Auto Updating

[hacdias]

The new IPFS Desktop version must support seamless auto updating of itself and auto updating of its go-ipfs/js-ipfs binaries.

• Updating IPFS Desktop: we can use the instructions on Electron Builder's Auto Update page which can be easily integrted with GitHub releases.
• Updating Go IPFS/JS IPFS: maybe fetching some page to check if there is a newer version available and then downloading the binaries.
  • Should the initial IPFS Desktop binary contain a version already? Or should we download the binary the first time the app runs?

/cc @ipfs-shipyard/gui

[lidel]

we can use the instructions on Electron Builder's Auto Update page which can be easily integrated with GitHub releases.

I've been thinking about this a bit and for the first iteration we should be okay-ish with using a third party HTTP update tracker if we do our own, additional validation on top of what is provided there.

For example, before we execute downloaded update, we should verify its checksum against a checksum published at http://dist.ipfs.io and signed by a known, hardcoded in ipfs-desktop pgp pubkey, or a similar measure. Note: we don't have that yet: I created PR for adding checksum files in ipfs/distributions#199, we need to merge that and add PGP signing on top of that
(cc'd @ipfs-shipyard/dx if there are better ways than PGP i don't see)

Rationale: there is no canonical "code signing" body for Linux and we should not assume signing solutions provided by Apple or Microsoft are trustworthy: exhibit A, exhibit B 👌 🙃

In the future (or if above requires a lot of custom code), we should use IPFS itself for tracking updates. Given a determined adversary, HTTP servers are easy to censor and block security updates from reaching vulnerable users.

Should the initial IPFS Desktop binary contain a version already?
Or should we download the binary the first time the app runs?

I think user expects it to "just work" after install, so it would be a better UX to bundle it with ipfs-desktop.
That being said, it is not a deal breaker and the first iteration of revamp can download it on first install, but if we do that ipfs-desktop has to ship with a hardcoded checksum of go-ipfs binaries and verify it after download.

[hacdias]

Just as an update: According to Electron Build's Auto update page, they only support auto-update for these three formats (one for each major platform):

• macOS: DMG
• Linux: AppImage
• Windows: NSIS

[lidel]

Sounds reasonable: most of Linux distributions will want to maintain own package and install it via own package manager anyway.

[olizilla]

This was shipped in https://github.com/ipfs-shipyard/ipfs-desktop/releases/tag/v0.6.0

This is based just on github releases and does includes a sha512 integrity check...

version: 0.6.0
files:
  - url: ipfs-desktop-0.6.0-mac.zip
    sha512: NBp6fI+8BMfeeg3rzwcCd8zVTycyFDBfm7Wzq3WVyo967YDNL5b1kcA/9Ox8zx1RO3xyiszb5Pn4FxadwFyb0g==
    size: 93457203
    blockMapSize: 97257
  - url: ipfs-desktop-0.6.0.dmg
    sha512: X912w635b2X0bGfdIexxDbMdk+PytmevNlEcaxoBBJNogkIRTnnAgGb6xrk7jGQSoQqAGVW1FVPcNohSN8DpCw==
    size: 96554502
path: ipfs-desktop-0.6.0-mac.zip
sha512: NBp6fI+8BMfeeg3rzwcCd8zVTycyFDBfm7Wzq3WVyo967YDNL5b1kcA/9Ox8zx1RO3xyiszb5Pn4FxadwFyb0g==
releaseDate: '2018-12-21T11:31:10.205Z'

see: the latest-osx.ym file in https://github.com/ipfs-shipyard/ipfs-desktop/releases/tag/v0.6.0

@lidel could you raise a seperate issue for creating an independent IPFS based integrity check.

[hacdias]

@olizilla macOS auto updating won't work before #66

[hacdias]

Working on Windows

Exited the app and relaunched it and there was the new version 😄