release: v1.4.3 — Windows fixes, USB troubleshooter, clearHalt fix, swaps always-on#232
Merged
Conversation
v1.4.2 published as prerelease.
…sh (#226) Two fixes for building the Windows release from a clean machine: 1. build-windows-production.ps1 prepends %ProgramFiles%\Git\usr\bin to PATH so the electrobun bootstrap's "tar --force-local -xzf" resolves to GNU tar instead of System32 bsdtar. The --force-local flag is added on Windows by patch-electrobun.sh so tar does not treat the "C:" in the cache path as a remote host; bsdtar rejects that flag ("Option --force-local is not supported") and aborts the build. The dir contains no link.exe/cl.exe, so MSVC native builds (usb, node-hid, cargo C deps) are unaffected. 2. .gitattributes marks *.sh as eol=lf. With core.autocrlf=true (common on Windows clones) and no rule, shell scripts arrived as CRLF, which breaks bash parsing and fails the Windows preflight check (scripts/preflight-windows.ps1).
#228) * fix(windows): force per-user install so the app launches without admin The bundled Bun runtime opens its own program files with a write-class right (FILE_WRITE_ATTRIBUTES) even for read-only reads. On the standard read-only Program Files ACL (Users:(RX)), a normal non-elevated (medium-integrity) process is denied that right, so bun fails with "EPERM reading ...\Resources\main.js", the backend Worker never starts, and the app hangs on the splash forever. An elevated/admin token has full control over the files, so it only reproduces for a NON-elevated launch of an "all users" (Program Files) install -- which is why it looked like a Win10-vs-Win11 or 1.4.0-vs-1.4.2 issue when it was really an install-location issue (per-user LOCALAPPDATA works; Program Files breaks). installer.iss used DefaultDirName={autopf} + PrivilegesRequiredOverrides Allowed=dialog, so choosing "Install for all users" (or running setup as administrator) placed the app in read-only Program Files and broke every normal double-click. Force a per-user install instead: - DefaultDirName -> {localappdata}\Programs\KeepKeyVault (user-writable, so bun's FILE_WRITE_ATTRIBUTES open succeeds at medium integrity) - remove PrivilegesRequiredOverridesAllowed (no "all users" option; setup never requests elevation) - [Code] guard: reject a Program Files install target and warn about a pre-existing system-wide install that needs removing Verified on Windows 11: the same app bundle launches via a normal double-click (medium integrity) from %LOCALAPPDATA%\Programs\KeepKeyVault, while the identical files under C:\Program Files fail with EPERM. ISCC compiles the updated script cleanly. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * fix(windows): suppress installer prompts on /SILENT so unattended installs don't hang WizardSilent guards on InitializeSetup + NextButtonClick MsgBox -- /SUPPRESSMSGBOXES does not suppress [Code] MsgBox. A Program Files target is still rejected silently. --------- Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Swaps are now on for everyone, always. Removes the swapsEnabled opt-in flag end to end: - Backend: drop the swapsEnabled var, its persisted setting, the setSwapsEnabled RPC, and the !swapsEnabled gates on every swap handler (deviceSwapAssets, getSwappableChainIds, searchSwapAssets, lookupTokenContract, getSwapQuote, executeSwap, getPendingSwaps, previewSwapBuild). Swap tracker now always initializes on boot. - Shared types/RPC schema: drop swapsEnabled from AppSettings and the setSwapsEnabled request. - Frontend: remove the Settings toggle + handler, and the swapsEnabled gating in App and AssetPage. The Swap action still shows only for chains Pioneer reports as swappable. Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
) Adds a read-only USB diagnostic the user can run from the 'Searching for KeepKey' splash on Windows when a connected device isn't detected (WinUSB not bound). It classifies the likely cause (timing race / poisoned osvc cache / conflicting driver / not-present) and produces a copy-ready report plus a link to support.keepkey.com. - src/bun/windows-usb-probe.ts: read-only PowerShell (Get-PnpDevice presence, bound service, osvc UsbFlags cache) + libusb visibility; never throws; collects no wallet data, serials, labels, xpubs, or addresses. - runUsbDiagnostic RPC + handler (win32-gated inside the probe). - WindowsUsbTroubleshooter.tsx: subtle 'Trouble connecting? Run diagnostics' link → results card with Copy report + Contact support (mirrors LinuxUdevWarning). - Shown only on Windows when state==='disconnected'. v1 = copy-to-clipboard + support link; deeper support-ticket integration is a follow-up. The dead-backend pre-load message is tracked separately.
…udit & fix plans (#227) * docs(windows): add Windows USB connection audit + app/firmware fix plans Planning docs for the Windows "device not detected" USB reports: Windows enumerates the device (the connection chime plays) but the app never sees it because WinUSB is not bound, so it is invisible to libusb / the usb package. Docs only. - WINDOWS-USB-AUDIT.md: root-cause analysis ranking 3 causes (WinUSB binding timing race, poisoned MS OS 1.0 osvc cache, conflicting driver) with a read-only PowerShell diagnostic to confirm which dominates. - WINDOWS-USB-FIX-PLAN.md: 10 app-side fixes, phased by ROI vs the symptom. - WINDOWS-USB-FIRMWARE-PLAN.md: 5 firmware fixes; bcdDevice-from-version makes a flash self-heal poisoned machines. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * fix(windows): re-probe USB after attach so slow WinUSB binds are detected On Windows, WinUSB can take longer than ATTACH_DELAY_MS to bind interface 0 of the composite device (behind a hub/dock), during which the device is invisible to libusb. The single post-attach syncState() then sees nothing, lands in the disconnected branch with no lastError, and never re-probes (scheduleRetry only arms on connected_unpaired + lastError) -- so the device is never detected until the app restarts. Matches the reported "chime plays but app doesn't detect" symptom on fresh installs / hubs/docks. Add a bounded discovery poll (1.5s x ~18s) that re-runs syncState() after attach and at startup-with-no-device, self-stopping on pair or after the grace window. Mirrors the existing startRebootPoll() pattern; purely additive (new fields + two methods + call sites, nothing removed). See docs/WINDOWS-USB-AUDIT.md (Cause A) and docs/WINDOWS-USB-FIX-PLAN.md (FIX-1). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> * fix(windows): gate discovery poll to win32 + stop on detach; correct LONG_TIMEOUT doc - startDiscoveryPoll() returns early off-Windows (the WinUSB binding race it works around does not exist on macOS/Linux; avoids ~18s redundant enumeration at startup) - detach handler now stops the poll instead of re-probing an absent device - WINDOWS-USB-FIX-PLAN.md FIX-3: LONG_TIMEOUT is 5 min, not ~90s --------- Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…ster) (#231) Picks up keepkey/hdwallet master: - #45 fix(keepkey-webusb): clearHalt the IN pipe on a stalled read, not OUT - #46 fix(lint): make master lint-clean (zcash, hive, keepkey) clearHalt is the only functional change (the rest is formatting); no hdwallet API change, so no vault code change is needed. Run `make modules-build` after pulling.
The donut read small in the ~62vh chart area. Bump fills the space; hover (315px) still fits both the all-chains (62vh) and drilled (380px) containers.
…ngR 0.46->0.322) Applies to both the all-chains OrbitalView and the drilled ChainDetailOrbital so the two stay consistent. Satellites stay on the dashed ring; center total is unchanged and the tighter orbit clears it with room to spare.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
release: v1.4.3
Brings master in line with the published release: https://github.com/keepkey/keepkey-vault/releases/tag/v1.4.3 (prerelease).
Merged back to develop in
541c6ec8(Merge branch 'release/1.4.3' into develop).Included since 1.4.2
Windows
.shUSB transport
modules/hdwallettoc5a4d79b(hdwallet fix: Windows release 1.2.6 — root cause fix for silent launch failure #45: clearHalt the IN pipe on a stalled read, not OUT; + perf: lazy-load pioneer-client — cut Windows first-launch by ~15s #46 lint-clean master)App
Verification
release/1.4.3(Linux + macOS)SHA256SUMS.txtregenerated from on-wire bytesWindows
win-x64-setup.exeis added separately by the Windows build box.