FIND-20260328-007 · 2026-03-28 · Innovation Veille

Tauri CLI 2.10.1 — updater signing fix for keys generated between v2.9.3 and v2.10.0

release MEDIUM
Tauri CLI 2.10.1 was released March 4, 2026, fixing a critical updater signing regression: private keys generated by `tauri signer generate` with empty passwords between versions 2.9.3 and 2.10.0 are non-functional and must be regenerated. The release also adds comma-separated cargo feature support and fixes missing cargo arguments for mobile commands. The last known version was 2.10.3, confirming this is an older patch release already superseded.

Source

https://github.com/tauri-apps/tauri/releases/tag/tauri-cli-v2.10.1

ODS Impact

ODS uses Tauri 2 for the DocSign desktop application (Rust backend + React frontend). If DocSign's updater signing keys were generated during the affected window (between Tauri CLI 2.9.3 and 2.10.0), those keys are non-functional and auto-update will silently fail. Verify the key generation date in the DocSign project. Current last-versions.json shows tauri 2.10.3 — confirm DocSign is on the latest CLI version.

Security Review

License: MIT OR Apache-2.0 | Maintenance: ACTIVE | Risk: LOW | Recommendation: SAFE_TO_USE

Tags

tauri rust desktop docsign updater release signing
Generated by ODS Innovation Veille · 2026-03-28T07:06:52+00:00