deblan-mirror/wails
1
0
Fork 0
mirror of https://github.com/wailsapp/wails.git synced 2026-03-14 14:45:49 +01:00
Code Issues Projects Releases Packages Wiki Activity
wails/v3
History
Lea Anthony 228e5745d7 fix(security): address multiple security vulnerabilities 
This commit bundles fixes for several security issues identified by
GitHub Advanced Security and Semgrep code scanning.

## Workflow Permissions (CodeQL)
- Add explicit permissions blocks to GitHub Actions workflows
- Restrict GITHUB_TOKEN to minimum required permissions
- Affected files: automated-releases.yml, build-and-test-v3.yml,
  publish-npm.yml, test-simple.yml

## Path Traversal (CodeQL)
- Fix directory traversal vulnerability in screen example
- Add path validation using filepath.Clean and containment checks
- Affected file: v3/examples/screen/main.go

## Rollup XSS Vulnerability (Semgrep)
- Update rollup from 3.28.0 to 3.29.5
- Fixes CVE-2024-47068 (Cross-site Scripting)
- Affected file: v3/examples/dev/frontend/package-lock.json

Note: The setup wizard command injection alert was reviewed and determined
to be a false positive - commands originate from backend package manager
detection, not user input. Added clarifying documentation.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-22 06:29:23 +11:00
..
cmd/wails3 chore: disable setup wizard from CLI 2025-12-14 07:23:49 +11:00
examples fix(security): address multiple security vulnerabilities 2026-01-22 06:29:23 +11:00
internal fix(security): address multiple security vulnerabilities 2026-01-22 06:29:23 +11:00
pkg fix(windows): skip DPI awareness API call when already set via manifest (#4811) 2026-01-21 19:23:56 +11:00
scripts Add clean v3 changelog validation workflow with external Go script 2025-07-13 10:33:00 +10:00
tasks feat: adapt iOS and Android message processors to RuntimeRequest transport 2025-12-10 21:27:04 +11:00
test fix: prevent window menu crash on Wayland (#4769) (#4770) 2025-12-12 17:59:47 +11:00
test-assets Merge iOS support from v3-alpha-feature/ios-support 2025-12-10 18:34:21 +11:00
tests/window-visibility-test feat(linux): generate .desktop file during build (#4575) (#4780) 2025-12-13 12:22:59 +11:00
wep [WEP] Customise Window Titlebars (#3508) 2024-06-08 13:42:27 +10:00
.gitignore Merge iOS support from v3-alpha-feature/ios-support 2025-12-10 18:34:21 +11:00
.prettierignore chore: add Prettier as format tool (#2689) 2023-05-30 07:40:54 +10:00
.prettierrc.yml chore: add Prettier as format tool (#2689) 2023-05-30 07:40:54 +10:00
ANDROID_ARCHITECTURE.md feat: Add Android support for Wails v3 2025-11-28 21:06:59 +11:00
build_ios.sh Merge iOS support from v3-alpha-feature/ios-support 2025-12-10 18:34:21 +11:00
fix-darwin-ios-constraints.sh Merge iOS support from v3-alpha-feature/ios-support 2025-12-10 18:34:21 +11:00
go.mod fix(v3): revert goccy/go-json to stdlib encoding/json to fix Windows panic (#4859) 2026-01-05 08:26:35 +11:00
go.sum fix(v3): revert goccy/go-json to stdlib encoding/json to fix Windows panic (#4859) 2026-01-05 08:26:35 +11:00
IOS_ARCHITECTURE.md Merge iOS support from v3-alpha-feature/ios-support 2025-12-10 18:34:21 +11:00
IOS_FEATURES_TODO.md Merge iOS support from v3-alpha-feature/ios-support 2025-12-10 18:34:21 +11:00
IOS_RUNTIME.md Merge iOS support from v3-alpha-feature/ios-support 2025-12-10 18:34:21 +11:00
old Merge iOS support from v3-alpha-feature/ios-support 2025-12-10 18:34:21 +11:00
README.md Update doc dependencies 2023-09-08 10:57:47 +10:00
release-notes.txt v3.0.0-alpha.26 2025-08-24 02:40:05 +00:00
release_notes.md v3.0.0-alpha.26 2025-08-24 02:40:05 +00:00
Taskfile.yaml fix(v3): overhaul drag-and-drop for Linux reliability and simplify Windows implementation (#4848) 2026-01-04 11:08:29 +11:00
test-ios-compilation.go Merge iOS support from v3-alpha-feature/ios-support 2025-12-10 18:34:21 +11:00
test-new-ios-build.sh Merge iOS support from v3-alpha-feature/ios-support 2025-12-10 18:34:21 +11:00
TESTING.md feat: Complete App API restructuring with organized manager pattern (#4359) 2025-06-21 19:51:14 +10:00
UNRELEASED_CHANGELOG.md fix(security): address multiple security vulnerabilities 2026-01-22 06:29:23 +11:00
verify-ios-setup.sh Merge iOS support from v3-alpha-feature/ios-support 2025-12-10 18:34:21 +11:00

README.md

v3 Alpha

Thanks for wanting to help out with testing/developing Wails v3! This guide will help you get started.

Getting Started

All the instructions for getting started are in the v3 documentation directory: mkdocs-website. Please read the README.md file in that directory for more information.