From b079c2eadb398821b616b70280f3f66852ffc8aa Mon Sep 17 00:00:00 2001
From: Amr Bashir <amr.bashir2015@gmail.com>
Date: Sat, 17 Jun 2023 03:59:41 +0300
Subject: [PATCH 1/2] fix(core): fix `require_literal_leading_dot` flipped
 behavior

Regression introduced in: https://github.com/tauri-apps/tauri/pull/6969 see https://github.com/tauri-apps/tauri/pull/6969#discussion_r1232018347
---
 core/tauri-config-schema/schema.json | 2 +-
 core/tauri-utils/src/config.rs       | 2 +-
 core/tauri/src/scope/fs.rs           | 8 ++++----
 tooling/cli/schema.json              | 2 +-
 4 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/core/tauri-config-schema/schema.json b/core/tauri-config-schema/schema.json
index 4cf84884267..9eff6b9bfcb 100644
--- a/core/tauri-config-schema/schema.json
+++ b/core/tauri-config-schema/schema.json
@@ -2102,7 +2102,7 @@
               }
             },
             "requireLiteralLeadingDot": {
-              "description": "Whether or not paths that contain components that start with a `.` will require that `.` appears literally in the pattern; `*`, `?`, `**`, or `[...]` will not match. This is useful because such files are conventionally considered hidden on Unix systems and it might be desirable to skip them when listing files.\n\nDefaults to `false` on Unix systems and `true` on Windows",
+              "description": "Whether or not paths that contain components that start with a `.` will require that `.` appears literally in the pattern; `*`, `?`, `**`, or `[...]` will not match. This is useful because such files are conventionally considered hidden on Unix systems and it might be desirable to skip them when listing files.\n\nDefaults to `true` on Unix systems and `false` on Windows",
               "type": [
                 "boolean",
                 "null"
diff --git a/core/tauri-utils/src/config.rs b/core/tauri-utils/src/config.rs
index afff520a8ba..6dbe8f7279c 100644
--- a/core/tauri-utils/src/config.rs
+++ b/core/tauri-utils/src/config.rs
@@ -1329,7 +1329,7 @@ pub enum FsAllowlistScope {
     /// conventionally considered hidden on Unix systems and it might be
     /// desirable to skip them when listing files.
     ///
-    /// Defaults to `false` on Unix systems and `true` on Windows
+    /// Defaults to `true` on Unix systems and `false` on Windows
     // dotfiles are not supposed to be exposed by default on unix
     #[serde(alias = "require-literal-leading-dot")]
     require_literal_leading_dot: Option<bool>,
diff --git a/core/tauri/src/scope/fs.rs b/core/tauri/src/scope/fs.rs
index 1deccf4ccbf..52bf2d23e38 100644
--- a/core/tauri/src/scope/fs.rs
+++ b/core/tauri/src/scope/fs.rs
@@ -114,9 +114,9 @@ impl Scope {
       } => *require,
       // dotfiles are not supposed to be exposed by default on unix
       #[cfg(unix)]
-      _ => false,
-      #[cfg(windows)]
       _ => true,
+      #[cfg(windows)]
+      _ => false,
     };
 
     Ok(Self {
@@ -287,9 +287,9 @@ mod tests {
         require_literal_separator: true,
         // dotfiles are not supposed to be exposed by default on unix
         #[cfg(unix)]
-        require_literal_leading_dot: false,
-        #[cfg(windows)]
         require_literal_leading_dot: true,
+        #[cfg(windows)]
+        require_literal_leading_dot: false,
         ..Default::default()
       },
     }
diff --git a/tooling/cli/schema.json b/tooling/cli/schema.json
index 4cf84884267..9eff6b9bfcb 100644
--- a/tooling/cli/schema.json
+++ b/tooling/cli/schema.json
@@ -2102,7 +2102,7 @@
               }
             },
             "requireLiteralLeadingDot": {
-              "description": "Whether or not paths that contain components that start with a `.` will require that `.` appears literally in the pattern; `*`, `?`, `**`, or `[...]` will not match. This is useful because such files are conventionally considered hidden on Unix systems and it might be desirable to skip them when listing files.\n\nDefaults to `false` on Unix systems and `true` on Windows",
+              "description": "Whether or not paths that contain components that start with a `.` will require that `.` appears literally in the pattern; `*`, `?`, `**`, or `[...]` will not match. This is useful because such files are conventionally considered hidden on Unix systems and it might be desirable to skip them when listing files.\n\nDefaults to `true` on Unix systems and `false` on Windows",
               "type": [
                 "boolean",
                 "null"

From 75d61d564d3358f98bcbcee203a1a4c7a25a4745 Mon Sep 17 00:00:00 2001
From: Amr Bashir <amr.bashir2015@gmail.com>
Date: Sat, 17 Jun 2023 04:02:05 +0300
Subject: [PATCH 2/2] change file

---
 .changes/config.json         | 1 +
 .changes/core-leading-dot.md | 5 +++++
 2 files changed, 6 insertions(+)
 create mode 100644 .changes/core-leading-dot.md

diff --git a/.changes/config.json b/.changes/config.json
index 7d7bbe20e12..78a03db4c17 100644
--- a/.changes/config.json
+++ b/.changes/config.json
@@ -7,6 +7,7 @@
     "bug": "Bug Fixes",
     "pref": "Performance Improvements",
     "changes": "What's Changed",
+    "sec": "Security fixes",
     "deps": "Dependencies"
   },
   "defaultChangeTag": "changes",
diff --git a/.changes/core-leading-dot.md b/.changes/core-leading-dot.md
new file mode 100644
index 00000000000..432d94ac656
--- /dev/null
+++ b/.changes/core-leading-dot.md
@@ -0,0 +1,5 @@
+---
+'tauri': 'patch:sec'
+---
+
+Fix regression in `1.4` where the default behavior of the file system scope was changed to allow reading hidden files and directories by default.