After running the migrate tool (via `bun run tauri migrate`) at the end of the guide, I needed to do the following things to get complete it migration.
- the migrate tool ran rust format on my backend code - which I was not using at that point
- and it changed my preferred to 2 spaces to 4, so I joined the rustfmt bandwagon and created a config file with my preferred settings
- run `cargo update` to get the new package versions
- modify `tauri.conf.json` as the structure changed, eg. `fileDropEnabled` -> `dragDropEnabled`
- change some imports, as the functions from client api were moved, this was straightforward
- add the plugins `updater` and `dialog` as that functionality has moved from the core to plugins
- change the code that handles the auto-updating, as the api changed as well, but for the better
- the only thing that tripped me up, was that re-building the project didnt't work due to an colliding filename error, but I found a closed issue at their https://github.com/tauri-apps/tauri/issues/10192 which pointed me towards removing `rlib` from the crate-type, which solved that issue.
All in all quite a smooth experience, was done in an 1-2 hours or something, not sure.
Using passkeys as an additional login method I can understand, but I have a problem that I don't know how to solve:
How can I guard against losing permanent access to my github account?
Until know I have memorized a very long and random password, that I sometimes type in to keep it in memory. In case of a fire or some similar event in which I would lose my stuff (like devices recovery codes) I'd have no issue, but with the upcoming requirement on github which enforces 2-factor authentication I don't know how I would be able to get access to my account?
Given GitHubs policy of "no account recovery if you lose 2FA, ever, if you screw up you lose that account forever", lockout seems a bigger threat than takeover. Luckily, Github lets you add SMS 2FA. That isn't secure, but at least you should be able to get access to your phone number in case of a disaster.
A TOTP seed backed up (on paper only) in multiple locations is also a good fallback.
I agree - at least for me, the lockout scenario seems more likely.
The SMS 2FA is great point!
Until now I was able to not hand out my number to bigtech, eg. for Chatgpt I bought an new SIM card with a 5 EUR deposit that I just used for the registration process, but those cards expire after a couple of months if you don't use them. Guess I have to give out cellphone number after all...
Printing out the TOTP seed and hiding the paper in multiple locations sounds somewhat wrong to me.
Maybe the TOTP seed will be my new, even longer password to remember j/k
Hmm, but if you would cryptographically hide it in publicly available data, it would be easy to recover.
Thank you for the answer! I don't want to use a cloud service for sync, I will take a look if an opensource solution has a direct device to device sync, I haven't thought about that. I will also checkout the yubikey bio - I guess as it's hardware so no pesky account cloud connected? Thanks for the ideas!
Hah, when I followed a link and after having read a tweet, my muscle memory actually took over and I clicked the x automatically. It took me a second to recognize why I was feeling surprised.
After running the migrate tool (via `bun run tauri migrate`) at the end of the guide, I needed to do the following things to get complete it migration.
- the migrate tool ran rust format on my backend code - which I was not using at that point - and it changed my preferred to 2 spaces to 4, so I joined the rustfmt bandwagon and created a config file with my preferred settings
- run `cargo update` to get the new package versions
- modify `tauri.conf.json` as the structure changed, eg. `fileDropEnabled` -> `dragDropEnabled`
- change some imports, as the functions from client api were moved, this was straightforward
- add the plugins `updater` and `dialog` as that functionality has moved from the core to plugins
- change the code that handles the auto-updating, as the api changed as well, but for the better
- the only thing that tripped me up, was that re-building the project didnt't work due to an colliding filename error, but I found a closed issue at their https://github.com/tauri-apps/tauri/issues/10192 which pointed me towards removing `rlib` from the crate-type, which solved that issue.
All in all quite a smooth experience, was done in an 1-2 hours or something, not sure.