintext when importing a repo.
Full before/after breakdown of every fix, with plain-English explanations,
is in
FIXES.mdin this branch.Related Issue
N/A — not tied to an existing filed issue; found by attempting a clean
Windows build from the current
main.Type of Change
Testing
npm run buildand the build succeeds (also verifiedcargo check/cargo buildon the Rust side, since that's where all 9 errors were)npm testand all tests pass — not re-run for this PR (frontend was untouched; changes are backend-only)How each fix was verified:
cargo checkandcargo buildboth went from failing to a clean, zero-error build; the built binary (dweb.exe) launches and the window opens and stays stable.identity.jsonwas byte-for-byte identical before and after (previously it would regenerate every launch).git2's in-memory credential callback, never concatenated into the remote URL that gets persisted to.git/config.Screenshots / Videos
N/A — backend-only changes, no UI changes.
Checklist
CLAUDE.md)FIXES.md)CLAUDE.md)Security Considerations
Additional Notes
Two things worth flagging for maintainers, not blocking this PR:
config.rshas a credential-encryption code path gated behind a Cargofeature (
encryption) that doesn't actually exist inCargo.toml, so itsilently always compiles to the plaintext no-op branch — AI provider API
keys are currently stored unencrypted in
config.json. Didn't fix thishere since it's a separate, larger change; happy to open a follow-up PR.
src-tauri/) yet — allverification above was manual (
cargo check/build+ live app testing).